Posts tagged ‘rhel’

Free Radius : Auth: (0) Invalid user (Rejected: User-Name contains multiple ..s): [xxx]

Recently we performed a Yum update on our Free Radius Server. The newer version is FreeRADIUS Version 3.0.13. At that time , we started receiving complains from the users that they are not able to login to the network devices.

After reviewing the logs , we noticed the error “Auth: (0) Invalid user (Rejected: User-Name contains multiple ..s)” being logged during the authentication. This is due to the changes applied in the filter file(/etc/raddb/policy.d/filter ).

Before Update:

if (&User-Name =~ /\\.\\./ ) {

After Update:

if (&User-Name =~ /\.\./ ) {

The new Regex syntax style doesn’t escape backslashes anymore. So you need to ensure that the correct_escapes = true property is set in /etc/raddb/radiusd.conf.

Source:https://access.redhat.com/solutions/3241961

September 27, 2020 at 11:34 am Leave a comment

sudo: effective uid is not 0, is sudo installed setuid root

When messing with up acl’s you may come across situation where the sudo will be stopped from functioning.  Especially , when you typed sudo you may notice the error “sudo: effective uid is not 0, is sudo installed setuid root”.

To diagnose the issue

Step1:
Check the /etc/sudoers file , whether you have added the group or the user name in the sudoers file for e.g: user abc

abc        ALL=(ALL)       NOPASSWD: ALL

Step2: if the output of the step 1 is correct check the permission on sudo as below (Output of a working sudo)

# ls -l /usr/bin/sudo
—s–x–x 2 root root 190904 Mar 4 18:21 /usr/bin/sudo

# stat /usr/bin/sudo

Access: (4111/—s–x–x) Uid: ( 0/ root) Gid: ( 0/ root)

In case , if you find the output of Step 2 is not matching with yours you can reset the permission to default

# rpm –setperms sudo.

 

 

May 11, 2020 at 12:35 pm Leave a comment

Using RHEL Subscription in Virtual Data Center.

Hi All

Recently I got an opportunity to work in a project that involved with RHEL 7.4 Deployment. This projects required several VM’s as it was intended to use Kubernetes on RHEL. In this post I am focusing on how to register the RHEL VM’s using the  RHEL Virtual DataCenter Subscription licenses. In my case VMware was being used as the Hypervisor.

Once you procure the required license and RH Customer portal access is ready. You need to configure virt-who on one of the VM’s(This VM does not need to be the production VM , as I prefered in my case). Below steps will outline the process.

  •  On the newly created VM , you need to install the virt-who (using the RHEL Media as the REPO. This VM will be the virt-who host).
  • Run the command subscription-managaer register
  • Run the command subscription-manager idenetity.(Note down the value for Org ID as you will use it in the below steps)
  •  Browse to /etc/virt-who.d .
  • In order to create the configuration file you could use the URL https://access.redhat.com/labs/virtwhoconfig/ as it provide a step-by-step wizard to create the required entries.
  • Copy the the contents to a file in the folder mentioned in step-4
  • name of the file should match with the configuration name in the file created by the wizard.(File extension should be .conf)
  • Edit the virt-who file /etc/sysconfig/virt-who and add the below
    VIRTWHO_INTERVAL=300
    VIRTWHO_BACKGROUND=1
    VIRTWHO_DEBUG=1
  • Run the command virt-who  –one-shot(This will verify the configuration parameter’s are correct)
  • Then start the virt-who services(systemctl start virt-who)
  • Run the command on the virt-who VM
    subscription-manager attach –auto
  • On the remaining VM’s run
    subscription-manager register
    subscription-manager  attach –auto. (You don’t need to configure virt-who services on the other VM’s)

    That’s it login to RHEL portal and verify that you could see the Hypervisor and the VM’s

NOTE1: When creating the virt-who.conf you need to provide a username & password who have access to your VCenter server .This user needs only a Read-Only Permission

NOTE2: For best practices you could configure 2 VM’s with virt-who services.

NOTE3: You should be able to see the ESXi host and the VM’s in the URL -https://access.redhat.com/management/systems. You need to ensure that the proper subscription has been entitled to both.

 

April 8, 2018 at 3:03 pm Leave a comment

How to check the Physical Status of Network Card in Linux

On Linux servers the status of NIC cards cannot be determined via the ipconfig command alone , in that case you could use one of the below commands to get the required infromation

# mii-tool eth0

# cat /sys/class/net/eth0/operatestate

# ethtool eth0

# ip link ls dev eth0

 

Source:https://linuxsupporttips.wordpress.com/2011/08/01/how-to-check-physical-network-link-status-on-linux-rhelcentos/

Good Luck .

 

 

 

 

March 14, 2017 at 12:53 pm Leave a comment


Archives

Categories

Follow Hope you like it.. on WordPress.com

Blog Stats

  • 41,607 hits

%d bloggers like this: