sudo: effective uid is not 0, is sudo installed setuid root

When messing with up acl’s you may come across situation where the sudo will be stopped from functioning.  Especially , when you typed sudo you may notice the error “sudo: effective uid is not 0, is sudo installed setuid root”.

To diagnose the issue

Step1:
Check the /etc/sudoers file , whether you have added the group or the user name in the sudoers file for e.g: user abc

abc        ALL=(ALL)       NOPASSWD: ALL

Step2: if the output of the step 1 is correct check the permission on sudo as below (Output of a working sudo)

# ls -l /usr/bin/sudo
—s–x–x 2 root root 190904 Mar 4 18:21 /usr/bin/sudo

# stat /usr/bin/sudo

Access: (4111/—s–x–x) Uid: ( 0/ root) Gid: ( 0/ root)

In case , if you find the output of Step 2 is not matching with yours you can reset the permission to default

# rpm –setperms sudo.

 

 

May 11, 2020 at 12:35 pm Leave a comment

VMware PowerCLI

In this post , I am going to cover the PowerCLI module for VMware. Whenever, I came across a new cmd-let , I will update this post.

First things first, You need to install the PowerCLI. Now , the Windows Powershell have the VMware PowerCLI module. So you could simply install it by.


PS> Install-Module -Name VMware.PowerCLI

Then import it before using the Power CLI.

# To verify the version:
PS> Get-PowerCLIVersion

# To login to VCenter
PS> Connect-VIServer -Server “vcenterhostname”

# To Suppress the Certificate Warning/Error
Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false

#To list the VM’s with their creation date.
Get-VM | fl Name,CreateDate


March 23, 2020 at 1:25 pm Leave a comment

How to re-configure /configure IPMI using ipmitool in ESXi

This post covers the steps needed to assign / change IP address for IPMI without logging in to IPMI Portal or restarting the server. The tool we are going to use is ipmitool builtin to ESXi.

To get the current IPMI IP Details
#/ipmitool lan print 1

[root@esxi]# /ipmitool lan set 1 ipsrc static

[root@esxi]# /ipmitool lan set 1 ipaddr x.x.x.x
Setting LAN IP Address to x.x.x.x

[root@esxi]# /ipmitool lan set 1 netmask x.x.x.x
Setting LAN Subnet Mask to x.x.x.x

[root@esxi]# /ipmitool lan set 1 defgw ipaddr x.x.x.x
Setting LAN Default Gateway IP to x.x.x.x

[root@esxi]# /ipmitool lan set 1 defgw macaddr xx:xx:xx:xx:xx:xx
Setting LAN Default Gateway MAC to xx:xx:xx:xx:xx:xx

[root@esxi]# /ipmitool lan set 1 arp respond on
Enabling BMC-generated ARP responses

[root@esxi]# /ipmitool lan set 1 snmp public
Setting LAN SNMP Community String to public

[root@esxi]# /ipmitool lan set 1 auth ADMIN MD2,MD5,PASSWORD

[root@esxi]# /ipmitool lan set 1 access on

Source:https://portal.nutanix.com/#page/kbs/details?targetId=kA0600000008db6CAA

March 19, 2020 at 1:11 pm Leave a comment

How can I create a disk partition on a disk that is greater than 2TB in size on Red Hat Enterprise Linux?

When we try to partition a disk that is larger than 2 TB , you must use the parted utility instead of fdisk. In this example I am referring to my disk as /dev/sdj

#parted /dev/sdj
Using /dev/sdj
Welcome to GNU Parted! Type ‘help’ to view a list of commands.
(parted)

#(parted) mklabel —–> This will create a GPT label on the disk.
Warning: The existing disk label on /dev/sdj will be destroyed and all data on this disk will be lost. Do you want to continue?
Yes/No? Yes
New disk label type? [gpt]? gpt
(parted)

(parted) print  

Model: Linux device-mapper (dm)
Disk /dev/sdj: 5662310.4MB ————-> Note down this value as we will be using it the below commands)
Sector size (logical/physical): 512B/512B
Partition Table: gpt

Number Start End Size File system Name Flags

Create the partition:
(parted) mkpart primary 0 5662310.4MB

(parted) print ——–> Use this command to verify the partition created.

Unlike , the fdisk , you don’t need to issue the write command to save the changes. Simply type quit to exit from the parted utility. Thereafter , you could proceed with the file system creation.

Root Cause

The fdisk command only supports the legacy MBR partition table format (also known as msdos partition table)

* MBR partition tables use data fields that have a maximum of 32 bit sector numbers, and with 512 bytes/sector that means a maximum of 2^(32+9) bytes per disk or partition is supported.
*MBR partition table can not support accessing data on disks past 2.19TB due to the above limitation
Note that some older versions of fdisk may permit a larger size to be created but the resulting partition table will be invalid.

