Thursday, March 19, 2020

Using sudo with WinSCP


This was specifically for HP-UX, so kornshell (KSH), but can be used for Linux with bash when you don't want users to login directly using a service account.  You will also need to give sudo rights in the sudoers file like normal, but many people don't realize that you can use sudo with WinSCP as shown below.

I think you may also need to adjust an SSH setting related to requiring a TTY if it doesn't work for you.
It would need to be changed to
Defaults !requiretty




sudo notes:
dparker         ALL = (ALL)ALL, !SU
HELPDESK        ALL = ALL, !SU
The first ALL represents the users allowed to run the command (this can be an individual or group)
The second ALL represents the hosts
The third ALL is the target (who you are when running the command)
The last ALL is the group of commands allowed
Posted by at

Monday, June 25, 2018

RFC 2307 Unix to AD attributes Legend

What Active Directory Attributes did the Unix Attribute tabs expose in the Active Directory Users and Computers MMC snap-in prior to Windows Server 2016?

The following Active Directory Attributes were configurable from the Unix Attributes tabs in Active Directory Users and Computers prior to Windows Server 2016. This table is provided as a reference and with Windows Server 2016 all of these attributes can be modified... see here for more details:
https://blogs.technet.microsoft.com/activedirectoryua/2016/02/09/identity-management-for-unix-idmu-is-deprecated-in-windows-server/
 
Dialog name
AD Attribute
RFC2307 attribute
Example
User object
Group object
Computer object
UID
uidNumber
X
1000
X
 
 
Login Shell
Loginshell
X
/bin/bash
X
 
 
Home Directory
unixHomeDirectory
X
/home/username
X
 
 
Primary Group name/GID
gidNumber
X
10002
X
X
 
Members
MemberUid
X
Administrator
 
X
 
iphostnumber
ipHostNumber
X
10.2.2.2
 
 
X
NIS Domain
maSFU30NisDomain
 
“example”
X
X
X
Members
msSFU30PosixMember
 
CN=Group,CN=Schema, CN=Configuration, DC=Woodgrove,DC=Local
 
X
 
Name
msSFU30Name
 
“Server123” or “Administrator” or “unix group”
X
X
X
Computer Aliases
msSFU30Aliases
 
Alias1; alias2
 
 
X
Posted by at

Wednesday, February 21, 2018

unetbootin with ubuntu 17.10

Error message when trying to run unetbootin after install:
No protocol specified
unetbootin: cannot connect to X server :0


The following worked for me to resolve the issue:
xhost local:root
     non-network local connections being added to access control list
sudo QT_X11_NO_MITSHM=1 /usr/bin/unetbootin

Posted by at

Monday, June 12, 2017

QuadStor VTL Setup Notes

https://www.quadstor.com/vtl-extended-edition-downloads.html
https://www.quadstor.com/virtual-tape-library.html

The following are the minimum system requirements
  • Multicore/MultiCPU Intel/AMD Processor system
  • 8 GB RAM. 64 GB or more recommended for data deduplication
  • RHEL/Centos 6.x/7.x, SLES 13 SP3 or Debian 7/8 for x86_64/AMD64 architecture
  • QLogic 4Gb/s or above HBA(s) for Fiber Channel connectivity
  • 1/10 Gb Ethernet ports for iSCSI connectivity

ip addr add 192.168.1.75/24 dev enp0s3
ip route add default via 192.168.1.1 dev enp0s3
# yum update
# yum install dkms gcc make kernel-devel bzip2 binutils patch libgomp glibc-headers glibc-devel kernel-headers
# mkdir -p /media/cdrom
# mount /dev/cdrom /media/cdrom
# sh /media/cdrom/VBoxLinuxAdditions.run
rpm -q kernel
rpm -q kernel-devel
Make sure they are the same version.  Remote to start using the newest version.
  Confirm you are using newest version using uname -a.
Then rpm -e the old kernel version.
yum install httpd
yum install sg3_utils
yum install policycoreutils-python
gcc, perl kernel-devel were already installed.
/sbin/chkconfig --add httpd (RHEL/CentOS)
sudo systemctl enable httpd.service
sudo systemctl restart httpd.service

yum install sssd realmd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation openldap-clients policycoreutils-python -y
/usr/sbin/setsebool -P httpd_enable_cgi 1
/usr/sbin/semanage permissive -a httpd_t
sudo firewall-cmd --add-service=http --permanent && sudo firewall-cmd --add-service=https --permanent
sudo systemctl restart firewalld
/etc/init.d/quadstorvtl start
Posted by at
Labels: , , ,

Friday, May 26, 2017

Redhat 7 root password recovery

This is really a note for myself... since it is so terse with no pictures, but may be helpful to someone else. At the boot menu press "e" to edit the boot option find the vmlinuz line and after the root= entry find the ro entry and prior to this enter rw init=sysroot/bin/sh Press Control X and after it boots in single user mode... type chroot /sysroot passwd root passwd mount -o remount / touch /.autorelabel
Posted by at
Labels: , , , ,

Wednesday, March 22, 2017

HPUX NTP setup

/etc/hosts
192.168.1.4. ntp1
192.168.1.5  ntp2

/etc/ntp.conf
server 127.127.1.0  #Local clock
fudge 127.127.1.0 stratum 10

server ntp1 prefer
server ntp2

/etc/rc.config.d/netdaemons
export NTPDATE_SERVER=ntp1
export XNTPD=1
export XNTPD_ARGS="-l /var/adm/xntpd.log"

NTP Pool as alternate external NTP if ports are open:  north-america.pool.ntp.org

My recommendation is for NTP entries to be in DNS as cname records and then just reference the cname records in your configuration files... so if you ever need to change the NTP server you do not have to edit hundreds of client NTP client files.  Just update the DNS entries for NTP1 NTP2 etc.

The reason you update /etc/ntp.conf as well as ntpdate in the netdaemons file... is that ntpdate is intended for a single use on boot up... then from that point on... it gets updated from xntpd running from the /etc/ntp.conf configuration.  The reason for this is that xntpd will refuse to start if the local clock is off by more than 1000 seconds off from the NTP server you wish you get time from and if this happens the xntpd won't start and time will be way off until someone notices... manually runs ntpdate and then starts xntpd again.  Be careful not to cause your clock to go backwards or jump ahead after a database or application is running if it is sensitive to time.  Be sure to read about setting the options to SLEW the clock if you have things like a database running when you need to affect a large time change.

Posted by at
Labels: ,

Tuesday, December 6, 2016

Remove Nvidia Proprietary Driver to avoid crashing

Ug... best not to purchase one of these in the first place.  Buy a different card if you can.  Nvidia is the worst.
Symptom:  Running Ubuntu 16.04 and after loading the proprietary Nvidia driver and rebooting login would fail and loop back to the login screen again.
Removed using the following:
Ctrl+Alt+F1 so you can get to a tty prompt
sudo apt-get remove --purge nvidia*
sudo apt-get install ubuntu-desktop
sudo apt-get autoremove
sudo rm /etc/X11/xorg.conf
echo "nouveau" | sudo tee -a /etc/modules
sudo reboot
sudo add-apt-repository --remove ppa:graphics-drivers/ppa
sudo apt-get autoremove
sudo apt-get autoclean


Bryan Payne on Linkedin  https://www.linkedin.com/in/paynebryan

+Bryan Payne add me on Google Plus

Posted by at
Labels: ,
Subscribe to: Posts (Atom)