LinuxAdmin: Expanding Linux SysAdmin knowledge

Subscribe to LinuxAdmin: Expanding Linux SysAdmin knowledge feed
Expanding Linux SysAdmin knowledgelinuxadmin: Expanding Linux SysAdmin knowledge
Updated: 16 min 53 sec ago

Oracle Linux, just put Intel Microcode back into package?

4 hours 16 min ago

Am I reading this right, they pulled the new "update" microcode_ctl from RH stream and then PUT the code that RH pulled out ... back in? That's what I'm reading here in the changelog right? Just looking for a second/third pair of eyes on this. https://linux.oracle.com/errata/ELSA-2018-0093.html

Running Oracle Linux btw isn't not my choice.

submitted by /u/killergoalie
[link] [comments]

Linear Raid Array on multiple encrypted disks

5 hours 47 min ago

Hi everyone,
I need to create a linear aray (no RAID-X, just a concatenation of disks, JBOD) on some luks-encrypted disks on Linux.
This is the main idea:

1) Have N disks
2) Encrypt each disk with LUKS
3) With mdadm create a linear array (no raid-x, just concatenation) to see it as a single drive

These are the important requirements:

  • Files must not spread across multiple drives, a single file must be contained on a single disk
  • If you extract a single disk, we should be able to extract data on said disk, after unblocking the drive with a luks passphrase

Can this be done?
What happens to the array if I remove a disk?
Can I recover data from all the other disks If I remove a single drive?
Are there any particular mdadm flags I should set?

Thanks in advance

EDIT: I understand that disks have to be unlocked one by one

submitted by /u/Murlocs_Gangbang
[link] [comments]

How come everything is easier on Ubuntu? Why isn't it used more in Production?

6 hours 5 min ago

Seriously, anytime I need to setup a service or configuration all I do is a run a couple of commands on Ubuntu and I'm up and running, rarely coming across any issues.

With CentOS, more often than not it's a mess and requires troubleshooting.

What gives

submitted by /u/anacondapoint6
[link] [comments]

Help checking for new files in a shared virtualbox folder.

8 hours 56 min ago

So here is my setup currently.

Windows laptop with Linux VM using virtualbox Other Linux laptops

Windows laptop has software that takes pictures, then puts those pictures in a shared folder between the Windows host and the Linux Guest VM. The Linux VM then needs to copy files from the shared folder into another directory that is shared out via NFS to the other Linux laptops.

They used to have some sort of Windows NFSaxe tool on the Windows laptop but it doesn't work properly anymore so I went with this hacky VM solution to solve this (Windows 7 but not Enterprise so doesn't have the NFS client installation capability that Enterprise has apparently)

So I wrote a script using python + watchdog to check for new files in that directory, my understanding is watchdog utilizes inotify but because of this it only detects if new files are placed in that directory via the Linux VM, if the Windows system tosses in test.jpg then the script doesn't detect anything new and never moves the file to the other directory.

Right now I have a super cludgy script that sleeps for 60 seconds then checks that directory, gets a list of what is there and puts that into a dict, then checks for anything new 60seconds later, moves any new files to the other folder and updates its dict. Not the most elegant of solutions but it works, just wondering if there is a better way to do this. Sadly the camera software we use only works on Windows currently.

submitted by /u/bfrown
[link] [comments]

Block SSH via CLI

10 hours 46 min ago

My team uses Aker to SSH to internal servers and soon to customer servers as well. However sometimes they need to SSH to a server that's not on the list. That's why they have a normal console but next to that Aker.

Is there a way I can block them from using SSH via CLI to the IP addresses in the list that are in Aker, so I force them use Aker? Like is there a way I can block users from using the command ssh root@X.X.X.X while not blocking it via the firewall?

The best way would be using an alias I think in .bashrc?

submitted by /u/Ramshield
[link] [comments]

Need help fixing a permissions issue

Wed, 01/17/2018 - 18:26

So i did a terrible thing. I was trying to set permissions and not knowing what i was doing i did: chmod -R 777 /*

This did something weird to the system and now i cannot login as root or even use sudo. Anyone have any idea how to fix this?

This is Debian if that makes any difference.

submitted by /u/newITuser
[link] [comments]

Galera, Centos 7.4 x86_64 questions (setup is working)

Wed, 01/17/2018 - 17:41

Hi there.

