-
Recent Posts
Recent Comments
- systemd unit hardening followup followup | the world needs more puppet! on systemd unit hardening followup
- systemd unit hardening followup | the world needs more puppet! on systemd unit hardening
- Andreas on Dovecot: Apply sieve filter to existing emails
- Feiko Nanninga on Short Tip: Install shellcheck on an outdated CentOS
- Computerkid/Grayson Penland on Linux Short Tip: systemd-networkd and DNS servers
Archives
- February 2022
- January 2022
- August 2020
- June 2020
- January 2019
- November 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- March 2014
- February 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- July 2011
Categories
Meta
Category Archives: Short Tips
Debug systemd and define a loglevel
In the past days I had to debug quite old (up2date “enterprise”) software. It ships with multiple bash and sh scripts that together start a java service. All nicely wrapped into a sysv init script. Wrapped in a systemd unit. … Continue reading
Posted in General, Linux, Short Tips
Leave a comment
systemd unit hardening followup followup
I did some more research on systemd hardening and found another blogpost series that I can highly recommend: https://www.ctrl.blog/entry/systemd-service-hardening.html . The first article is quite similar to mine, but the followup articles go a bit more into details. Check them … Continue reading
Posted in General, IT-Security, Linux, Short Tips
Leave a comment
Puppet PQL Queries
PQL syntax can be a bit tricky/ugly. It took me some time to figure this out so I thought sharing it isn’t a bad idea. Get all nodes with a specific class in their last catalog This gives us a … Continue reading
Posted in General, Linux, Puppet, Short Tips
Leave a comment
systemd unit hardening followup
at https://blog.bastelfreak.de/2022/01/systemd-unit-hardening/ I blogged about systemd hardening. While doing some research for a followup post I discovered https://docs.arbitrary.ch/security/systemd.html. This covers *a lot* about systemd hardening and general linux optimization. I can highly recommend reading the whole documentation (and it kinda … Continue reading
Posted in General, IT-Security, Linux, Short Tips
1 Comment
Migrate CentOS 8 to AlmaLinux
CentOS 8 is dead since the end of 2021 (while CentOS 7 still has support but is really really old). There are a few alternatives. You can upgrade to CentOS Stream, to AlmaLinux or Rocky Linux. CentOS Stream is an … Continue reading
Posted in Linux, Short Tips
Leave a comment
Dovecot: Apply sieve filter to existing emails
I recently restructured my email setup and updated my sieve filter (server side email filtering). I now have a sieve configuration file that’s way stricter. Many of the emails in my INBOX would now be sorted into subfolders, but Dovecot … Continue reading
Posted in General, Linux, Short Tips
1 Comment
Thunderbird: Hide local hostname in mailheaders
By default, thunderbird uses the local hostname within the SMTP-Submission dialog with the mailserver. There might be situations where you have a hostname that exposes private data, like a company name. Sometimes this is very helpful for debugging, but sometimes … Continue reading
Short Tip: Install shellcheck on an outdated CentOS
I’ve to install shellcheck on a CentOS 7 box, this is the latest CentOS version. The tool is a great linter for bash scripts, which I want to integrate into our CI pipeline. shellcheck isn’t packaged so I will build … Continue reading
Posted in General, Linux, Short Tips
2 Comments
Short Tip: Installing msgpack on outdated boxes (ruby1.9.1)
I’m using msgpack to serialize the data between my puppet agents and the masters. Recently I had to puppetize an old Debian Wheezy box. I’ve to install msgpack in advance: # gem install msgpack Building native extensions. This could take … Continue reading
Posted in General, Linux, Puppet, Short Tips
Leave a comment
Linux Short Tip: systemd-networkd and DNS servers
You maybe have noticed that you can configure DNS servers in your systemd-networkd settings, but these addresses don’t appear in /etc/resolv.conf. You need to enable/start systemd-resolved, this daemon checks global DNS settings in /etc/systemd/resolved.conf, DNS settings for each link from … Continue reading
Posted in 30in30, General, Linux, Short Tips
2 Comments