Linux Blimp

Another security vulnerability can be put in the “found and fixed” category. “Fixed,” that is, if vulnerable servers apply the patch. The good news is that most servers aren’t going to be affected, which narrows the problem down to mere thousands. It could have been much worse.

The problem was with libssh, the popular library for supporting the Secure Shell (SSH) authentication protocol, which due to a coding error would believe anyone who told it their login had already been authenticated and open the access door wide.

Technically speaking, the libssh SSH authentication process is usually started with the message “SSH2_MSG_USERAUTH_REQUEST”, but if sent “SSH2_MSG_USERAUTH_SUCCESS” instead, the server would take this as all the proof it needed that the user had already successfully been authenticated.

The bug, officially CVE-2018-10933, was discovered by Peter Winter-Smith, a researcher at security firm NCC, who then reported it to libssh developers. The devs pushed out versions 0.8.4 and 0.7.6 to address the issue last Tuesday, as well as patches for older versions.

Only server installations need to be patched, as client installs are not vulnerable.

This could have had a nasty ending. The vulnerability had been present since the release of version 0.6.0, which was released in January 2014, but evidently escaped being discovered by the black hats. The potential scope of the exploit was reduced because most servers, IoT devices, and personal computers use the openssh library instead of libssh to implement SSH.

The latter does much to limit the scope of this exploit. According to Amit Serper, who is head of security research at Cybereason, the vulnerability affects a minimum of 3,000 servers (up to about 6,000), but those numbers are only a drop in the serverland bucket.

It could have also been much worse had GitHub, which uses libssh, been affected. Fortunately, GitHub has customized its implementation and doesn’t use the SSH2_MSG_USERAUTH_SUCCESS message.

“Patches have been applied out of an abundance of caution,” GitHub security said in a tweet, “but GHE was never vulnerable to CVE-2018-10933.”

If they had been vulnerable, attackers could have gained access to its customers source code, which includes the code from some of the largest development houses in the world.

Source

Most Popular

• Linux Commands Cheat Sheet
• Linux ip Command Networking Cheat Sheet
• Vim Cheat Sheet
• Linux System Administrator Projects
• 1,500 Coding Project Ideas

Recent Linux Articles

• Linux Certification Paths
• Managing Linux Users and Groups
• Linux Disk Management
• Linux System Logs and the Syslog Standard
• The Professional Approach to Upgrading Linux Servers

Topics

Arch Linux
careers
CentOS
cheat sheet
Cloud
Command Line
Debian
Desktop
Fedora
File System
FTP
Gentoo
Installation
jobs
Linux
Linux Mint
Mageia
MySQL
Nginx
OpenSuse
Programming
Python
RedHat
SCP
Server
Shell Scripting
Slackware
SSH
text editor
Ubuntu
Vagrant
Video
vim
VirtualBox
Web Hosting
Windows

Linux Cheat Sheet Download

Enter your email address below to download this Linux command line cheat sheet in an easy-to-read and ready-to-print format.

Source

November 28, 2016
By Sean Michael Kerner

This is the time of year when Linux distribution releases start to slow down (just a bit), but there have been several noteworthy recent releases to recognize before 2017 starts.

1) Fedora 25

Red Hat’s community Linux project Fedora releases Fedora 25 on November 22, providing the second milestone update for 2016. Among the big features is full support for the Wayland display server, which finally replaces the decades old X11 system.

“Wayland has been under development for several years and seeks to provide a smoother, richer experience for graphical environments and better capabilities for modern graphics hardware,” Matthew Miller, Fedora Project Leader wrote in his mailing list announcement message. “To further enhance ease-of-use, Fedora 25 Workstation also features GNOME 3.22, which offers multiple file renaming, a redesigned keyboard settings tool and additional user interface improvements.”

2) openSUSE 42.2

While Fedora continues to act as a sort of proving ground (they don’t like calling it a ‘beta’) for features that often end up in Red Hat Enterprise Linux (RHEL), SUSE is taking a very different approach with its openSUSE Leap distribution.

With Leap, ideas and technologies already proven in SUSE Linux Enterprise come to the freely available openSUSE 42 distribution. The openSUSE 42.2 Leap release debuted on November 16.

Leap is made to give stability-minded users and conservative technology adopters peace of mind. openSUSE Leap 42.2 is powered by the Linux 4.4 Long-Term-Support (LTS) kernel and is a secure, stable and reliable server operating system for deploying IT services in physical, virtual or cloud environments.

A selective process of including well-established packages in openSUSE Leap 42.2 gives new meaning to the term Linux Optimization; openSUSE Leap is simply the safe choice that offers Linux professionals a user-friendly desktop and a feature-rich server environment.

3) Zorin OS 12

Unlike Fedora and openSUSE which are both backed by large vendors, Zorin is a smaller operation, but it’s still trying to generate revenues. Zorin Core is freely available, while the Ultimate edition, which adds games and support is a paid commercial release. The new Zorin OS 12 distribution became generally available on November 18.

At the core of Zorin is the Zorin Desktop Environment which is based on Gnome Shell.

With the new Zorin Desktop 2.0 environment comes a fresh new look. The dark tones of the interface shell create a contrast against the app windows to give a clear distinction between the system UI and the work you’re focusing on.

Sean Michael Kerner is a senior editor at LinuxPlanet and InternetNews.com. Follow him on Twitter @TechJournalist

Source

Zabbix agents support both passive (polling) and active checks (trapping). Zabbix may perform checks based on an interval, however, it is also possible to schedule specific times for item polling.

Passive checks (polling):

• Zabbix server (or proxy) requests a value from Zabbix agent
• Agent processes the request and returns the value to Zabbix server (or proxy)

Zabbix server or proxy asks for some data (for example, CPU load) and Zabbix agent sends back the result to the server.

Example: agent ping

1. Server opens a TCP connection
2. Server sends agent.pingn
3. Agent reads the request and response with <HEADER><DATALEN>1
4. Server processes data to get the value, ‘1’ in our case
5. TCP connection is closed

Active checks (trapping):

• Zabbix agent requests from Zabbix server (or proxy) a list of active checks
• Agent sends the results in periodically

Active checks require more complex processing. The agent must first retrieve from the server(s) a list of items for independent processing.

For example:

1. Agent opens a TCP connection
2. Agent asks for the list of checks
3. Server responds with a list of items (item key, delay)
4. Agent parses the response
5. TCP connection is closed
6. Agent starts periodical collection of data

Zabbix Trapper

Trapper items accept incoming data instead of querying for it.It is useful for any data you might want to “push” into Zabbix.

To use a trapper item you must:

1. have a trapper item set up in Zabbix
2. send in the data into Zabbix(with zabbix_sender)

Source

The team is proud to announce the release of Linux Mint 19 “Tara” Xfce Edition.

Linux Mint 19 Tara Xfce Edition

Linux Mint 19 is a long term support release which will be supported until 2023. It comes with updated software and brings refinements and many new features to make your desktop even more comfortable to use.

New features:

This new version of Linux Mint contains many improvements.

For an overview of the new features please visit:

“What’s new in Linux Mint 19 Xfce“.

Important info:

The release notes provide important information about known issues, as well as explanations, workarounds and solutions.

To read the release notes, please visit:

“Release Notes for Linux Mint 19 Xfce”

System requirements:

• 1GB RAM (2GB recommended for a comfortable usage).
• 15GB of disk space (20GB recommended).
• 1024×768 resolution (on lower resolutions, press ALT to drag windows with the mouse if they don’t fit in the screen).

Notes:

• The 64-bit ISO can boot with BIOS or UEFI.
• The 32-bit ISO can only boot with BIOS.
• The 64-bit ISO is recommended for all modern computers (Almost all computers sold since 2007 are equipped with 64-bit processors).

Upgrade instructions:

Announcements will be made shortly with instructions on how to upgrade from Linux Mint 18.3.

