In part one I was writing how to set up an IPA server for basic user authentication. One reason NFSv4 is not that widespreaded yet, is it needs Kerberos for proper operation. Of course this is now much easier thanks to IPA. Goal for the part of the guide Configure IPA to serve the NFS principle Configure NFS to use IPA Configure some IPA clients to use Kerberos for the NFS service Requirements A runing IPA service like discussed in ….Read More
Identity Management with IPA Part I
Red Hat released RHEL 6.2 on December 6th. From my point of view, the greatest news in the release is that IPA (or now called Identity Management) is now fully supported and available in the RHEL 6 base channel without additional subscription costs. Upstream project is freeIPA and is available trough the default Fedora repos. About central Identity Management IPA stands for Identification, Auditing, Policy. The focus in this article is on identification of users. In the past, there have ….Read More
Cross distribution system management with Spacewalk
In a perfect world, all systems in a data centre are running the same Linux operating system, a homogeneous system landscape. In real life things are working differently. Windows systems are out of focus in this post, lets concentrate on Linux systems. Most companies with a large Linux base are either RHEL shops or using SLES. A lot of RHEL users have some SLES systems running and so are SLES users running some RHEL systems. Some companies have additional systems ….Read More
Implement a high available Cobbler provisioning system
A not so well known feature of Cobbler is its replication facility. It allows you to create a high available system provisioning system. The whole set up is straight forward. Background Today people tend to NOT backup systems, only data is being backed up. In the case of a system failure, they just re-provisioning the system and automatically configure it with configuration management tools such as Puppet, CFengine or RHN Satellite. You not only need to have your configuration management ….Read More
I got employed by Red Hat
This is pretty cool: End of March I signed a contract with Red Hat as a senior Linux consultant. It is not just “another new job”. It is cool for (at least) two reasons: First reason is that Red Hat is not “just another company”, it is Red Hat which is not very comparable to other employers, it is THE Linux and open source company, for me as a open source guy, this is perfect. The second reason is: I’m ….Read More
How to harden RHEL systems
Some time ago, the NSA released an excellent guide how to harden RHEL5 systems. Despite of being written for RHEL5, it partially also applies to RHEL6 and newer versions of Fedora. It is also worth looking at it for users of non-RH breed distributions. To be mentioned: Its clearly focused on server systems, not desktops. Some of the topics are really basic stuff which is already in place as industries “best practices”, other methods are not that well known. Most ….Read More
SUSE Manager based on Fedora Spacewalk
SUSE announced the availability of SUSE manager. Having a closer look to it, one recognizes it is based on Fedora Spacewalk. It is a clone of the Red Hat Satellite. A few weeks ago I was puzzled to see a post on the spacewalk-devel mailing list. SUSE was contributing some code. What the heck? Now it is clear, they are using Spacewalk as there source for its own product. Spacewalk is no longer just the upstream of RHN Satellite, but ….Read More
Updating a distro in cobbler
A few weeks ago RHEL 5.6 was released, the installation media was also updated. So it is time to get it into cobbler to deploy the latest dot release when provisioning new systems. Lets assume your profile name is rhel5-x86_64, you have an existing distro named rhel55-x86_64 and you want to replace it with rhel56-x86_64. Lets start with importing the new distro: # Mount the ISO as loop back mount /some/where/rhel-server-5.6-x86_64-dvd.iso /mnt/rhel56iso -o loop # Import the Install Media cobbler ….Read More