Skip to main content

Posts

Showing posts from 2016

path to lines

Convert PATH to lines in order to grep I want to regexp check if a path is in my PATH environment variable.
There are many ways to achieve this, but this one is the one I want to show you today:
# echo $PATH | awk '{gsub(":","\n",$0); print $0;}' /usr/local/sbin /usr/local/bin /usr/sbin /usr/bin /sbin /bin /var/cfengine/bin
I can then "grep" what I want from this.

exim all mail catcher

All mail catcher with Exim 4, on Debian 8 We have un bunch of "development" VM that has the feature of sending a mail via a relay, or MTA. 
We usually achieve this by setting the "mail host" setting in the used framework or CMS.
But for development purpose, there is no need to really send the message over the Internet: if the "mail host" catches it all and delivers it to a mailbox, the work is done.
Here is how to setup an Exim 4 on Debian 8 in order to make it catched all mail for all destination and always deliver it to a single local mailbox. That signel local mailbox can then be accessed via IMAP so that the development team can check if the message has been sent by the application. Configuring with "debconf" The first stage of configuration is done with debconf
# dpkg-reconfigure exim4-config
Then choose the following answers:

Internet site; mail is sent and received directly using SMTPSystem mail name: (put the FQDN of this machine)IP-addr…

openldap nouvelle configuration

Configuration OLC (on-line configuration)
Historiquement, OpenLDAP se configurait via des fichiers textes "normaux", qu'on modifie et il fallait relancer le serveur pour prendre en charge la nouvelle configuration.

Depuis sa version 2.4, OpenLDAP utilise un nouveau système qu'il appelle OLC.

Dans ce document, il sera traité l'initialisation d'un OpenLDAP avec ce nouveau système, sachant que nous souhaitons:
"dc=rktmb,dc=org" comme racine"cn=admin,dc=rktmb,dc=org" comme super administrateur"rktmb" comme mot de passe du super administrateur Ce document se base sur une CentOS 7, mais il est applicable sur toute autre distribution Linux et même des BSD.

Importation des schémas de base
Dans "/etc/openldap/schema/" il y a plusieurs schemas à charger selon le type d'entrée avec lesquelles l'annuaire sera peuplé.
Les utilisations courantes mettent généralement en jeu "core", "cosine" et "inetorg…

vmware net_device trans_start

VMWare Workstation 12 and Kernel 4.7 When recompiling vmware kernel modules on a kernel 4.7, I get this error:

/tmp/modconfig-xrrZGZ/vmnet-only/netif.c:468:7: error: ‘struct net_device’ has no member named ‘trans_start’; did you mean ‘mem_start’?     dev->trans_start = jiffies;
This seems to be an already encountered problem: http://rglinuxtech.com/?p=1746http://ferenc.homelinux.com/?p=356 I choosed to replace the line, instead of deleting it.

- dev->trans_start = jiffies; + netif_trans_update(dev); I also noted that I had to re-tar the modified sources instead of leaving them untared, because the compilation process only takes the archives. 
On precedent editions of these files, I just left the modified folders "vmnet-only/" and "vmmon-only/" expanded without the need to re-tar them.


tomcat ssl existant

Tomcat: activer HTTPS avec des certificats SSL existantsDans le cas ou un certificat SSL existe déjà, voici comment faire en sorte que Tomcat serve en HTTPS avec les certificats existants.

Pour que cela fonctionne, il faut avoir en sa possession:
La clé privée qui a servie à générer le CSR, généralement un "*.key"Le certificat délivré par le registrar (ce qui a été délivré en réponse à la CSR), généralement un "*.cert"Le certificat de l'autorité, généralement un "*.pem". Par exemple pour Gandi, c'est https://www.gandi.net/static/CAs/GandiStandardSSLCA.pem, docmenté dans https://wiki.gandi.net/en/ssl/intermediate
Noter que la documentation officielle de Tomcat couvre un certain cas d'utilisation mais pas celui-ci. En effet, https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html traite des cas ou on souhaite autosigner le certificat, ou alors il traite du cas ou l'on doit encore générer le CSR à partir d'une clé privée, toutes les 2 encor…

vmware hostif userif get_user_pages

Kernel 4.6 VMware Workstation 12 get_user_pages error
My Archlinux system just upgraded to kernel 4.6 and when compiling VMware Workstation 12 modules, I get:

/usr/lib/vmware/modules/source/vmmon-only/linux/hostif.c error: too many arguments to function ‘get_user_pages’
Fortunately, this is a known problem, solved in the VMware Workstation Community forum.

The solution is to replace all "get_user_pages" calls with "get_user_pages_remote".

I got to replace:

1 occurence in "vmmon-only/linux/hostif.c"1 occurence in "vmnet-only/userif.c"

This made it for me. Thanks go to "the community".

References: https://bugzilla.redhat.com/show_bug.cgi?id=1278896


dockerfile multiline to file

Outputing a multiline string from Dockerfile
I motsly use a Dockerfile by sourcing from a base ditribution: CentOS or Debian.
But I also have a local mirror and would like to use it for packages installation.

Espacially on CentOS it is about many lines to write to the /etc/yum.repos.d/CentOS-Base.repo file.

Easiest way: one RUN per line The first method that comes in mind is to issue one RUN per line to write.
Here you are:

RUN echo "[base] " > /etc/yum.repos.d/CentOS-Base.repo RUN echo "name=CentOS-$releasever - Base " >> /etc/yum.repos.d/CentOS-Base.repo RUN echo "baseurl=ftp://packages-infra.mg.rktmb.org/pub/centos/7/base-reposync-7 " >> /etc/yum.repos.d/CentOS-Base.repo RUN echo "gpgcheck=0 " >>…

ssh fingerprint authenticity prompt

The authenticity of host can't be established I faced a weird problem today:

A Jenkins post-build job is configured to deploy via scp to a target serverJenkins runs as "integration" userAs "integration"  user, I already made sure the server is in "known_hosts", by manually SSH connected to it (when SSH-ing to it, I'm not prompted about the target server's identity anymore)The Jenkins job is still prompted about the target server's identity What was really weird:
From the Jenkins job, the target server's fingerprint is RSA based and is d9:fa:90:e6:2b:d2:f7:92:8b:28:3f:94:1e:bf:1b:fa.From an SSH session, the target server's fingerprint is ECDSA based and is 0d:2a:c3:3b:8f:f1:e9:bc:1f:5d:68:d3:84:6d:71:a8.
This is becauseThe Jenkins SSH plugin I use is not up to date and still use weak and old fashioned algorithms: the negiciation stops at a weak one, DSA.The SSH client (in SSH session) negociation ends up a stronger algorithm, ECDSA.

solr jetty listen 0000

Make Solr Jetty listen on 0.0.0.0 I recently downloaded and installed Solr 5, and by default it listens to 127.0.0.1. To make it listen on 0.0.0.0, an edit is needed to "jetty-http.xml".
The line <Setname="host"><Propertyname="jetty.host"/></Set> Needs to be  <Setname="host"><Propertyname="jetty.host"default="0.0.0.0"/></Set> This makes it listen on requests from any client. You should be carefull if you enable this.