The parted command can create disk labels using MBR (msdos), GUID Partition Table (GPT), SUN disk labels and many more types.

* The GPT disk label overcomes many of the limitations of the DOS MBR including restrictions on the size of the disk, the size of any one partition and the overall number of partitions.
* Note that booting from a GPT labelled volume requires firmware support and this is not commonly available on non-EFI platforms (including x86 and x86_64 architectures).

Source:
https://access.redhat.com/solutions/4281 

March 15, 2020 at 12:59 pm Leave a comment

How to download ISO/Disk Images from Nutanix Image Service.

Hi Folks

Unlike VCenter , there is no straightforward method to download the ISO’s or Disk Images you have uploaded to the Image Service.(In VCenter , you could perform both upload / download files from the datastore).

In Nutanix AHV , you need to run the below commands to achieve the same results.(As per Nutanix , this need to be done , under Nutanix Support only).

#Login to any of the CVM.
# nuclei image.list —-> This will list all the images with the UUID
###### EXAMPLE OUTPUT ######
Name UUID State
MyISO yyyyyyyyyyyyyyyyyyyyyyyyyyyyyy COMPLETE
###### EXAMPLE OUTPUT ######

# nuclei image.get yyyyyyyyyyyyyyyyyyyyyyyyyyyyyy –> Get the Cluster UUID.
###### EXAMPLE OUTPUT ######
current_cluster_reference_list:
– kind: cluster
uuid: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
###### EXAMPLE OUTPUT ######

# ncli multicluster get-cluster-state | grep -C5 <xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> –> This will get the cluster name:
###### EXAMPLE OUTPUT ######
Cluster Id : xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Cluster Name : MYCLUSTER
Is Multicluster : false
Controller VM IP Addre… : [x.x.x.x. …………………………………….]
External or Masqueradi… : y.y.y.y (Cluster IP)
###### EXAMPLE OUTPUT ######

NOTE : The above commands are used , when you are managing multiple cluster via PC , and you need to locate the image and in which cluster the image is stored.

Thereafter , run the below command from your workstation (You must have curl installed , and the command must be run from the bin folder , where the curl is installed)

curl-7.68.0-win64-mingw\bin>curl –user “Prism Username”:Password” –insecure https://y.y.y.y.:9440/api/nutanix/v3/images/ac799
d52-60e3-448f-a0f9-d4de756b0d01/file –output SQL.iso

NOTE: Replace “Prism Username”:Password” with the actual username & password use to access the Prism Cluster with out any quotes.

February 3, 2020 at 3:45 pm Leave a comment

How to install and configure LAPS

Recently , we had to deploy LAPS on one of our client environment. The requirement was to manage the local administrator password of all the domain joined workstations / servers via centrally. I used the below guides to complete the installation .(Kudos to the blog owners)

Source1:

https://scripting.rocks/sysadmin/laps/

Source2:

https://vaishnaav.files.wordpress.com/2019/12/step-by-step-guide-to-deploy-microsoft-laps-1.pdf
(via :prajwaldesai.com).

In addition to the above you may come across the below issues.

  • Unable to configure the Group Policy using the LAPS Administrator Template or missing LAPS Administrator Templates.

    Solution: You need to run the laps installation on the DC and remove all the options and select only ” GPO editor templates”

  • Manual Password reset via Fat Client / Command Line is not working.

    Solution : You need to run the GPupdate after the manual password reset on the computer where you are changing the password.

Good Luck.

December 15, 2019 at 2:29 pm Leave a comment

Nutanix Command Library

I have decided to write this post to record all the Nutanix commands that we rarely use in our routine work , But essentially important for better understanding the environment. All these commands can be run from any CVM , unless I will be specifying it.

How to identify the Acropolis Master in an AHV Cluster.

# links -dump http:0:2030

How to identify the Prism Leader

# curl http://0:2019/prism/leader && echo

How to disable/enable the HA on a VM.(By default all the VM’s are protected with HA .

+ Login to CVM and then type “acli”

# vm.update “VM Name” ha_priority=-1 ( To disable the HA)

# vm.update “VM Name” ha_priority=0 ( To enable the HA)

# vm.get “VM Name” – To confirm the change. But by default , you will not see the field ha_priority parameter unless you disable and then enable it manually.

How to find out the BIOS version on all the hosts.

# in the CVM
for i in hostips; do echo ESX $i ; ssh root@$i ‘smbiosDump | head | grep
Version’ 2>/dev/null ; done


October 15, 2019 at 12:19 pm Leave a comment

Older Posts


Archives

Categories

Follow Hope you like it.. on WordPress.com

Blog Stats

  • 30,388 hits

%d bloggers like this: