Skip to content

Instantly share code, notes, and snippets.

@vinzent
vinzent / gist:151ef384ded68d86881a8a948bc9e410
Created January 6, 2020 15:10
get_api_versions(_request_timeout=0.5) backtrace
time python3 /tmp/test.py
/usr/local/lib/python3.6/site-packages/kubernetes/config/kube_config.py:509: YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, as the default Loader is unsafe. Please read https://msg.pyyaml.org/load for full details.
config_dict=yaml.load(f),
^CTraceback (most recent call last):
File "/tmp/test.py", line 5, in <module>
response = kubernetes.client.ApisApi(client).get_api_versions(_request_timeout=0.5)
File "/usr/local/lib/python3.6/site-packages/kubernetes/client/apis/apis_api.py", line 55, in get_api_versions
@vinzent
vinzent / gist:e0f6026c3cff6038852a5919b9624823
Created February 7, 2018 13:21
phab sshd_t phabricator_ssh_auth_t transition problem
# ausearch -m AVC,USER_AVC,SELINUX_ERR --start today -i
----
type=USER_AVC msg=audit(02/07/2018 10:11:45.153:807656) : pid=1 uid=root auid=unset ses=unset subj=system_u:system_r:init_t:s0 msg='avc: received policyload notice (seqno=2) exe=/usr/lib/systemd/systemd sauid=root hostname=? addr=? terminal=?'
----
type=USER_AVC msg=audit(02/07/2018 10:12:59.848:807742) : pid=1 uid=root auid=unset ses=unset subj=system_u:system_r:init_t:s0 msg='avc: received policyload notice (seqno=3) exe=/usr/lib/systemd/systemd sauid=root hostname=? addr=? terminal=?'
----
type=USER_AVC msg=audit(02/07/2018 10:20:17.465:808721) : pid=1 uid=root auid=unset ses=unset subj=system_u:system_r:init_t:s0 msg='avc: received policyload notice (seqno=4) exe=/usr/lib/systemd/systemd sauid=root hostname=? addr=? terminal=?'
----
type=USER_AVC msg=audit(02/07/2018 10:25:37.738:809410) : pid=1 uid=root auid=unset ses=unset subj=system_u:system_r:init_t:s0 msg='avc: received policyload notice (seqno=5) exe=/usr/lib/systemd/systemd sauid
@vinzent
vinzent / GSS_NAME_ATTRS_JSON.json
Created December 20, 2017 20:55
mod_auth_gssapi GSS_NAME_ATTRS_JSON
{
"name": "thomas@MYDOMAIN.LOCAL",
"attributes": {
"urn:mspac:": {
"authenticated": true,
"complete": true,
"values": [
{
"raw": "BQAAAAAAAAABAAAAmAEAAFgAAAAAAAAACgAAABYAAADwAQAAAAAAAAwAAABcAAAACAIAAAAAAAAGAAAAFAAAAGgCAAAAAAAABwAAABAAAACAAgAAAAAAAAEQCADMzMzMiAEAAAAAAAAAAAIAiEIPkNN50wH/////////f/////////9/IN2nFdN50wEgnRFAnHrTASBdAQvUmtMBDAAMAAQAAgAAAAAACAACAAAAAAAMAAIAAAAAABAAAgAAAAAAFAACAAAAAAAYAAIAAwAAAFEEAAABAgAAAQAAABwAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAQABgAgAAIAEAASACQAAgAoAAIAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAAAGAAAAdABoAG8AbQBhAHMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAFIEAAAHAAAAAwAAAAAAAAACAAAARABDAAkAAAAAAAAACAAAAE0AWQBEAE8ATQBBAEkATgAEAAAAAQQAAAAAAAUVAAAARB7qgl6PkrbZdawfAAAAAADotY/TedMBDAB0AGgAbwBtAGEAcwAAACoAEAAcAEAAAAAAAAAAAAB0AGgAbwBtAGEAcwBAAG0AeQBkAG8AbQBhAGkAbgAuAGwAbwBjAGEAbAAAAAAAAABNAFkARABPAE0AQQBJAE4ALgBMAE8AQwBBAEwAAAAAAHb///8g02CaVJFO5afZuTKMj3CnAA
@vinzent
vinzent / postgresql-service-validate_db_connection.patch
Created April 10, 2017 11:46
puppetlabs/postgresql + puppetlabs/puppetdb with PostgreSQL 9.5 from SoftwareCollections on CentOS7
--- a/manifests/server/service.pp 2017-04-10 13:29:34.307586169 +0200
+++ b/manifests/server/service.pp 2017-04-10 13:28:03.756056508 +0200
@@ -9,6 +9,7 @@
$user = $postgresql::server::user
$port = $postgresql::server::port
$default_database = $postgresql::server::default_database
+ $connect_settings = $postgresql::server::default_connect_settings
anchor { 'postgresql::server::service::begin': }
nova keypair-add --pub-key ~/.ssh/id_rsa.pub tmueller
get_floating_ip() {
openstack ip floating list -f value -c "Floating IP Address" -c Port | grep 'None' | head -1 | cut -f1 -d" "
}
neutron net-create --port_security_enabled=False NetA
neutron subnet-create --name NetA_Sub1 --no-gateway --disable-dhcp NetA 192.168.0.0/24
neutron net-create --port_security_enabled=False NetB
@vinzent
vinzent / rn-pva1.sh
Created August 30, 2016 20:09
ein paar neutron/nova commands
neutron net-create --port_security_enabled=False --router:external=False NetA
neutron subnet-create --name NetA_Sub1 --no-gateway --disable-dhcp NetA 192.168.0.0/24
neutron net-create --port_security_enabled=False --router:external=False NetB
neutron subnet-create --name NetB_Sub1 --no-gateway --disable-dhcp NetB 192.168.1.0/24
neutron net-create --port_security_enabled=False --router:external=False NetC
neutron subnet-create --name NetC_Sub1 --no-gateway --disable-dhcp NetC 192.168.2.0/24
neutron net-create --port_security_enabled=False --router:external=False NetD
@vinzent
vinzent / gist:ec269970142a723bd6a184707ade66b2
Created August 20, 2016 06:24
SELinux Java App system service type transition
Am 19.08.2016 um 17:53 schrieb Dominick Grift:
> On 08/19/2016 03:54 PM, Fakim, Walid wrote:
>> The init script launches a shell script which further down calls java - so will init_daemon_domain suffice? It's similar to a tomcat startup script.
>>
>>
>
@vinzent
vinzent / output
Created June 22, 2016 18:20
puppet defined test with strict_variables
$ /opt/puppetlabs/bin/puppet apply --strict_variables /tmp/test.pp
Error: Evaluation Error: Error while evaluating a Function Call, 'defined' parameter 'vals' expects a value of type String or Type, got Integer at /tmp/test.pp:4:5 on node tmueller-notebook.local
@vinzent
vinzent / openvpn_allow_all_ports.te
Created June 20, 2016 08:42
openvpn allow all ports
policy_module(openvpn_allow_all_ports, 0.1.0)
gen_require(`
attribute port_type;
type openvpn_t;
')
allow openvpn_t port_type:tcp_socket { name_bind };
@vinzent
vinzent / rundeck.pp
Created June 18, 2016 13:14
Rundeck EL7 demo-install
# Simple demo-install of rundeck on EL7 (CentOS, RHEL)
#
# Pre-requisites:
# - Installed modules
# puppet module install puppetlabs-java
# puppet module install puppet-rundeck
# puppet module install crayfishx-firewalld
# - $::fqdn fact needs to be working
#
# Install: puppet apply rundeck.pp