Best posts made by Romo

Very happy and proud to share with all of you guys a picture a my new born girl, Dania.

Didn't find a how to on the subject in Mangolassi and we were discussing about it in another thread so I decided to create one.

I started with a CentOS 7.2 minimal install:

-All commands were run as root.
-Installing the packages needed.
yum install samba samba-client samba-common firewalld

-Enabling and starting firewalld
systemctl enable firewalld
systemctl start firewalld

-Changing to the samba directory, making a backup of the original file and creating a master file which will be turned into our smb.conf file with testparm -s.
cd /etc/samba/
mv smb.conf smb.conf.bak
cp smb.conf.bak smb.conf.master
vi smb.conf.master

-While editing our file, in the global parameters we need to add the map to guest = Bad User option and then define our share:

[sharename]
    path = /chosen/path
    read only = No
    guest ok = Yes
    browseable = Yes 
    public = Yes

-Testing our smb.conf.master file for errors and create smb.conf file if none are found.
testparm -s smb.conf.master > smb.conf

The final file should look something like this.

[global]
    workgroup = MYGROUP
    server string = Samba Server Version %v
    security = USER
    map to guest = Bad User
    log file = /var/log/samba/log.%m
    max log size = 50
    idmap config * : backend = tdb
    cups options = raw

# User defined share 
[public]
    path = /home/public
    read only = No
    guest ok = Yes
    browseable = Yes 
    public = Yes

No we need to create our share in our filesystem, taking careful consideration of what path we specified in our smb.conf file. In this case I choose to create my share inside home and give it a name of public.
cd /home
mkdir public

We change the owner of the folder and its permissions:
chown nobody:nobody public/
chmod 777 public/

Enabling the needed services and starting them.
systemctl enable smb.service
systemctl enable nmb.service
systemctl restart smb.service
systemctl restart nmb.service

Allowing samba through our firewall.
firewall-cmd --permanent --add-service=samba
firewall-cmd --reload

And finally getting SELinux to allow clients to access the share.
setsebool -P samba_export_all_ro=1 samba_export_all_rw=1
getsebool –a | grep samba_export
yum install policycoreutils-python
semanage fcontext –at samba_share_t "/home/public(/.*)?"
restorecon /home/public

You should have a writable anonymous share that can be accessed from your Windows Clients.

** Edit
Checking the ip address of my samba host
ip addr show

[root@localhost ~]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
  link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
   valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
   valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:9f:69:b6 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.100/24 brd 192.168.1.255 scope global enp0s3
   valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe9f:69b6/64 scope link
   valid_lft forever preferred_lft forever

The ip address of my samba host is 192.168.1.100. Now we can access the share from our windows pc using \\192.168.1.100\public

• Verifying our samba share exists in our server

  [root@localhost ~]# smbclient -L 192.168.1.100
  Enter root's password:
  Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.10]
  
    Sharename       Type      Comment
    ---------       ----      -------
    public          Disk
    IPC$            IPC       IPC Service (Samba Server Version 4.2.10)
  
  Domain=[MYGROUP] OS=[Windows 6.1] Server=[Samba 4.2.10]
  
    Server               Comment
    ---------            -------
    LOCALHOST            Samba Server Version 4.2.10
  
    Workgroup            Master
    ---------            -------
    MYGROUP              LOCALHOST
    WORKGROUP            TECHNICOLOR
  

-We can see samba properly shows our share, it is indeed named public as per our smb.conf file.

-No we can mount our share in windows

-Using \\192.168.1.100\public to connect to share

Our share is now properly mounted and available in our Windows PC.

Just finished setting up 60 new linux machines for work.

Downloading the starwind-v8.exe to our Hyper-V host.

wget "https://url.to.your/file"  -outfile "starwind-v8.exe"

Believe it or not windows sorta has wget, I was not expecting that!!! It really is an alias for Invoke-WebRequest but nevertheless its great having something similiar availble.

After the download has finalized, just execute the .exe and the tipical windows install gui will pop up.

.\starwind-v8.exe

No management console install option available since this is a no gui server.

Since I found out about virtualization I discovered I could always have a lab.

Returning to work after my paternity leave, by the way thank you to everyone sending best wishes for my daughters birth. I didn't have much time to get online last couple of days and respond each one and the notifications have blown up and I can't even see them.

All steps must be executed on powershell with administrator permissions and ran on target computers as well as connection initiator computers.

Enabling PS Remoting

Enable-PSRemoting -Force 

Since this a workgroup setup, we need to configure the TrustedHosts settings on the computers in order to establish proper trusts.

// if we trust the local lan completely
Set-Item wsman:\localhost\client\trustedhosts *

// Enabling access to specific hosts via hostname or ip address just pass a comma separated list of hosts 
Set-Item wsman:\localhost\client\trustedhosts 'hostname1, hostname2 , ipaddress1'

Restart the WinRM server to make changes take effect

Restart-Service WinRM

Accessing a remote PS Session

Enter-PSSession -ComputerName  yourTargetHost -Credential yourUser

After inserting your credentials the session should be ready!