If you are running the BETA, perform a system snapshot, use the Update Manager to apply available updates, run the following commands and reboot:

apt remove ttf-mscorefonts-installer apt install libreoffice-sdbc-hsqldb sessioninstaller ttf-mscorefonts-installer xserver-xorg-input-synaptics sudo rm -f /etc/systemd/logind.conf apt install –reinstall -o Dpkg::Options::=”–force-confmiss” systemd sudo rm -f /etc/polkit-1/localauthority/50-local.d/com.ubuntu.enable-hibernate.pkla

Download links:

Here are the download links for the 64-bit ISO:

• Torrent https://torrents.linuxmint.com/torrents/linuxmint-19-xfce-64bit-v2.iso.torrent
• World EvoWise CDN
• World LayerOnline
• Canada Manitoba Unix User Group
• Canada University of Waterloo Computer Science Club
• USA advancedhosters.com
• USA Clarkson University
• USA Harvard School of Engineering
• USA James Madison University
• USA kernel.org
• USA Linux Freedom
• USA MetroCast Cablevision
• USA pair Networks
• USA Syringa Networks
• USA TAP Open Source Mirror
• USA TDS Telecom
• USA Team Cymru
• USA University of Oklahoma
• USA University of Washington, Mathematics
• USA US Internet
• USA West Virginia University
• USA XMission Internet
• Austria UPC Austria
• Belarus ByFly
• Bulgaria IPACCT
• Bulgaria Netix Ltd
• Bulgaria University of Ruse
• Czech Republic Brno University of Technology
• Czech Republic CZ.NIC
• Czech Republic Ignum, s.r.o.
• Czech Republic IT4Innovations National Supercomputing Center
• Czech Republic UPC Ceska republika
• Denmark Dotsrc.org
• Denmark KLID
• France Crifo.org
• France Gwendal Le Bihan
• France Ordimatic
• France remi.lu
• Germany FH Aachen
• Germany Friedrich-Alexander-University of Erlangen-Nuremberg
• Germany GWDG
• Germany Hochschule Esslingen University of Applied Sciences
• Germany NetCologne GmbH
• Germany wilhelm.tel GmbH
• Greece Hellenic Telecommunications Organization
• Greece MyAegean team, University of the Aegean
• Greece National Technical University of Athens
• Greece University of Crete
• Greenland Tele Greenland
• Hungary Quantum Mirror
• Iceland Siminn hf
• Ireland HEAnet
• Latvia University of Latvia
• Luxembourg root S.A.
• Netherlands KoDDoS
• Netherlands NLUUG
• Netherlands Triple IT
• Poland ICM – University of Warsaw
• Poland Onet
• Poland Piotrkosoft
• Portugal FCCN
• Portugal RNL – Técnico Lisboa
• Portugal Universidade do Porto
• Romania M247
• Romania ServerHost
• Romania Telekom Romania
• Russia Truenetwork
• Russia Yandex Team
• Serbia Four Dots
• Serbia University of Kragujevac
• Slovakia Energotel
• Slovakia Rainside
• Spain Oficina de Software Libre do Cixug
• Sweden Academic Computer Club, Umea University
• Sweden c0urier.net
• Sweden Zetup
• Switzerland SWITCH
• Turkey Linux Kullanicilari Dernegi
• Ukraine IP-Connect LLC
• United Kingdom Bytemark Hosting
• United Kingdom UKFast
• United Kingdom University of Kent UK Mirror Service
• Bangladesh dhakaCom Limited
• Bangladesh XeonBD
• China Shanghai University Open Source Community
• China TUNA
• Iran Rasanegar
• Israel Israel Internet Association
• Kazakhstan Neolabs
• Malaysia Universiti Teknologi Malaysia
• South Korea KAIST
• Taiwan NCHC
• Taiwan Yuan Ze University, Department of Computer Science and Engineering
• Australia Internode
• Australia Western Australian Internet Association
• New Zealand University of Canterbury
• Argentina Xfree
• Brazil Universidade Federal do Amazonas
• Brazil Universidade Federal do Parana
• Colombia Universidad Pontificia Bolivariana
• Colombia Ventura Systems
• Ecuador CEDIA
• Ecuador CEDIA Ecuador
• Ecuador Escuela Politecnica Natcional
• Ecuador Universidad Central del Ecuador
• Botswana Retention Range
• South Africa Internet Solutions
• South Africa University of Free State
• South Africa WIRUlink

A 32-bit ISO image is also available at https://www.linuxmint.com/download_all.php.

