Trying to fix an issue with snmp, I started by building an snmp module using audit2allow. It kept failing to load, and the error message is a little cryptic...


[root@host thomas]# semodule -i snmp.pp
libsepol.print_missing_requirements: snmp's global requirements were not met: type/attribute snmpd_t (No such file or directory).
libsemanage.semanage_link_sandbox: Link packages failed (No such file or directory).
semodule: Failed!


The .te file for the module looks like this:

Had an sssd process spinning and using 100% cpu. Did an strace on it and saw that it was complaining about too many open files.


pid accept(24, 0xaddress, [110]) = -1 EMFILE (Too many open files)


getting the number of open files for the process.


# lsof -p $(pidof sssd_pam) |wc -l
1065


Looking at the limits for sssd, I saw that the nofile was set to 1024, which appears to be the default everywhere I tried.

Lightening talk I gave at SASAG on Sept 12, 2013.

Quick intro to using netcat and gnutls-cli to interact with HTTP, IMAP and SMTP and debug problems.

Talk I gave at puppetconf2013 on using exported resources to dynamically configure your system. Using augeas and concat the examples build up a working dns implementation that is automatic. The system was simplified a lot for the talk but the principles of using exported resources to configure the system is powerful.

Puppet posted the video.
The slides are here: http://goo.gl/nR9rti

I knew this script looked familiar, I just wrote the same script as I wrote almost a year ago. I guess I didn't do a good job getting it on the google's, cause I couldn't find it until I started posting about it...github:pass_to_shadow.py

Maybe this time I'll include some of the code in this post.


#!/usr/bin/python

# * Thu Jul 11 2013 Thomas Uphill
# - encrypt a password with sha512 by default
# - generate a crypt suitable for placement in /etc/shadow

This has come up 3 times in the last few days so I thought I'd share it. The situation is that there are files at /var/spool/mqueue that are part of the /var filesystem. But there is also another filesystem mounted at /var/spool/mqueue with it's own files. You want to access the files under the mount but you can't. So, there are two ways around this (in this instance).

Overview of KVM

Intro to puppet

Thanks everyone who came to the talks, great conference this year. Thanks to puppetlabs for all the support. Getting better every year, looking forward to next year! (just hope it stays smaller than LISA)

The scenario is that users are controlled by sssd and you want to add a user locally for those times when your connection to your password backend goes down. Useradd won't let you do it though, cause the user already exists. I figured augeas would be the perfect way to do that but I kept hitting a problem, augeas would fail.

I was trying to get my Samsung TV to play files from my Beefy miracle box and although it was able to connect, it would not show any files. It took a bit of hunting around but I found the following patch needed to be applied to get the files to display.

diff -ruN mediatomb.orig/tombupnp/upnp/src/genlib/net/uri/uri.c mediatomb/tombupnp/upnp/src/genlib/net/uri/uri.c


A talk I gave at Lopsa NJ on linux-kvm, slides in a google doc here

John recorded the talk so maybe it'll be posted on lopsa's website soon...