We are migrating all our use of
podmanfor our shared servers, mostly to take advantage of the great support for rootless
podman. I recently wanted to find a way to stop adding individual users to the
/etc/subgidmaps, as well as make all the maps be the same across systems to be able to attribute ownership for residual files created in containers on a networked (distributed ceph) file system. Also, we have a federated IdM setup, so no users are created locally each server, so it has to be globally maintained and handle non-contiguous user-id ranges. Since we already use Ansible to do our configuration, this was easy.
I just ran into a reason to have a bitwise shift in an Ansible / Jinja2 template. No problem, this is a thing already, right? Nope. In fact, bitwise operations in Jinja have been dismissed since 2013. WTF?
Chrome on MacOS Catalina is especially persnickety when it comes to (self-signed) certificates, due in part, I believe, to Apple’s new certificate requirements for macOS 10.15 (Catalina) and iOS 13.
Having previously setup serial console access for Linux systems, here’s a recipe to do this for FreeBSD as well.
If you have Ubuntu 18.04 (or possibly even 16.x or earlier) and are trying to boot a XEN kernel using GRUB2[.efi] on a UEFI system, you will likely run into “blank screen/hanging” problems as others have found (e.g. here and here).
I’m sure this is going to seem trivial, but I spent way too much time looking for a way to convert my
org-modenotes into (github flavored) markdown.
Some keyboards geared towards Windows have useless keys for a Mac. Can they be remapped?
Just learning Ansible, I quickly became tired of repeatedly typing my remote user password to allow
ansible[-playbook]to become root on the remote system via
sudo. Wanting something secure too. Too much to ask?
In the vein of “this should be easy…“, I thought I’d share a story of wasted time.
pfSensedoesn’t seem to have a simple “bridge-all-NICs” option. Really?
I’ve been playing with OneTimeSecret, and wanted
bashscripted access to it. I had to write it myself.
So, you’ve got a nice large 30” display (e.g. Apple 30” Cinema Display or Dell 3007WFP ) that can render 2560x1600 @ 60 Hz, but it has a Dual-Link DVI connector. And, you have a nice new MacBook Pro 2016 with only USB-C connectors. You might think it would be easy to connect, Right?
So, you’ve ignored those S.M.A.R.T. errors for a while now, haven’t you. Now you realize that there might actually be something going wrong with your hard drive. You try to naively copy data off, but it fails. But, no worries, there is an option to
ddthat can help you get most of the data off:
Got VMs? Have local servers at home? Connecting to a VPN? Want to do ALL at the same time and still be able to use typical DNS name resolution to reach the local domain hosts and your VMs? Doing this from a Mac?
Today, I tried to setup
sshpublic keys on my Dell PowerConnect Switches, figuring that good key authentication should be more secure and easier than simple password auth, right? Clearly someone is in the camp of fallor ergo sum on this one, and I suppose it might be me.
If you’ve ever added a
ProxyCommanddirective to your
sshconfig file, but you are on a portable computer only need that directive sometimes.
Here’s a hack showing how to tunnel ssh through an http-proxy server without any server-side modifications.
subscribe via RSS