Integrity and authenticity checks:

Once you have downloaded an image, please verify its integrity and authenticity.

Anyone can produce fake ISO images, it is your responsibility to check you are downloading the official ones.

• Please read and follow the steps at https://linuxmint.com/verify.php
• Link to the sums: sha256sum.txt
• Link to the signed sums: sha256sum.txt.gpg

Enjoy!

We look forward to receiving your feedback. Thank you for using Linux Mint and have a lot of fun with this new release!

Source

Linux Mint 19 Cinnamon Edition – See What’s New

Linux Mint 19 has been released and announced by Linux Mint Project, now available to download which ship with the Cinnamon, Mate and Xfce editions both for both 32-bit and 64-bit architectures.

Based on Ubuntu 18.04 LTS an powered by Linux Kernel 4.15 series, Linux Mint 19 include new tool for creates snapshots of the system, called Timeshift. it may user can restore a previous version of the system using the functionality. The Software Manager support flatpak package, ships with a brand new welcome screen and Update Manager was improved.

Linux Mint 19 cinnamon edititon features the latest cinnamon desktop 3.8. The cinnamon 3.8 as main desktop now feels snappier because it is faster and more efficient at launching applications and rendering new windows

The Nemo File Manager search was simplified and is easier to use, Notifications are smarter. They now have a close button (which unlike the notification itself doesn’t send you towards the source application) and no longer fade-out on mouse-over and the maximum sound volume was currently set to 150% and more..

Download Linux Mint 19 : https://www.linuxmint.com/download.php

Source

We will show you how to enable and disable root login in Ubuntu. Root access it required when you need to perform administrative operations which are not permitted for the regular system users, but in the same time the root access may be a huge security risk if it is enabled or if it is not used properly. In this tutorial we will show you how to enable and disable root login on a Linux VPS running Ubuntu as an operating system.

What is root?

In Ubuntu, and Linux in general there is a super user named root which can perform any administrative tasks on the system. In case you type some command incorrectly it can be really dangerous so the root login in Ubuntu is disabled by default. You can still perform super user operations on the system by using the sudo command with your system user if sudo privileges are granted for that user.

If root login is disabled on your Ubuntu VPS and you want to enable it, we will show you how to do that. Please follow the steps below.

Enable Root Login on Ubuntu

To enable root login on your Ubuntu server, first you need to set up password for your root user as it is not set during the OS installation. You can set up the password for your root user by using the following command:

sudo passwd root

You will be prompted to enter a new password. Enter the same password twice to confirm it and it will be updated successfully. Our recommendation is to use a very strong password for your root user so you can avoid it to be compromised via brute-force. Generally, a password utilizing at least 12 characters including alphanumeric and grammatical symbols is sufficient. Never use passwords based upon dictionary words or significant dates.

#sudo passwd root
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

Now that your have your root user enabled, you can check the OpenSSH settings and make sure your root user can use the service to access the server from remote locations. Open the OpenSSH server configuration file using a text editor of your choice. In our example, we are using nano:

sudo nano /etc/ssh/sshd_config

Find the line that starts with PermitRootLogin and make sure that line is not commented:

PermitRootLogin yes

If the line starts with # it means it is commented out, remove the # sign and save the file. Next, you need to restart the OpenSSH service for the changes to take effect. You can do that by using the following command:

sudo systemctl restart ssh.service

You can now connect to your server via SSH using your root user. Be careful though, with root login comes great responsibility.

You can also consider using SSH keys (private and public key) to login to your server. This method provides a more secure way of connecting to your server, instead of just using a password.

Disable Root Login on Ubuntu

If you have root login enabled on your Ubuntu VPS and you want it to be disabled you can follow the steps below.

First, delete the password of your root user and lock the root user using the following command:

sudo passwd -dl root

Then, open and edit the OpenSSH server configuration file using a text editor of your choice. We are using nano in our example:

sudo nano /etc/ssh/sshd_config

Find the line that starts with PermitRootLogin and make sure the value is set to no.

