Crontab Sudo Shenanigans
- May
- 16
- Posted by TKH Specialist
- Posted in redhat, Security
OK, here is a situation I haven’t seen in a while and it tripped me. There I admitted it! We have an application that requires a restart of Apache everyday (that is a different discussion). Regardless I gave them sudo access so they could script the job to run with their process. Obviously I thought […]
read moreMy MySQL Cheat Sheet
- Apr
- 23
- Posted by TKH Specialist
- Posted in MySql, redhat, System Administration
I know, man. No, I mean I know I could use ‘man pages’! Or I could just ‘google it’ but then it isn’t mine. Since I do not have time for a complete brain-dump this MySql “cheat sheet” will grow over time. Feel free to add your favorite MySql commands in the comments, if their […]
read morePutting ‘lsof’ to use
- Apr
- 19
- Posted by TKH Specialist
- Posted in redhat, Security, System Administration
- 3
lsof is a powerful tool that has proven very userful over the years in troubleshooting and forensic investigations. Here are some useful lsof command examples: In this example we are looking at all the files a given process has open (pid=1655 here this is the zabbix agent) lsof -p 1767 Note you can clean up […]
read moreChanging the Volume Group Name
- Apr
- 15
- Posted by TKH Specialist
- Posted in LVM, redhat
One of the problems with cloning a system is that it has the same volume group names as the server it was cloned from. Not a huge problem but it can limit your ability to leverage the volume group. The fix appears easy but there is a gotcha. RedHat provides a nice utility: vgrename If […]
read morememcached
- Apr
- 12
- Posted by TKH Specialist
- Posted in Kuali, redhat, tomcat
In support of the Kuali project. Setting up true fail over for the Kuali application servers. Currently if a node went down, the user would need to re-authenticate. The following procedure configures the system so it can lose a node and the users on that node will not lose their session. My part on the […]
read moreExtended ACLs
- Mar
- 19
- Posted by TKH Specialist
- Posted in redhat
To remove permanently ACL from a file: # setfacl -bn file.txt To remove permanently ACL from an entire directory: # setfacl -b –remove-all directory.name To overwrite permissions, setting them to rw for files and rwx for dirs $ find . ( -type f -exec setfacl -m g:mygroup:rw ‘{}’ ‘;’ ) -o ( -type d -exec […]
read moreFixing Authentication refused: bad ownership or modes for directory
- Mar
- 14
- Posted by TKH Specialist
- Posted in redhat
When this error: Authentication refused: bad ownership or modes for directory Shows up in /var/log/messages When trying to setup public key authenticated automatic logins, the problem is a permissions one. You’ll need to perform the following commands on the user account you are trying to setup: chmod go-w ~/ chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys
read moreX11 error on login to RedHat Servers
- Dec
- 21
- Posted by TKH Specialist
- Posted in redhat
I noticed that since the last set of patches many of my redhat 6 systems are reporting an X11 forwarding error after login: X11 forwarding request failed on channel 0 To correct this problem you need to install the following package yum install xorg-x11-xauth I have not had the time to investigate why this is […]
read moreBuild a PaaS using Open Source Software
- Jun
- 29
- Posted by TKH Specialist
- Posted in linux, redhat, summit
Discussion about OpenShift. OpenShift has been fully open-sourced, available on GitHub for local deployment, or directly usable as a hosted solution. Rule #1: IaaS != PaaS Virtual machines : Application is not necessarily 1:1 Rule #2: PaaS is not a silver … Continue reading →
read moreApplication High Availability in Virtual Environments
- Jun
- 27
- Posted by TKH Specialist
- Posted in linux, redhat, summit
http://www.redhat.com/summit/sessions/index.html#394 Great discussion around Red Hat’s solutions for clustering, fencing, etc, in virtualized environments. Fencing is /very/ important for shared resources, especially disk. In a virtualized world (RHEV, VMWare, etc), fencing tools can reach right into the hypervisor to kill … Continue reading →
read moreRecent Comments
- Stefan on Flush This!
- Timestamping your Bash History | Matt's Entropy on Remember when you issued that command…?
- Matt Smith on Remember when you issued that command…?
- Ruan on Putting ‘lsof’ to use
- Dylan F. Marquis on External Mapping of LDAP attributes in CAS