podman pod create \
--name YOUR_POD_NAME \
-p 8080:8080
This is the manual process for enrolling a host running SUSE/SLE 12 SP2 with FreeIPA.
The following reference documentation was used to create this process:
- An outdated guide on Enrolling a SUSE machine with FreeIPA
- The Manual FreeIPA guide from the RedHat documentation.
I do not recommend using yast to set this up, however it is useful to check if the configuration is valid. SUSE/SLE has all the required packages to use FreeIPA but does not have the conveinent ipa-client
tools, such as ipa-client-install
.
Windows Subsystem 2 for Linux, Hyper, ZSH + Oh My Zsh + Powerlevel9k + plugins, FNM + VSCode (+ext) and Nerd Font
To setup native Linux, see this gist
syntax on | |
filetype plugin indent on | |
"Get the 2-space YAML as the default when hit carriage return after the colon | |
autocmd FileType yaml setlocal ts=2 sts=2 sw=2 expandtab | |
if &diff | |
" change vimdiff color scheme https://stackoverflow.com/questions/2019281/load-different-colorscheme-when-using-vimdiff |
--- ----------------- ---- | |
Map Quick Explanation Link | |
--- ----------------- ---- | |
< <F1> Causes Netrw to issue help | |
<cr> Netrw will enter the directory or read the file |netrw-cr| | |
<del> Netrw will attempt to remove the file/directory |netrw-del| | |
<c-h> Edit file hiding list |netrw-ctrl-h| | |
<c-l> Causes Netrw to refresh the directory listing |netrw-ctrl-l| | |
<c-r> Browse using a gvim server |netrw-ctrl-r| | |
<c-tab> Shrink/expand a netrw/explore window |netrw-c-tab| |
# How to sign your custom RPM package with GPG key | |
# Step: 1 | |
# Generate gpg key pair (public key and private key) | |
# | |
# You will be prompted with a series of questions about encryption. | |
# Simply select the default values presented. You will also be asked | |
# to create a Real Name, Email Address and Comment (comment optional). | |
# | |
# If you get the following response: |
This note explains the common issue of "notapplicable" results when running openSCAP and SCAP-Security-Guide on CentOS.
SCAP seems like it should be easy because it is "just XML". Then you dig into looking for a test and it gets confusing fast. So it is good to have some background.
SCAP (Security Content Automation Protocol) is actually a set of multiple standards and specifications that are used together to enable automatically testing hundreds of nerd settings. Let me emphasize that: SCAP is not a single XML specification -- SCAP is multiple standards and specs. Whenever you give "SCAP Content" to a scanner to check a system configurations you are giving the scanner multiple XML files representing multiple standards.
vi /etc/ssh/sshd_config #Permitrootlogin -> permitir acceso por ssh | |
su - | |
yum clean all && yum update -y && yum upgrade -y | |
sudo sed -i --follow-symlinks 's/^SELINUX=.*/SELINUX=disabled/g' /etc/sysconfig/selinux | |
sudo yum install epel-release -y | |
sudo yum install wget curl net-tools lsof zip unzip iperf cabextract -y | |
sudo yum install mlocate xorg-x11-font-utils fontconfig libSM libICE libXrender libXext xorg-x11-fonts-Type1 xorg-x11-fonts-75dpi freetype libpng zlib libjpeg-turbo gcc ImageMagick ImageMagick-devel ImageMagick-perl samba-client lua lua-devel pkgconfig asciidoc -y | |
sudo yum remove mysql-server mysql-libs mysql-devel mysql* mariadb-libs mariadb* percona percona-* mysql mysql-* mariadb mariadb-* -y | |
sudo rm -rf /var/lib/mysql & rm -rf /etc/my.cnf |
The intent of this document to is record one method of enabling Kerberos logins on a CentOS 7 system using Windows Active Directory. There are many way to do this. For a very detailed document on all of these options, check out the Red Hat Enterprise Linux 7 Windows Integration Guide.
Note: At the time of this writing, a kickstart installation does not work correctly, possibly due to using an older version of adcli. The
/etc/krb5.keytab
file ends up containing entries that look likeHOST/hostname.domain.com@DOMAIN.COM
which is not what sshd is expecting. The sshd service is expecting entrieds that look likehost/hostname.domain.com@DOMAIN.COM
. This causes ssh Kerberos logins to fail, printingNo key table entry found matching host/hostname.domain.com@
in the error log.