CaaS3: Update hostname

Posted on Tue 18 December 2018 in Linux • Tagged with suse, caas, kubernetes, linux, notepad • 1 min read

linux-q0sf:~ # cat /var/lib/misc/infra-secrets/mariadb-root-password  
eVSf9Ss/HFa4Rj68ymzhmVsHvhdV6i5aqUpXuboMGRdwo1SVnysDd/wg0De+9FJymdBsJLdmYsdU
linux-q0sf:~ # docker exec -ti d72182149834 bash  
bash-4.3# mysql -u root -p  
Enter password:  
Welcome to the MariaDB monitor. Commands end with ; or \g.  
Your MariaDB connection id is 18  
Server version: 10.0.34-MariaDB SLE …

Continue reading

selinux - change default type

Posted on Thu 12 April 2018 in Linux • Tagged with selinux, linux • 1 min read

$ matchpathcon /tftpboot
/tftpboot       system_u:object_r:tftpdir_t:s0
$ semanage fcontext -a -t tftpdir_rw_t "/srv/tftp(/.*)?"
$ restorecon -Rv /srv/tftp

chrony - adjust time manually

Posted on Fri 22 September 2017 in Linux • Tagged with chrony, Linux, Notepad, Work • 1 min read

$ chronyc -m "password $( awk '{ print $2 }' /etc/chrony/chrony.keys  )" makestep

[notepad] ceph journal size/ssd speed

Posted on Tue 18 October 2016 in Linux • Tagged with ceph, journal, ssd • 1 min read

ceph journal size (doc)

not for bluestore

osd journal size = {2 * (expected throughput * filestore max sync interval)}

The default for filestore max sync interval is 5 therefore for a 10Gbit network the "perfect" size would be

osd journal size = { 2 * ( 1280 * 5 ) } = 12.5 GB

ceph ssd speed

The optimum …


Continue reading

Google Software Updater fuckups

Posted on Thu 22 September 2016 in Linux • Tagged with notepad, osx, linux, Google Chrome • 1 min read

google-software-updater

To disable the ksfetch (ks = keystone) daemon (which comes with google products) there are several ways to do this.

  1. Uninstall the Google Software Update Agent
$ /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle \
    /Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/Resources/ksinstall [--nuke] 

The --nuke parameter will also remove ksfetch related stuff.

  1. Set the checkInterval …

Continue reading

ejabberd + letsencrypt (ssl config)

Posted on Mon 05 September 2016 in Linux • Tagged with letsencrypt, Linux, notepad, ejabberd • 1 min read

[...]
listen: 
  - 
    port: 5222
    module: ejabberd_c2s
    certfile: "/etc/ejabberd/ejabberd.pem"
    starttls: true
    starttls_required: true
    protocol_options:
      - "no_sslv2"
      - "no_sslv3"
      - "no_tlsv1"
      - "no_tlsv1_1"
    ciphers: "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"
    dhfile: "/etc/ejabberd/dh2048.pem"
    [...]
  - 
    port: 5269
    ip: "::"
    module: ejabberd_s2s_in
    protocol_options:
      - "no_sslv2"
      - "no_sslv3"
      - "no_tlsv1"
      - "no_tlsv1_1"

[...]
s2s_use_starttls: required
s2s_certfile: "/etc/ejabberd …

Continue reading

entropy inside a virtual machine

Posted on Thu 30 June 2016 in Linux • Tagged with ceph, kvm, linux, notepad • 1 min read

Sometimes my ceph-(test!)deployments inside a VM failed.

The Problem is that the kernel/cpu can not provide enough entropy (random numbers) for the ceph-create-keys command - so it stuck/hang. It is not a ceph problem! This can also happen with ssl commands.

But first things first - we need …


Continue reading

openvswitch and OpenFlow

Posted on Fri 04 September 2015 in Linux • Tagged with ovs, linux, notepad, openflow, openvswitch • 2 min read

openflow

Layer 1

ovs-ofctl del-flow BRIDGE
ovs-ofctl add-flow BRIDGE priority=500,in_port=1,actions=output:2
ovs-ofctl add-flow BRIDGE priority=500,in_port=2,actions=output:1
ovs-ofctl dump-flows BRIDGE

Layer 2

ovs-ofctl del-flow BRIDGE
ovs-ofctl add-flow BRIDGE dl_src=00:00:00:00:00:01,dl_dst=00:00:00:00:00:02 …

Continue reading

Gentoo - initramfs with busybox, lvm and some more...

Posted on Tue 11 August 2015 in Linux • Tagged with Gentoo, linux, notepad, initrd • 1 min read

Preparations

mkdir -p /usr/src/initramfs/{bin,lib/modules,dev,etc,mnt/root,proc,root,sbin,sys}
cp -a /dev/{null,console,tty,sda*} /usr/src/initramfs/dev/

busybox

USE="static make-symlinks -pam -savedconfig" emerge --root=/usr/src/initramfs/ -av busybox

LVM
LVM provides already a static binary :)

cp /sbin …

Continue reading

ldap initial configuration

Posted on Fri 06 March 2015 in Linux • Tagged with ldap, Linux, notepad • 1 min read

A more or less initial configuration for openldap (>2.4)

##
# to import run:
# ldapmodify -Y EXTERNAL -H ldapi:/// -f $filename
#
# to verfiy run:
# ldapsearch -Y EXTERNAL -H ldapi:/// -b "olcDatabase={1}hdb,cn=config"
#
# to create a password:
# slappasswd -h {SSHA} -s admin
##

dn: olcDatabase={1}hdb,cn=config
changetype …

Continue reading