Blog category: Linux

Comparsion of Ansible and Puppet exams by Red Hat

April 21, 2017 by Paweł Biernacki

I had an opportunity to take both exams related to those two most popular automation and configuration management frameworks. Here are some thoughts about the Red Hat’s 405 (Puppet) and 407 (Ansible) exams.

Continue reading

My thoughts on RedHat's EX403 exam

March 20, 2017 by Paweł Biernacki

I’ve recently gained the Certificate of Expertise in Enterprise Deployment and Systems Management after passing EX403 . I took the exam in the City of London as an individual session - this time on KOALA - Kiosk On A Laptop. On the RedHat’s site the exam is advertised to take three hours but after starting the exam I found that the clock shows four hours.

Continue reading

Packer, Ansible, CentOS and requiretty

November 11, 2016 by Paulina Budzoń

If you’ve tried running Packer with CentOS on AWS, you probably noticed this:

    sudo: sorry, you must have a tty to run sudo
Continue reading

SELinux, confined users and Systemtap

October 24, 2016 by Paweł Biernacki

While we’re waiting for CVE-2016-5195 to be patched, RedHat released a workaround for the most common form of the exploit being run in the wild. It uses systemtap to block access to mem_write function.

I wanted to apply it and started tests, only to find that stap returned EPERM while loading the module! As I’m running with SELinux enabled, I checked the /var/log/audit/audit.log. Surprisingly there was no AVCs with deny! Although most of the calls are audited, you can mark some to be silently dropped by audit. You can disable that filter using semanage dontaudit off. I run stap again and… bingo!

Continue reading