Just fiddling around getting galera working on two servers. It's now running fine, albeit with selinux disabled. Will fiddle with that.

Meantime, I have a question. to get the master node (server1) started, I go "galera_new_cluster", on the other box (server2) I go "systemctl start mariadb".

Now. Say I need to reboot server1. I go to server2 and systemctl stop mariadb. Probably the same on server1. I reboot the server.

Once it's rebooted, I'm probably getting errors about restarting the mariadb service from systemctl. So I assume I systemctl disable mariadb. I need to run galera_new_cluster again. And only at that point do I systemctl start mariadb on server2.

A bit messy, the restart of the service process. Has anyone tidied this process up? What did you do? Or have I got it completely wrong?

submitted by /u/Laurielounge
[link] [comments]

HAProxy and rsyslog

Wed, 01/17/2018 - 16:00

I have been playing around with different dashboards for my HAProxy deployment and I am confused by the logging. In HAPRoxy's config we specify the log location, then have rsyslog send it over to the logging server. My question is, why not just send it directly to the logging server? It would seem that HAProxy could just point to a dedicated logging machine (instead of pointing at 127.0.0.1). I haven't seen this used in the wild and I dont know if there is something I just am missing or don't know about.

submitted by /u/wisdum
[link] [comments]

Better career move; learning Openshift or bare bones kubernetes?

Wed, 01/17/2018 - 08:05

I'm currently at a crossroad and need everyone's advice.

I want to move into the container development, management, and orchestration world out of interest and curiosity but I don't know which path to take.

I know Openshift is a platform built on kubernetes, but in terms of job prospects, would it be better to specialize on a kubernetes specific platform or just go right into bare bones kubernetes?

I'm RHCE certified if that makes any difference, so there's a reason to pursue Openshift there

submitted by /u/livintx
[link] [comments]

Question for the group around LFCS

Tue, 01/16/2018 - 22:10

My boss has agreed to pay for LFCS. I have probably what I would consider intermediate linux knowledge currently. What I'm trying to decide is if I should book the test and focus on CentOS or Ubuntu? I work in a data center currently that has a lot of RedHat - so does that mean I should go CentOS? Is Ubuntu server more prevalnet elsewhere? Does it really matter that much even?

Thanks in advance, sorry if its a stupid question.

submitted by /u/bigdizizzle
[link] [comments]

Can anyone name a good tutorial/starting point for looking into MariaDB clustering/replication?

Tue, 01/16/2018 - 20:52

Hi, I'm looking for a tutorial, or any starting point to look into replicating/clustering MariaDB/MySQL servers. I'm starting an apprenticeship in IT in summer and wanted to have a look into that topic for fun.

submitted by /u/niemalsnever
[link] [comments]

What do you use to capture, organize your important things and tricks?

Tue, 01/16/2018 - 15:06

I wanted to ask you how you organize your notes and tricks. I mean things typically computer, some syntax, commands, maybe scripts. For some time I have been looking for some to add to my server and three things in one place. Very populatny of what I see is Evermote but maybe you have some other nice solutions on your own servers?

submitted by /u/TheBocios
[link] [comments]

[Jenkins] how does a job got triggered?

Tue, 01/16/2018 - 13:17

I got jenkins setup. I have a test job call test. All it does it echo foo. For simplicity, there's no trigger, only manually hitting build now via the gui.

Can anyone explain to me how the job works? Is there a file get queued somewhere and then get executed?

The reason I ask this is because I have two jenkin box and i want the second jenkin box to mirror what the first jenkin box is doing with a small time delay. I was wondering if there a file created somewhere when you hit build now. Where I can rsync cron it over to the second jenkin box to trigger the job.

submitted by /u/juniorsysadmin1
[link] [comments]

Clustering , high availability , load balancing ? How do to these

Tue, 01/16/2018 - 12:32

Hey,
I'm it guy with decent linux knowledge as user, and im looking to expand my knowledge. so my company has 10 abandon servers with decent spec , and im looking to learn how to do "Clustering , high availability , load balancing" with them but i don't know where to start or how i can make the environment like the real deal? What tools/products should i use? i don't have money to pay for courses or such, and the system admin in my company is a nice guy but not that nice to teach me, im just poor fella
Thank you in advance

submitted by /u/Newbi8283
[link] [comments]

unable to assign unix permissions to mounted drive.