PermitRootLogin no

Once you make the appropriate changes in the OpenSSH configuration file, you need to restart the OpenSSH service for the changes to take effect. You can do that by using the following command:

sudo systemctl restart ssh.service

Of course, you don’t have to enable or disable root login on Ubuntu, if you use one of our Linux VPS Hosting services, in which case you can simply ask our expert Linux admins to enable or disable the root login on Ubuntu for you. They are available 24×7 and will take care of your request immediately.

PS. If you liked this post on how to Enable and Disable Root Login in Ubuntu, please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.

Be the first to write a comment.

Source

mod_rewrite is a Apache module installed on linux servers to manipulate URLs submitted in the browser to perform other functions than it appears. Mod_rewrite can improve SEO appearing to give it a static appearance.

This guide assumes you already have Apache installed, if you do not please see How to Install Apache

Enable mod_rewrite

You will want to edit the main Apache configuration file

nano /etc/httpd/conf/httpd.conf

Add or un-comment the following line

LoadModule rewrite_module modules/mod_rewrite.so

Once you have saved the file you can go ahead and restart Apache

systemctl restart httpd

or in CentOS 6 or below

service httpd restart

You should now see the module loaded by doing the following command

# httpd -M 2>&1|grep rewrite
rewrite_module (shared)

That is for enabling the module. Mod_rewrite rules can either be inserted directly into the VirtualHost block for a specific domain or in a .htaccess for that given domain.

Mod_rewrite Examples

Rewrite domain.com to www.domain.com

RewriteEngine On
RewriteCond % !^www. [NC]
RewriteRule ^(.*)$ http://www.%% [R=301,L]

The above redirect will take all requests to the non-www domain and redirect them with a 301 code to the www.domain.com url and appendedthe rest of the url to it.

Redirect all requests to https / SSL

RewriteEngine On
RewriteCond % ^domain.com [NC]
RewriteCond % off
RewriteRule ^(.*)$ https://%%

The above redirect will take all non-ssl requests and redirect them to https:// URLs.

Redirect request from one directory to another

RewriteRule ^subdirectory/(.*)$ /anotherdirectory/$1 [R=301,NC,L]

The above redirect will take any requests towards a single directory and redirect it to another directory with the rest of URL appended to it.

Redirect one domain to another

RewriteEngine On
RewriteCond % ^olddomain.com [NC,OR]
RewriteCond % ^www.olddomain.com [NC]
RewriteRule ^(.*)$ http://newdomain.com/$1 [L,R=301,NC]

This will redirect any requests with the destination of the olddomain and change them to the new domain. There are numerous redirects you can perform with mod_rewrite these are just a couple of common examples.

Sep 5, 2017LinuxAdmin.io

Source

Working with Katell. We’re going to configure a separate lifecycle for Puppet modules. This article is part of the Homelab Project with KVM, Katello and Puppet series.

Homelab

We have Katello installed on a CentOS 7 server:

katello.hl.local (10.11.1.4) – see here for installation instructions

See the image below to identify the homelab part this article applies to.

Separate Lifecycle for Puppet Modules

The idea for using a separate lifecycle for Puppet modules was taken from a Red Hat blog post that was published by Maxim Burgerhout.

We already know that we can create a repository that contains RPM files. We can then create a content view by snapshotting the repository.

We can create a content view with Puppet modules, just like we would do with RPMs. Based on that content view, Katello creates a special directory on the filesystem and it’s where the Puppet master looks for Puppet modules.

Katello creates a Puppet environment from the Puppet module content view the moment we publish it. As a result, using a Puppet module content view as a Puppet environment directly makes it easy to iterate quickly during development of our homelab Puppet modules.

The Plan

Below is a step-by-step plan that we’ll be following in this article.

1. Step 1: create a Puppet product.
2. Step 2: build Puppet modules.
3. Step 3: create a Puppet repository.
4. Step 4: sync Puppet repository.
5. Step 5: create a content view.
6. Step 6: add Puppet modules to the content view.
7. Step 7: publish Puppet content view.
8. Step 8: backup Katello configuration.

