@travisdh1 said in YouTube Months in Review: July and August 2020: @EddieJennings You've been busy! That I have. I didn't do a practice session for every objective because I ran out of time before the test. But taking the time to talk through most of them was a good way for me to determine if I needed to go back and review details.

@flaxking said in SSL/TLS client certificates questions: Domain name doesn't matter, unless you're signing with a public CA. I'd think self-signed vs internal CA vs public CA would depend on what the authentication mechanism supports and how you have to manage the certificates. (i.e. if there are going to be a ton of them it might be easier for the authentication mechanism just to trust certificates signed by a certain internal CA rather than having to make each certificate trusted. From what I've seen so far, I've come to the same conclusion.

@scottalanmiller said in Installing Laravel on Ubuntu 20.04: @Pete-S said in Installing Laravel on Ubuntu 20.04: @Pete-S said in Installing Laravel on Ubuntu 20.04: @scottalanmiller said in Installing Laravel on Ubuntu 20.04: @Pete-S said in Installing Laravel on Ubuntu 20.04: OK, if you are not running apache or nginx, you should install the php-cli package instead. So that seems to get installed anyway as a dependency on its own. Yes, it does. But by using the php package and not php-cli, you probably got apache installed on your system as well - by dependencies. You could find out by running: apt list --installed | grep apache Or systemctl status apache2 to see if it's running. Even if it was, Laravel uses Artisan's server. I'm guessing they are invoking php's built-in webserver. Regardless, the point is that if you swap php to php-cli in your install guide you don't get apache and other stuff you don't need.

Yeah this is bread and butter for config management tools. You'd either use a template for the config or the lineinfile module for Ansible. Your template would have something like this: PermitRootLogin {{ root_login_enabled }} In it and then you can control which servers allow root login with the root_login_enabled variable.

@Obsolesce said in Searching for text in file: @dafyre said in Searching for text in file: @Pete-S said in Searching for text in file: If you have a text file that looks like this: start_folder='/folder1/abc.txt' iterations='123' passphrase='xyz' last_command='invoke' return_value='0' How can you pick out just xyz when looking for "passphrase"? I know grep will get me the line but what should I use if I want just a part of the line? Can it be done in one command or do I have to pipe several together? If you the text has a character that would be a good delimiter, you can pipe grep to cut... ie: cat myfile.txt|grep "iterations"|cut -d '=' -f 2 Output: '123' the -f # is which column you want. There may be other ways to do it, but that's the first way I can think of. You can specify a file with grep, no need to pipe in from cat. This is true! I always seem to get it backwards when I do that, so i just cat $thefile | grep | blah ... Cuts down on frustration, ha ha.

@marcinozga said in Install Skyetel Postcards on CentOS 7: @scottalanmiller said in Install Skyetel Postcards on CentOS 7: @marcinozga said in Install Skyetel Postcards on CentOS 7: @black3dynamite said in Install Skyetel Postcards on CentOS 7: Still preferred fallocate instead of dd to create a swap file? dd if=/dev/zero of=/swapfile count=4096 bs=1MiB && chmod 600 /swapfile && mkswap /swapfile && swapon /swapfile && echo "/swapfile swap swap defaults 0 0">>/etc/fstab Still using swap file? Memory is cheap. I don't recall a server where I created swap partition or swap file. Memory is NOT cheap, not at all. It is if you own it. If you rent your hardware, yeah, it adds up. Even if I own it, throwing away 2-3GB of RAM makes no sense. Now, if I own it, I can easily assign 4GB of RAM then remove it once installed, by why? That's harder to script and still no benefit. It's a bad habit to see resources as cheap and so waste them just because you can. Extra memory doesn't improve performance, it hurts it (just the tiniest bit). And it's not free, if you always apply twice as much RAM as you use (or four times, here), that gets costly one way or another. Either you wasted money overspeccing in the beginning, or you are stuck buying more now.

@scottalanmiller said in Deploying NodeBB 1.14 on CentOS 8 with MongoDB 4.2: NodeJS 13, @scottalanmiller said in Deploying NodeBB 1.14 on CentOS 8 with MongoDB 4.2: curl -sL https://rpm.nodesource.com/setup_14.x | bash - Those two things don't say the same thing.