Tue, 01/16/2018 - 09:42

My job just started using a Netapp as a file storage system and for some reason I am unable to assign group permissions (chmod/ chgrp) on the folders. I have the folders auto mounted so I can reach them but for some reason when I try and change the ownership of the folder it doesn't recognize the groups/user. I'm not sure if this is on the netapp side or linux side. Thanks in advance

submitted by /u/Mazurke
[link] [comments]

Looking for a good book on Linux system administration

Tue, 01/16/2018 - 05:59

I am doing the course "Essentials of Linux System Administration (LFS201)" on Linux.com.
I like the course, but what I need is a good book next to it.
Does anyone know a good book on the subject of Linux System Administration?

submitted by /u/DontwakemeUp46
[link] [comments]

Just had the "Open Source is for playing with, not for business" conversation with my boss

Mon, 01/15/2018 - 23:06

What is this, 1997?

This comes about as I'm deploying Moodle for some online training we are doing. Yes, Postgres, Linux, and MySQL -- who really uses that stuff? And yes, Moodle may not match 100% of our requirements in the long run, but which will be cheaper -- hiring someone to write a Moodle extension, or hiring someone to write an entire LMS from scratch?

submitted by /u/bodangren2
[link] [comments]

Server is stuck in a pxeboot loop. Finds kernel initrd and vmlinuz then reboots

Mon, 01/15/2018 - 22:35

Hiya!

We are trying to upgrade our CentOS 6.9 server (Dell PowerEdge C6145) with bigger SSDs and are trying to do a fresh install over pxeboot. This client looks to an other server that hosts dhcp/dns/Foreman/tftp and kickstart scripts. Everything seems to be fine with all our services running. The problem occurs when the client begins pxe booting. It'll get an IP address from dhcp, find the linux kernels over tftp, load them, then immediately reboot where it will start the process all over. There are no other messages. I've tried changing the OS of the kernel that is loaded to CentOS 6.5, or CentOS 7.3, they all suffer the same issue (I get these kernels from mirror.centos.org and put them on my tftp server).

Every single time, this is the last thing I see before the screen blacks out, the system reboots, and the process starts all over again: https://i.imgur.com/EFxlGHn.jpg

There's no other warning messages. Any ideas on what I should fix?

pxelinux.cfg for client:

default linux label linux kernel boot/CentOS-6.9-x86_64-vmlinuz append initrd=boot/CentOS-6.9-x86_64-initrd.img ks=http://foreman:80/unattended/provision?token=0f6a663d-cfbf-4996-9822-2aaa5cdda9ff ksdevice=bootif network kssendmac IPAPPEND 2

Edit: I just tried a USB boot with CentOS 6.9 and the same exact thing happened. Loads initrd, loads vmlinuz, Probing EDD, reboots.

submitted by /u/polkaron
[link] [comments]

Securing a Samsung 850 EVO SSD for surplus

Mon, 01/15/2018 - 12:28

I've got an old 500GB Samsung 850 EVO SSD that I'd like to surplus. I've seen a lot of conflicting information about securing used SSDs for sale, and I have what is probably a dumb question. The product data sheet says these drives support AES-256 self encryption. Samsung published a whitepaper on this series which is no longer available on their website, but I found an exerpt floating around which said

AES encryption is always active on an 840 or 840 Pro Series SSD. In order to benefit from the encryption feature, however, the user must enable an ATA password to limit access to the data. Failure to do so will render AES-encryption ineffective – akin to having a safe but leaving the door wide open.

Does this imply that the drives ship from the factory with an encryption key but no password, and that an ATA secure erase is sufficient to secure the drive to be surplussed even if we never set our own ATA password? hdparm reports

Security: Master password revision code = 65534 supported not enabled not locked not frozen not expired: security count supported: enhanced erase 2min for SECURITY ERASE UNIT. 8min for ENHANCED SECURITY ERASE UNIT.

"not enabled" suggests that's not true, but only 8 minutes for an enhanced security erased suggests it is true since that wouldn't be enough time to zero out the entire drive.
Anyone know the deal with these drives? Or does anyone have an up-to-date and reliable resource about securing SSDs for surplus?

submitted by /u/redhat_noob
[link] [comments]

Pages