search for: treydock

...e chroot's /etc/passwd. Is there possibly something I may have not put in the chroot that is needed for id->name mapping? Here's how I setup the chroot...I'll provide a full write up once I get this last issue fixed... cd /home/ mkdir chroot cd chroot/ groupadd chrootusers useradd treydock usermod -a -G chrootusers treydock mkdir -p ./{dev,etc,lib,lib64,usr,bin,home} mkdir -p ./usr/{bin,libexec} mkdir -p usr/libexec/openssh mknod -m 666 dev/null c 1 3 cp -R /etc/skel home/treydock chown -R treydock:treydock /home/chroot/home/treydock cp /etc/ld.so.cache /home/chroot/etc/ cp /etc/...

On Thu, Sep 29, 2011 at 9:35 PM, Lucian <lucian at lastdot.org> wrote: > On Fri, Sep 30, 2011 at 2:22 AM, Trey Dockendorf <treydock at gmail.com> > wrote: > > I had a recent request to improve security on my web servers by having > each > > website use a different user to run the hosting service. So > > example1.comhas it's own Apache instance running as apache1 and then > > example2.com ha...

Over the years many shops have come to start running puppet via cron to address memory leaks in earlier versions of Ruby, but the official position was that puppet was meant to be run as a continually running service. I am wondering if the official position has changed. On one hand many if not all of the early Ruby issues have been fixed, on the other, the addition of mcollective into the mix as

I have a file resource defined to be owned by a group that is accessible via samba/winbind (AD based group), but every time Puppet runs automatically (every 30 min) the run fails with this error , (sensitive information removed) (/Stage[main]//Node[node1.tld]/Apache::Vhost[vhost1]/File[/var/www/ vhost1/html]) Could not evaluate: Could not find group org-www at /etc/

Hi guys, As we discussed in the last CentOS SIG Virt meeting below the steps that we do to rebuild the qemu-kvm from http://vault.centos.org to enable the rhev-features like live snapshot for CentOS. 1. Download the last qemu-kvm from http://vault.centos.org/${version}/updates/Source/SPackages/ 2. mock -D "${build_version}" -r epel-6-x86_64 --with=rhev-features --rebuild

I have decided to migrate my latest KVM server to CentOS 6.0 and am beginning to get a little frustrated with some issues that worked perfectly in 5.6. Right now I've given up on getting virbr0 and NAT to work, but now I need networking bridging to work, but nothing seems to fix the issue. I have not had much experience with troubleshooting KVM so could really use some pointers on resolving

I am unable to get the #includedir function to work with sudo. This works just fine on all my CentOS 5.6 servers, but on 6 it is being ignored. I have this line in the file /etc/sudoers.d/zabbix-puppet zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet However sudo still requires a password. If I put that same line into /etc/sudoers file , there is no password prompt. At the end of my

Does anyone have some examples of using this create_resources function, https://github.com/puppetlabs/puppetlabs-create_resources, ? Based on the README example I can''t figure out exactly how to change from using defines to using this function. Maybe I misunderstand the purpose of create_resources...is it to replace defines, or is it to allow ENCs (for example) to use a define? Below

I am finding that the puppetlabs-apache module is somehow adding 30-60 seconds onto a host''s catalog compile time when the puppetmaster has no other hosts contacting or generating catalogs. The Puppetmaster is setup to use Puppet-2.7.18 - Apache & Passenger. RIght now only 2 hosts are even configured to use this new PM, the PM itself and a Foreman host. With neither hosts

I had a recent request to improve security on my web servers by having each website use a different user to run the hosting service. So example1.comhas it's own Apache instance running as apache1 and then example2.com has its own instance of Apache as apache2. Is this even possible or realistic? I understand the idea of how that would be secure, much like creating a virtual machine to

Does anyone know where I can get the latest puppet, 2.7.1 as RPM''s? The spec file that comes with the puppet 2.7.1 source is broken again, and only version 0.25.5 seems to be available via EPEL, which means that the website''s assertion that you can get puppet as an RPM from there is somewhat untrue. Douglas. -- You received this message because you are subscribed to the

I''ve begun using Hiera in combination with Foreman, primarily storing data that is best left in Array/Hash form. I''d like to be able to have a module, in this case BackupPC, query all the Hiera data for each node where the backup directories/databases are stored. Then use all that information on the BackupPC server to generate proper configuration files for each

This may have been asked before, if so, please excuse me and point me to the right direction. What I want to do is to define a hash table with multiple key->value pairs. I would like to pass this variable to a file template and generate a result file with all the mappings listed. Based on what I read, I need to do it in a definition. But does Puppet supports loop over a hash? Any help would

For some reason I am unable to run "dry runs" of the puppet client on my puppetmaster server. Running puppetd with the --test, --noop and verbose / debug flags results in nothing for about a minute or two then this output... $ time puppetd --test --noop -v err: Could not retrieve catalog from remote server: execution expired warning: Not using cache on failed catalog err: Could not

...linux module , which I''ve uploaded to github [2]. I don''t have much experience in custom types and providers so am unsure where to begin on debugging the errors when I can''t reproduce them via command line. [1] - http://pastebin.com/Lcy6feyt [2] - https://github.com/treydock/puppet-zfsonlinux/tree/development_zpool_type -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this...

Hello, I am trying to execute virsh commands on a host but it is giving errors due to failure in acquiring lock. root at kvm01:~# virsh suspend blindone error: Failed to suspend domain blindone error: Timed out during operation: cannot acquire state change lock Any suggestions how can we figure out possible reasons. -- Jatin -------------- next part -------------- An HTML attachment was

Can anyone point me to a tutorial on using Active Directory to authenticate a centos 6 server? I just want to use it to authenticate, ssh and restrict access to a particular ad group. I prefer to use the lightest method possible. I know you can use ldap, or winbind, etc. I have been trying to follow the ones I have been googling, but none of them seem "quit complete. My issue is that I have

So I want to use facts from one host in the configuration of other hosts. Trivial example: setting restrict lines in ntp.conf to allow a monitoring host to query ntpd on remote hosts. So if the monitoring host boots with IP 10.2.2.3 (which may change regularly), and it knows its the monitor host (via some customer facter plugins), I want some global variable to be available

hi there, I'm following these documentations to add a file-based disk volume to a KVM guest under Centos 6.0 : http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Virtualization/chap-Virtualization-Storage_Volumes.html as instructed, I created a "pool" then a "volume", file-based, e.g : mkdir /mnt/raid/kvm_pool1 virsh # pool-define-as pool1 dir - - - -

Hi Everyone, I downloaded the CentOS 6 x86_64 DVD ISOs and burned the first image to a rewritable DVD. When I tried to boot my new home server off it, it didn't, and then this was printed to the screen: ETCDisolinux: Found something at drive = EF No DEFAULT or UI configuration directive found! boot: The same disc works fine in my 4 year old HP laptop, and when installing CentOS 6 as a KVM.