Configure Katello

Step 1: Create a Puppet Product

# hammer product create –name “puppet”

Step 2: Build Puppet Modules

See here for more info: Build and Import Puppet Modules into Katello

The idea here is to have a single Katello repository containing all our Puppet modules.

A Katello repository may be a plain directory containing a Pulp manifest and packaged Puppet modules. According to the Pulp project documentation, the Pulp manifest is a file listing each Puppet module contained in the directory. Each module is listed on a separate line which has the following format: <name>,<checksum>,<size>. The name is the file name, the checksum is SHA256 digest of the file, and the size is the size of the file in bytes. The Pulp manifest must be named PULP_MANIFEST. Having all this information, we can build Puppet modules manually, generate a Pulp manifest and import everything into Katello.

Get the source from GitHub:

# cd /opt
# git clone https://github.com/crylium/build-puppet-modules-for-katello.git

Build the modules, providing the path to the modules’ directory:

# bash ./build-puppet-modules-for-katello/puppet-module-build.sh
/etc/puppetlabs/code/environments/homelab/modules/

This will also create the file PULP_MANIFEST.

Step 3: Create a Puppet Repository

# hammer repository create
–product “puppet”
–name “homelab_modules”
–content-type “puppet”
–url “file:///etc/puppetlabs/code/environments/homelab/modules/”

Step 4: Synchronise Puppet Repository

# hammer repository synchronize
–product “puppet”
–name “homelab_modules”

Step 5: Create a Content View

# hammer content-view create
–name “puppet_content”
–description “Puppet modules”

Step 6: Add Puppet Modules to the Content View

View the module list:

# hammer puppet-module list
—|————————–|————–|———|————————————-
ID | NAME | AUTHOR | VERSION | UUID
—|————————–|————–|———|————————————-
38 | graylog | graylog | 0.6.0 | f27d9a89-9e0a-44fe-b72d-f101d94629a4
37 | sudo | saz | 5.0.0 | f088fa68-bfa3-4429-a8f2-f9c893d52bfc
36 | ruby | puppetlabs | 1.0.0 | eaaef4ba-bf52-4275-8eff-0340d98aa3f7
35 | archive | puppet | 2.3.0 | e09d2bc5-ec62-488c-a1a8-df6364448378
34 | elasticsearch | elastic | 6.2.1 | d965e7b4-ec88-4813-b575-745f9e78c2f1
33 | augeasproviders_shellvar | herculesteam | 2.2.2 | cbbe2521-890b-476d-b3b5-beef1b72fd73
32 | haproxy | puppetlabs | 2.1.0 | c9113401-719a-4d19-8ee8-8faca9a30317
31 | mongodb | puppet | 2.1.0 | c8e47d0c-e54c-4cef-9b16-c1bad02e7fba
30 | sysctl | thias | 1.0.6 | c23fabcc-0d62-4ecb-8ac3-ebe06e9772e6
29 | nfs | derdanne | 2.0.7 | c09f3853-43a8-4d30-b81d-7ce160d8b3b8
28 | stdlib | puppetlabs | 4.24.0 | 9ec2939a-3b08-4fbe-a7ff-1c34984350d7
27 | ssh | saz | 3.0.1 | 99b1c530-fbe7-487a-8842-cfeacc688b74
26 | apache | puppetlabs | 2.3.1 | 93f56575-da3d-41b6-964c-a70af87bcb0c
25 | concat | puppetlabs | 2.2.1 | 9379ce64-6135-4b17-a1c3-5731b0ac89c3
24 | mysql | puppetlabs | 5.3.0 | 92695de8-45c0-4271-832c-5721bdb5ffd9
23 | openldap | camptocamp | 1.16.1 | 924b998d-b361-4f75-9e41-55f825d209da
22 | accounts | puppetlabs | 1.3.0 | 8bf8366e-81f1-4dd1-8de6-9e330e7de759
21 | sssd | sgnl05 | 2.7.0 | 8afc1e88-9d4a-46ad-8107-5d457f4cd740
20 | snmp | razorsedge | 3.9.0 | 8aed966e-e973-4d87-af1d-6f4b63051c32
19 | lisenet_firewall | lisenet | 1.0.0 | 8513e8ec-7cdd-4606-8d8c-92a660dc5da5
18 | corosync | puppet | 6.0.0 | 7b4dba49-c793-47f7-b872-a683a4b8d131
17 | augeasproviders_core | herculesteam | 2.1.4 | 77afedf9-65b8-4168-a8a1-5e534e84462d
16 | pe_gem | puppetlabs | 0.2.0 | 5e639097-072a-4486-bc19-0b3ab6a8bbae
15 | keepalived | arioch | 1.2.5 | 4ff5c45b-0a93-4cbd-8574-1b246363378c
14 | firewall | puppetlabs | 1.12.0 | 3a86241a-3c52-4339-a05d-6f6de0a033ac
13 | rsyslog | saz | 5.0.0 | 330447a4-010a-4cfb-8b99-5cbcf327adaa
12 | systemd | camptocamp | 1.1.1 | 2fea15c7-99d4-49cd-9eea-578c5e249657
11 | ntp | puppetlabs | 7.1.1 | 2fd3c5d5-4943-4f54-bd60-3bd1d73af0d3
10 | translate | puppetlabs | 1.1.0 | 2e46f4e3-34f6-41a0-9466-4b163b87f5d9
9 | selinux | puppet | 1.5.2 | 2e12d841-2801-45d2-a70c-e287d134b1e8
8 | postgresql | puppetlabs | 5.3.0 | 28f11fd1-223b-46fe-a92c-cfc485aa28ef
7 | datacat | richardc | 0.6.2 | 24f45f62-7012-4ac1-809e-3efd9d5d9daa
6 | zabbix | puppet | 6.2.0 | 2426fdbc-9dc2-4cf2-8810-a7702fdd7faa
5 | limits | saz | 3.0.2 | 1b893348-11e9-45e7-9d64-5fb2819c1e96
4 | apt | puppetlabs | 4.5.1 | 13c33cf0-acbe-4369-b44e-def9933e6d87
3 | wordpress | hunner | 1.0.0 | 0f928270-7b36-407b-b603-1efe6e261812
2 | staging | puppet | 3.1.0 | 0a6ffb28-5049-4556-923d-7af3850ece63
1 | java | puppetlabs | 2.4.0 | 081cb24f-cec7-4c12-a203-5685edc1936d
—|————————–|————–|———|————————————-