I ran some test on a VM and created some groups and added some top-level directories for those groups. Changed the group on each top-level directories and files below recursively with chown -R. Set directories to permission 2770 and files to 0660 with chmod -R. Changed smb.conf and added create mask=0660 and directory mask=2770. Now new files and directories created on the share have the right permission and belongs to the right group automatically, simply depending on what group the top-level directory belongs to. If you're not a member of a group, you will not even see the directories or files that belongs to that group. I think this is a good interim solution without too much work. Then moving to onedrive or whatever can be done in the future on a department to department basis. Only admin required for adding users is to add them to linux/samba and make sure they become members of the right groups. It's also very simple to make a separate share out of the top-level folders if you wanted.

@jmoore said in YouTube Month in Review: June 2020: @EddieJennings Good info thanks eddie! You're welcome. My RHCSA videos are truly "practice sessions" for me, but the information should be accurate.

@krisleslie said in Linux Copy a Disk Over SSH with DD: @scottalanmiller can this be used while on XCP-NG host? Can be used on every non-Windows system.

TY @black3dynamite

Just install one of the old supported OSes on another drive, reboot and run the firmware update. It's a self extracting executable. With HP and Dell, it's their intention to support you by providing an additional layer of management on top of the actual manufacturers product. But you have to be in warranty to be able to leverage that support. If you intend to run equipment longer than the 5 year warranty, don't use Dell or HP or live without any firmware upgrades or support. If you use Dell or HP, replace hardware when it's out of warranty. HP Gen8 servers are from 2012-2013 so 7-8 years old and not the best candidates for new installations.

To do that.... Edit... sudo vi /etc/libvirt/qemu.conf And set... user = "root" group = "root" And then... sudo systemctl restart libvirtd

@Seb1982 said in Ubuntu 20.04 Desktop Lag: My Dell XPS 13 lags after upgrading to 20.04. All graphics are fine, but the system simply does not respond quickly enough. Sometimes all is fine, but often the pointer is about half a second behind, so is typing. And, I assume, it was snappy under the previous version? Since the initial issues, mine has stayed responsive.

If you install using the above method, it never tells you the random password assigned to your management interface. But no fear, there is a tool that sets that for you and is super, duper easy. cd /usr/local/lsws/admin/misc sh admpass.sh It is interactive. And voila.

@EddieJennings said in YouTube Months in Review: February and March 2020: 100 Subscribers!

@JaredBusch said in Create Internal CA for Windows LDAPs and Linux apps: @pmoncho said in Create Internal CA for Windows LDAPs and Linux apps: When I export the key, I want to export the private key as well? That depends. If you are only ever going to have devices using the key to auth against the DC that you created it on, then no. But if you need to install the cert on a device and then have another device auth to that first device, then that first device needs the private key. Thank you for the explanation.

@scottalanmiller said in Making an RDP Terminal Server with Ubuntu Linux: I recommend the Remmina RDP client tool, it's the bomb. I love Remmina as a client.

@IRJ said in Documenting Firewall Exceptions and Rules: @DustinB3403 said in Documenting Firewall Exceptions and Rules: I had to add some rules to a CentOS 8 server because some things stopped working that were previously working. (Not sure why this worked before, but it did) Adding a few rich rules resolved the issue immediately. None of this makes any sense. It's deny all and permit by exception. Why would you do anything else? That's the default, and that's what was working just fine for a long time. Suddenly it began "not working" and needed the exceptions made.

@black3dynamite said in Mouse Issues on Windows 2019 on KVM Through Virt-Manager: EvTouch USB Graphics Tablet is the default when selecting Server 2019 config template. That's the one. And the template didn't load properly when we selected it! It kept going back to Alpine!

@JaredBusch said in Deploying NodeBB 1.13 on CentOS 8 with MongoDB 4.2: You can only remove this line if you are going to host the reverse proxy on the same instance. No reverse proxy needed if you are going to just look at it locally without going over the network.