Now that I have some free time, I'll give you a simple example of some of the things you can do using pandas.

Our dataset will be all the posts in this topic, scraped and saved into an excel file.

DATASET : pandas-test.xslx

I am going to be using a Jupyter notebook just to make the output clearer.

$ import pandas
$ pandas.read_excel('pandas-test.xlsx')

That is the whole spreadsheet read and basically printed out, but we can't work with that. We need to read the file into a variable and start working with it.

# Reading the file to variable df
$ df = pandas.read_excel('pandas-test.xlsx')

# Printing how many rows and column in the file (rows,columns)
$ df.shape
(11,4)

# Printing the column names
$ df.columns
Index(['Date', 'Time ', 'User', 'Post'], dtype='object')

Only extracting columns - Date and User

$ df[['Date', 'User']]

Lets check how many posts per day

$ df.groupby(['Date'])['User'].count()

Now lets check by day and time

$ df.groupby(['Date', 'Time ']).count()

Lets filter only your posts and create a new csv file based on the data found.

$ subset = df.loc[df['User']=='Lakshmana']

Create a csv file only containing your posts

$ subset.to_csv('Lakshmana-posts.csv')

Final results your new csv file with your posts filtered out.

Lakshmana-posts.csv

EDIT: Just if you need it, an example of filtering by date and user

So when can I learn how to program printers during my internship, I MUST have this knowledge.

@Minion-Queen said in Looking for Highshool IT Intern:

No they really aren't just need to actually want to be involved and actually do it.

If age is not a problem, I would really love to intern for you guys.

I have never been an intern =), in Mexico or at least in my state we are required by our Universities to do "servicio social" and/or "prácticas profesionales". If we get lucky they sometimes can be like one of your internships I guess, but most of the time we are doing them in a unrelated area, being treated as free labor (no proper learning experience), turned into the copy/coffee boy/girl or many just pay to get someone to sign their required reports because you work and don't have time for school, work and servicio social.

I was actually a soccer player that was my paying job from age 13 to 25, so I started pretty late working in IT. I didn't get to have a proper internship (didn't have time my job gave me almost no free time) and my University knowledge wise was really just a waste of time as @scottalanmiller knows.

I am the sole IT generalist of my current job, I manage a main office with 20 users in a Windows 2008 domain and a remote office with 10 regular users and a small 60 seat call center with 10 of those computers running Ubuntu Mate 15.10, computers are pretty basic only 1gb Of ram we get much better performance with Linux than the windows pcs and we really only use Web Apps so I hope I can migrate the rest to Linux soon.

Main and remote offices both have kvm vm hosts with md raid 10 on HP ML110 G7 (really envy everyone who gets to play with bigger and proper servers). Small number of vms, AD and file servers, Linux jump boxes with zero tier and Elastix 2.5 vm for IT department (only me) communication (hate our Panasonic and Alcatel pbxs) .Both offices have pfsense firewalls as their default gateways connected with 200/200 Internet providers.

Basically I am a self learner who really loves IT and Linux. I am eager to keep on learning and building my career in IT. I truly believe being an intern in Ntg would be a great opportunity to advance my knowledge and have some great mentoring. I would really liked to be considered for the position =).

@gjacobse said in Something not said enough;:

Thank you - I feel that I have continued to learn from input from a number of people...

@scottalanmiller
@JaredBusch
@travisdh1
@DustinB3403

and a number of other people...

So - I express my thanks.

I would like to jump on the thank you train and extend my gratitude for those four as well and would like to include @stacksofplates. You're posts are super helpful and insightful =). Thank you, everybody, for all the knowledge and contributions!!

Of course I would also like to thank you @gjacobse for all the help you have provided with all NTG related things as well

PDQ Deploy would be my preferred method.

This is their own description of the software

SlideDog is a powerful presentation tool that seamlessly switches between multimedia presentation files and makes it easy to present like a professional.

I have been using the software for a week on all of the presentations during our events and have to say I really like it and would totally recommend it. You can create your presentation playlist with different types of files pdfs, powerpoints, web pages , almost all video types (it uses vlc as default player) and just create one big seamless presentation. It has really made my job so much easier this week.

slidedog.com

This installation script will set up an Invoice Ninja installation on Ubuntu 16.10 served by nginx with a self signed SSL certificate.

Installation Steps
Setup an Ubuntu 16.10 vm.

Get the installation script and execute it with the following commands:

wget  https://raw.githubusercontent.com/rodrigo-hissam/invoice-ninja-installer/master/ininja-installer.sh
chmod +x ininja-installer.sh
./ininja-installer.sh

The script seems to hang during the app db migration but just let it run, it will complete. Also remember when creating the ssl cert, to set your FQDN or IP (which ever you chose at the beginning) in the COMMON NAME option.

After the script finishes, point your web browser of choice to your FQDN or IP, accept the security warning since we are using a self-signed cert and procede to finish the setup.

Vultr just announced new pricing, they now offer a 512MB instance for $2.50 a month.

@msff-amman-Itofficer in your specific example you can easily pass a list of hosts you want to target

salt -L '172,123' test.ping

If you would like to define a more long term list of minions you can use nodegroups. Define your nodegroups in your master config file /etc/salt/master :

nodegroups:
  group1:
      - 172
      - 123
  group2: L@172,123

Both groups target the same minions but with a different syntax, you can use the one you prefer. Group1 is using a YAML list and group2 is using compound matchers. With your nodegroup defined you can now target it as follows:

salt -N group1 test.ping

Saltstack has lots of targeting options you should check the docs to better understand them.

• https://docs.saltstack.com/en/latest/topics/targeting/index.html
• https://docs.saltstack.com/en/latest/topics/targeting/index.html#advanced-targeting-methods

As @scottalanmiller tells us in the introductory post, lxd is completely image based. Each new container we create must be based from an image, either manually made or premade and downloaded from a remote location.

After installation, lxd by default sets us with remote image locations so we can start downloading images to our local store. We can check the default remote list with the following command.

~$ lxc remote list
+-----------------+------------------------------------------+---------------+--------+--------+
|      NAME       |                   URL                    |   PROTOCOL    | PUBLIC | STATIC |
+-----------------+------------------------------------------+---------------+--------+--------+
| images          | https://images.linuxcontainers.org       | simplestreams | YES    | NO     |
+-----------------+------------------------------------------+---------------+--------+--------+
| local (default) | unix://                                  | lxd           | NO     | YES    |
+-----------------+------------------------------------------+---------------+--------+--------+
| ubuntu          | https://cloud-images.ubuntu.com/releases | simplestreams | YES    | YES    |
+-----------------+------------------------------------------+---------------+--------+--------+
| ubuntu-daily    | https://cloud-images.ubuntu.com/daily    | simplestreams | YES    | YES    |
+-----------------+------------------------------------------+---------------+--------+--------+

To check the images available in each remote, we can run lxc image list remotename: and a list of all available image containers will be listed, but this is many times not practical due to the amount of images available in the remotes. So you can just visit the url shown in the remote list in your browser of choice to view the available images.

From the cli

~$ lxc image list images:

Visiting the remote url: https://images.linuxcontainers.org

To get images to our local store and start building containers the basic command is lxc image copy remoteName:imageDistribution/imageRelease/imageArchitecture local: imageArchitecture being optional.

This basic command does its job just fine but has a few drawbacks in my opinion. It forces us to call the imageDistribution/imageRealease image name each time we want to create a container and the image must be downloaded again manually if we want to have the latest container.

How can we fix this, easy addding two extra parameters to our basic image download command. Here is an example that will be downloading a Fedora/27 image from the "images:" remote, giving it our custom alias and having it auto updating daily.

~$ lxc image copy images:fedora/27 local: --alias f-27 --auto-update

Giving our images an alias has two benefits, shorter commands when creating containers and the ability to delete images by the alias instead of deleting by using the image Fingerprint which is not user friendly.

# List images in our local store and compare the alias vs fingerprint

~$ lxc image list
+---------+--------------+--------+-----------------------------------------+--------+----------+-----------------------------+
|  ALIAS  | FINGERPRINT  | PUBLIC |               DESCRIPTION               |  ARCH  |   SIZE   |         UPLOAD DATE         |
+---------+--------------+--------+-----------------------------------------+--------+----------+-----------------------------+
| f27     | b25c1b1b6831 | no     | Fedora 27 amd64 (20171201_01:27)        | x86_64 | 63.61MB  | Dec 1, 2017 at 3:01am (UTC) |
+---------+--------------+--------+-----------------------------------------+--------+----------+-----------------------------+

Finally to create and start our container based on our Fedora 27 image we just run.

~$ lxc launch f27 yourcontainername
Creating yourcontainername
Starting yourcontainername
~$

@fateknollogee Free for standalone KVM hosts, this seems interesting. Please share your testing results =).

@jaredbusch said in Unable to turn up ScreenConnect server on Fedora 28:

System.Exception: Magic number is wrong: 542

Searching for the error leads to a mono bug https://github.com/mono/mono/issues/6752#issuecomment-365212655

Which supposedly you can get working by exporting an enviromental variable

export TERM=xterm

According to the last comment on the thread https://github.com/mono/mono/issues/6752#issuecomment-404527450 the issue fix should already be backported on fedora which makes it strange as the error is happening on fedora 28 for jared.

Just got it working, it was indeed a DNS issue. When launching the docker container I added the --add-host name:ip option to add an entry to the hosts file that pointed to the internal ip of our nextcloud server and that made it properly work.

Its now properly working