More cfengine happiness

March 2nd, 2012 - 11:03May 20th, 2013 - 15:33 / bronto / Leave a comment

Please note: this will be 100% overkill when cfengine 3.3.0 will be out: the new awesome templating engine will make this kind of file editing trivial. Nevertheless, this was buzzing in my head for too long after I read the early release of Learning cfengine, so I wanted to give it a go in any case.

Objective: write a parametrised method to create an ntp.conf file, with all directives in a chosen order, and in a "human friendly" form.

As always, when you want to impose your own order to cfEngine (right or wrong that may be), you have to clearly understand what the normal ordering is, so that you'll have a clear picture of what is defined where. … Continue reading →

The right order in cfengine, revisited

February 29th, 2012 - 16:02May 20th, 2013 - 15:34 / bronto / Leave a comment

Soon after posting The right order in cfengine, I asked in the help list if it was the right way to do it. To discover that my approach was a bit too overkill 🙂

So, while still a bit overkill, the following could be a much better approach: … Continue reading →

The right order in cfengine

February 29th, 2012 - 12:02May 20th, 2013 - 15:34 / bronto / 2 Comments

NOTE: the code in this post has been revisited, be sure to read The right order in cfengine, revisited after this one.

I've been playing a bit with cfEngine recently, with different degrees of happiness and frustration. After reading the early release of the super-awesome O'Reilly's Learning Cfengine book, I decided to revise my experiments once again.

One thing I had trouble doing was to push out changes in a configuration file in the exact order I wanted them. Before reading the book it looked too odd and difficult; now it is still looks a bit odd, but doable. Let's see how it works. … Continue reading →

Artistic trouble ticketing at Opera

February 25th, 2012 - 19:02May 20th, 2013 - 15:34 / bronto / Leave a comment

Who said that trouble ticketing systems must be boring? A few days ago, a colleague in Poland asked for headphones in a rather original way, giving birth to a very interesting exchange with a sysadmin. … Continue reading →

Bug affecting NTP multicast users on Linux

January 31st, 2012 - 12:01May 20th, 2013 - 15:34 / bronto / Leave a comment

…and not just them.

It's the debian bug #654876 (CVE-2012-0207), which was introduced in the Linux kernel version 2.6.36, and affects IPv4 Multicast users. In particular, if you are using NTP multicast on that kernel version or higher, you are affected.

This bug seems easily exploitable in a local network, and may be used for denial of service attacks. Patches are available for Linux 3.0.17, 3.1.9, 3.2.1, with Debian porting it to their kernel package version 3.1.8-2.

For more information, see Ben's technical blog

New leap second in June

January 6th, 2012 - 16:01May 20th, 2013 - 15:34 / bronto / Leave a comment

Leap second coming at the end of June, watch your databases 😉

Up-to-date information and tutorials about Perl

December 15th, 2011 - 12:12May 20th, 2013 - 15:34 / bronto / Leave a comment

I don't like link collection pages, but I can make one exception for a good reason. And I have one.

A well known star in the Perl community is encouraging Perlers all around the world to give visibility to a number of interesting tutorials and news sites. Too often, obsolete crap pops out of google searches about Perl, and it's time to hint the search engines that there is something newer and better around.

So, for your and my pleasure, here you are:

Perl Tutorials

A collection of good Perl tutorials by Christian Walde.
Perl tutorials
Modern Perl Book
Perl Tutorial by Gabor Szabo

Perl news

Getting to know cfEngine3

December 9th, 2011 - 15:12May 20th, 2013 - 15:34 / bronto / Leave a comment

I've been doing a lot on cfEngine recently. At $PREVIOUS_EMPLOYER I used cfEngine 2, which I have liked a lot. Here at $WORK I did quite an extensive job on Puppet, but I always longed to try cfEngine again, this time with version 3. And, finally, I did. … Continue reading →

Solaris 11 as an NFS client to Linux

December 1st, 2011 - 15:12May 20th, 2013 - 15:34 / bronto / Leave a comment

Other strangeness again, but I am not going to blame it on Solaris this time 🙂 I was trying to make my Solaris workstation an NFS client to the Linux machine (the other way round compared to what I did months ago). /etc/exports was well configured on the Linux side, and I could actually mount my home directory from the machine itself:

mount localhost:/export/home/bronto /mnt

worked just fine. However, when I tried mounting from Solaris, I got a "No such file or directory".

After some research, it turned out that Solaris attempts to use NFSv4 by default; Linux NFS server has NFSv4 enabled, but the share was not exported with that protocol (only in NFSv3). So I could either export the share in NFSv4, or force Solaris to use NFSv3. I was short on time so I chose the second solution.

My /etc/auto_home now looks like this:

#
# Home directory map for automounter
#
bronto  -vers=3 linuxws:/export/home/&
+auto_home

and that just works. But I guess I'll be trying the NFSv4 version soon in the future 🙂

More Solaris 11 games

November 25th, 2011 - 11:11May 20th, 2013 - 15:34 / bronto / Leave a comment

More games to play with Solaris 11. This time it's resolv.conf, and MAC addresses. … Continue reading →

A sysadmin's logbook

in every challenge there is an opportunity

Sysadmin