Tip: Importing multiple CentOS Linux DVDs into Cobbler

Linux distributions are getting larger and larger; CentOS 6.0 64-bit won’t fit on a single DVD anymore. A Cobbler-based provisioning server will normally import only one DVD. So, how do you get around this?

  1. Import the first DVD as usual
  2. Manually add content from the second DVD

Import the first DVD (ISO image):

  mkdir /mnt/dvd1; mount -o ro,loop /tmp/CentOS-6.0-x86_64-bin-DVD1.iso /mnt/dvd1

  DISTRO=centos60-x86_64
  cobbler import --name=${DISTRO} --path=/mnt/dvd1

Watch the output from Cobbler closely – it will basically tell show you the commands you need to import the second DVD ;-)

Import the second DVD (ISO image):

  mkdir /mnt/dvd2; mount -o ro,loop /tmp/CentOS-6.0-x86_64-bin-DVD2.iso /mnt/dvd2

  rsync -a  '/mnt/dvd2/' /var/www/cobbler/ks_mirror/${DISTRO} --exclude-from=/etc/cobbler/rsync.exclude --progress
  COMPSXML=$(ls /var/www/cobbler/ks_mirror/${DISTRO}/repodata/*comps*.xml)
  createrepo -c cache -s sha --update --groupfile ${COMPSXML} /var/www/cobbler/ks_mirror/${DISTRO}

Done! You have now added the contents of the second DVD to your existing “ks_mirror” directory and updated the Yum repodata.

Update 2011.08

  • FIXED: Forgot the trailing / on the DVD2 mount point '/mnt/dvd2/'. Otherwise, the rsync command will create a 'dvd2' subdirectory.

Tip: Fedora 14 and Dropbox

The current version of Dropbox does not behave nicely on Fedora 14 – the Dropbox update daemon attempts to execute code from stack. This is prohibited by SELinux (and rightly so).

There is a workaround (taken from the Dropbox Support forum):

  /usr/bin/execstack -c ~/.dropbox-dist/_ctypes.so

Let’s hope that Dropbox releases a proper fix for this problem soon.

Passed the RHCSA and RHCE exams!

My RHCE certification (RHEL 4) was no longer current so I had to re-take the exam with RHEL 6. I decided to take the 4-day course (RH300) as well as the exam (EX300) in one week but it turned out to be quite the obstacle-course:

  • Monday. The first day of the course: while waiting in Amsterdam for the trainer to arrive, we were informed that he had fallen ill – course canceled, no backup trainer available. Meh.
  • A couple of weeks later, the course finally starts with Sander van Vugt as trainer, someone else will proctor the exam (Friday). Things start to look good ;-)
  • Friday: while waiting in Amersfoort for the proctor to arrive, we hear he’s had an accident and the exam will have to be canceled. No backup proctor available. More meh.

Fortunately, Red Hat tried their best to remedy the situation and got Wander to proctor an extra exam on Tuesday. Pffff, what a journey…

But the good news: I PASSED both exams! Yay! Time for beer and BBQ, celebrations are in order ;-)

Tip: Configuring network aliases with NetworkManager on Fedora 14

Linux supports the concept of “network aliases”; a NIC with more than one IP-address.

Previously, with networking managed by /etc/init.d/network, you would create a configuration file (/etc/sysconfig/network-scripts/ifcfg-eth0:0) holding the IP-address information for alias “0” of network interface “eth0“.

With NetworkManager, things become more complicated for non-trivial network configurations. The primary interface settings are in /etc/sysconfig/network-scripts/ifcfg-eth0 as usual:

  DEVICE="eth0"
  NM_CONTROLLED="yes"
  ONBOOT=yes
  HWADDR=00:04:23:C0:FF:EE
  TYPE=Ethernet
  BOOTPROTO=dhcp
  DEFROUTE=yes
  PEERDNS=yes
  PEERROUTES=yes
  IPV4_FAILURE_FATAL=yes
  IPV6INIT=no
  NAME="System eth0"
  UUID=5fb06bd0-0bb0-7ffb-45f1-deadbeefc0ffee

Based on a comment by Cristiano, I added a script to NetworkManager that would take care of configuring any network aliases that might be defined:

  $ cat /etc/NetworkManager/dispatcher.d/00-aliases
  #!/bin/bash
  # Based on comment by Cristiano, http://mihai.ibanescu.net/networkmanager-and-virtual-interfaces
  
  iface="$1"
  shift
  action="$1"
  shift
  
  if [ "$action" = "up" ]; then
    for ALIAS in /etc/sysconfig/network-scripts/ifcfg-$iface:*; do
      ALIAS=`echo $ALIAS | cut -d: -f 2`
      /sbin/ifup $iface:$ALIAS
    done
  fi
  # EOF

Note: This script needs to be executable.

The alias settings are configured in /etc/sysconfig/network-scripts/ifcfg-eth0:0

  DEVICE="eth0:0"
  NM_CONTROLLED="no"
  BOOTPROTO=static
  IPADDR=172.16.0.1
  NETMASK=255.255.0.0

The essential ingredient here is “NM_CONTROLLED=no” (thanks to IRC @so_solid_moo, #fedora). Without that setting, NetworkManager will treat your alias as a real device and mess up your network accordingly ;-)

Tip: Encrypted passwords, just add salt

You can generate encrypted password strings (hashes) using the openssl utility.

You need to supply both a “salt” string and the password you wish to encrypt:

  # openssl passwd -1 -salt MoreSalt ThePassword
  $1$MoreSalt$Cvu.5MdMq1BjAsFp1oc.f/

The following command line generates a random 8-character salt string:

  # openssl rand -base64 6

Combine these into a single command line that uses a different random salt on each invocation:

  # openssl passwd -1 -salt $(openssl rand -base64 6) ThePassword
  $1$XpOpurgQ$41bulzoCV8viFy37EX6jk.

Read on for a comparison between old crypt()-style passwords and the current md5-style shadow passwords. Continue reading “Tip: Encrypted passwords, just add salt”