We can loop the module IDs to add them to the content view:

# for i in $(seq 1 38);do
hammer content-view puppet-module add
–content-view “puppet_content”
–id “$i”; done

Step 7: Publish Puppet Content View

Let us check the environments that we have available before we publish the content view:

# hammer environment list
—|———–
ID | NAME
—|———–
2 | homelab
1 | production
—|———–

The production environment is the default one, and the homelab environment is the one we created manually. Publish Puppet content view:

# hammer content-view publish
–name “puppet_content”
–description “Publishing Puppet modules”

As mentioned earlier, Katello creates a Puppet environment from the Puppet module content view the moment we publish it. Verify:

# hammer environment list
—|————————————
ID | NAME
—|————————————
3 | KT_lisenet_Library_puppet_content_4
2 | homelab
1 | production
—|————————————

We can now associate a host or hostgroup with whatever Puppet environment we want, including the one created for the Puppet module content view.

Step 8: Backup Katello Configuration

Let us create a backup of our Katello configuration so that we don’t lose any changes that we’ve made so far:

# katello-backup /mnt/backup/ –features=all -y

Source

Posted On: Oct 16, 2018

We have published a service level agreement (SLA) for AWS Lambda. We will use commercially reasonable efforts to make Lambda available with a Monthly Uptime Percentage for each AWS region, during any monthly billing cycle, of at least 99.95% (the “Service Commitment”). In the event Lambda does not meet the Service Commitment, you will be eligible to receive a Service Credit as described in the AWS Lambda Service Level Agreement.

AWS Lambda is a compute service that runs your code in response to triggers and automatically manages the compute resources for you, making it easy to build applications that respond quickly to new information.

This SLA is now available in all regions where Lambda is available. For more information on where AWS Lambda is available, see the AWS region table. Please visit our product page for more information about AWS Lambda.

Source