Principal Software Engineer/Architect, motorcyclist, drummer, and artist
Following are my notes and how-tos on creating, and managing PGP keys.
Here is a link to a website with some very good information and best practices for managing keys.
Most of this article deals with the concept of setting an expiration date on a set of keys to a reasonable time and how you can update that key as time goes by. You should set a reminder in whatever calendar system you are using to remind you to → Continue reading “Creating, Updating Expiration of and Posting PGP Keys”
Following is a quick how-to on compiling and adding addition SELinux modules.
When configuring and deploying new and/or custom services on systems that are enforcing SELinux you will likely have to compile addition SELinux modules.
This how-to includes how to go through each step of compiling a new module one-by-one; similar to the model of breaking down the compilation of C and C++ into it’s composite steps.
Step 1: Gather the audit.log entries
You will need to determine which → Continue reading “How To Compile and Install New SELinux Plicy Modules”
There are a number of tutorials online for adding a new disk to a machine and then extending an existing LVM partition to use the new device.
This particular tutorial covers the use case of adding a new disk to a Linux server and then creating a NEW LVM partition on it without modifying the existing devices and LVM partitions.
The first thing you will need to do is add the physical device to the server (or VM).
Then, you → Continue reading “Adding a New Disk to a Linux Server and Creating an LVM Partition”
I am working on a VM that is running GNOME under RHEL 7 and I typically run with 12 workspaces. The default GNOME install only has the keyboard shortcut configurations up to “Switch to workspace 4”.
It turns out that the solutions is to use the gsettings cli tool to add additional shorcuts.
$ gsettings set org.gnome.desktop.wm.keybindings switch-to-workspace-5 "[\"<ControlF5\"]"
$ gsettings set org.gnome.desktop.wm.keybindings move-to-workspace-5 "[\"<Alt5\"]"Or, otherwise know as: SELinux and Silent Denials.
Sometimes when troubleshooting SELinux issues, you will have added new policies for each of the denial causes written to the audit.log, but SELinux will still be denying access . . . and not giving you any further information about it in the audit.log.
Various processes often execute additional system calls that are above an beyond what they need to do for normal operation. Many of them are blocked, and in order to → Continue reading “How to See SELinux Denials That Do Not Show In the audit.log”
In order to be able to access a Samba share on a remote client as a mounted file system execute the following command, as root on the client:
mount -t cifs -o user=<user-on-samba-share,uid=<uid-on-local-macheine,gid=<gid-on-local-machine,rw,workgroup=<your-workgroup//ip/share /mnt/mount-point-dirYou will be prompted for the password for the user defined on the Samba server.
If you are able to authenticate, and then get the following error:
ls: reading directory .: Permission deniedCheck the SELinux context type of the directory on → Continue reading “Mounting a Samba Share From Linux Client to Linux Samba Server”
This is one of those things that I tend to do on a regular basis . . . but unfortunately don’t remember the details each time, so I am adding it for future reference.
Often, developers will want to mock static methods that return void. The Mockito and PowerMockito frameworks provide for this, but the syntax isn’t immediately obvious.
Following is an example.
public class SomeClass {
public static void doSomething(String arg1, int arg2) {
// Method that does something...
If you are building a Java program that requires the ability to execute native commands on the machine which require sudo it requires some additional considerations other than just writing the Java code.
The problem is that sudo, by default, requires a tty for executing sudo such that a password can entered. Even if you configure sudoers to grant NOPASSWD access to a specific command you will still get the following error
sudo: sorry, you must have a tty to When maintaining a Hadoop cluster, you will need to restart various service from time-to-time when/if you update Hadoop configurations.
I ran into a problem today with Ambari where I wanted to do a rollling restart of all of my DataNodes, but when I clicked on the “Restart DataNodes” entry in the “Restart” drop down the dialog indicated “There are no DataNodes to do rolling restarts”.
This was clearly incorrect.
It did not take me too long to figure out that → Continue reading “[SOLVED] Ambari There are no DataNodes to do rolling restarts when there are DataNodes that do need a restart”
I was having some issues with the ambari-metrics family of services on a ‘pseudo-distributed’ cluster that I have installed on my workstation.
The symptoms were:
1. Ambari indicated the following CRITICAL errors in the Ambari Dashboard under the Ambari Metrics section
Connection failed: [Errno 111] Connection refused to rchapin-wrkstn:61882. After attempting to restart the ambari-metrics-collector via either the Ambari Dashboard or through the commandline (# ambari-metrics-collector [stop|start]) you see the following (similar) messages in the ambari-metrics-collector.log
2016-09-02 12:15:37,505 INFO