Written by BenDecember 4, 2021December 4, 2021

centos7 NTP time synchronization – systemd and chronyd

I’ve been trying to get my new GitLab instance working at home, and am having issues getting the frontend and backend nodes to work together. # sudo gitlab-rake gitlab:gitaly:check Checking Gitaly … Gitaly: … default … FAIL: 7:permission denied. debug_error_string:{“created”:”@1638634177.607305857″, “description”:”Error received from peer ipv4:192.168.0.7:8075″,”file”:”src/core/lib/surface/call.cc”, “file_line”:1055,”grpc_message”:”permission denied”,”grpc_status”:7} After double and triple checking everything, I stumbled […]

Written by BenJanuary 5, 2021January 5, 2021

On SSH Certificates

Not to be confused with TLS (was: SSL) certificates. why? Problem 1: Does anyone check SSH server keys before accepting them? The authenticity of host ‘server (192.168.1.13)’ can’t be established. ECDSA key fingerprint is SHA256:P45XQklRehB7js1bfqpbRX+dq0vTEQoJbcwACNrSGow. ECDSA key fingerprint is MD5:d2:4a:3d:a1:59:ec:30:fe:36:11:1a:61:7c:f1:3f:eb. Are you sure you want to continue connecting (yes/no) A mechanism to distribute the known […]

Written by BenJanuary 7, 2020January 7, 2020

stash of /etc/os-release files

Which I use for bootstrapping puppet apply. Ubuntu 18.04 (symlink to /usr/lib/os-release) NAME=”Ubuntu” VERSION=”18.04.3 LTS (Bionic Beaver)” ID=ubuntu ID_LIKE=debian PRETTY_NAME=”Ubuntu 18.04.3 LTS” VERSION_ID=”18.04″ HOME_URL=”https://www.ubuntu.com/” SUPPORT_URL=”https://help.ubuntu.com/” BUG_REPORT_URL=”https://bugs.launchpad.net/ubuntu/” PRIVACY_POLICY_URL=”https://www.ubuntu.com/legal/terms-and-policies/privacy-policy” VERSION_CODENAME=bionic UBUNTU_CODENAME=bionic Fedora 31 NAME=Fedora VERSION=”31 (Workstation Edition)” ID=fedora VERSION_ID=31 VERSION_CODENAME=”” PLATFORM_ID=”platform:f31″ PRETTY_NAME=”Fedora 31 (Workstation Edition)” ANSI_COLOR=”0;34″ LOGO=fedora-logo-icon CPE_NAME=”cpe:/o:fedoraproject:fedora:31″ HOME_URL=”https://fedoraproject.org/” DOCUMENTATION_URL=”https://docs.fedoraproject.org/en-US/fedora/f31/system-administrators-guide/” SUPPORT_URL=”https://fedoraproject.org/wiki/Communicating_and_getting_help” BUG_REPORT_URL=”https://bugzilla.redhat.com/” REDHAT_BUGZILLA_PRODUCT=”Fedora” REDHAT_BUGZILLA_PRODUCT_VERSION=31 REDHAT_SUPPORT_PRODUCT=”Fedora” REDHAT_SUPPORT_PRODUCT_VERSION=31 PRIVACY_POLICY_URL=”https://fedoraproject.org/wiki/Legal:PrivacyPolicy” […]

Written by BenOctober 20, 2019October 20, 2019

heimdall on Centos7

You want to flash a Samsung Galaxy Android device. You’ll need heimdall. It’s not available as a package for Centos7, so you’ll need to compile it. Expanded instructions It uses cmake, which I’d not tripped over before, and the build process is a good deal messier than I expected. As in literally, it leaves stuff […]

Written by BenSeptember 11, 2019September 11, 2019

OEM support for Linux (firmware updates)

Ubuntu 18.04 and Centos 7.6 both run the fwupd service. This polls for updates on supported hardware. Support arrived in 16.04 and 7.4 respectively (from the docs.) hat tip Check the daemon’s status with the following; problems with any plugins are noted in the logs. systemctl status fwupd On ubuntu 18.04 updates are via the […]

Written by BenJune 8, 2019June 8, 2019

using Red Hat Universal Base Images

Announced Redhat Summit 2019, distribution of containers based on RHEL using their universal base image is now a thing. So, let us say you want to do some container stuff at home and use UBIs? Registering and using a service account Sources redhat developers blog. redhat blog. ubi. Sort yourself out with a Redhat login: […]

Written by BenMay 21, 2019May 21, 2019

gitlab runners – installation and basics

Introduction One of a number of posts on GitLab CI, see the gitlab-runner tag. Initial goal is to add syntax checking, validation, etc., to my puppet control-repo. It took me a little while to piece it together, and these are my notes. The starting page for official docs is https://docs.gitlab.com/runner/ but there’s pockets in other […]

Written by BenMay 13, 2019May 13, 2019

randomness on raspberry pi

The Pi has a hardware random number generator. Source. Hat tip. This is running Centos 7. It presents as /dev/hwrng. yum install rng-tools systemctl enable rngd systemctl start rngd # rngd -l Entropy sources that are available but disabled 1: TPM RNG Device 4: NIST Network Entropy Beacon Oh. It’s running as a daemon on […]

Written by BenMay 1, 2019

tftp part 3 – replacing xinetd with systemd

Part 1 – running tftp server non root (xinetd) Part 2 – the tftp client requires firewalld changes as well Part 3 – replacing xinetd with systemd (this blog post) Oooh, nice one systemd. During my investigation in Part 1, I tried to eliminate xinetd as the reason for the misbehaviour. I started up the […]

Written by BenMay 1, 2019

tftp part 2 – the tftp client requires a firewalld as well

Part 1 – running tftp server non root (xinetd) Part 2 – the tftp client requires firewalld changes as well (this blog post) Part 3 – replacing xinetd with systemd firewalld change on TFTP clients The rest of this blog post will elaborate on what happens if you don’t do this. The quick bit […]

thewatertower.org

linux, puppet, and stuff that comes along for the ride

Tag: centos7