sudoedit.com!

This incident will be reported. 😑

Latest Posts

Sep 5, 2020

How to log sudo commands with auditd

Trust but verify This post is about the audit daemon (auditd) that is available for most Linux systems. Recently I’ve been looking at alternative ways to monitor sudo users on the servers I manage. Generally speaking it’s a good practice to keep an audit trail on managed systems. From a purely security perspective the more auditing you have on a system the easier any incident response should become when you need it. Read more
Jul 25, 2020

Putting it all together - Podman WordPress hosting

Time to hang the mission accomplished banners! This site is 100% powered by Podman containers! It’s been a long, hard road but we made it! Around 2 months ago, way back at the end of May, I said that I was going to migrate this site, along with the others I host into containers using the Podman container engine. As of now (2 weeks ago really) that work is done. Read more
Jun 29, 2020

WordPress behind an Nginx reverse proxy

Because apparently I can’t leave well enough alone. In this post, I’ll dive into how I went about setting up an Nginx reverse proxy for this WordPress site, and some of the challenges I ran into along the way. This was a task that proved to be more challenging than I anticipated, and there were moments that I questioned my ability to get it working. - It’s also got me wondering if my next project should be migrating to a static site generator. Read more
Jun 10, 2020

MariaDB migration to Podman

If you’ve been following along with my attempt to migrate this Wordpress site into container services with Podman then you will be happy to know that I’ve achieved the first milestone. The database for this site now resides pleasantly in a rootless Podman container. One of the major reasons I wanted to try Podman was that, outside of installing the package itself, everything I wanted to run could be achieved as a non-root, non-privileged account. Read more
Jun 6, 2020

Podman, SELinux, and systemd

In my previous post about migrating this site to Podman, I laid out a rough outline of my plan to move forward with Podman. Step one was to move the database into a container. I have a few updates on my progress, and some tips to share regarding selinux, and containers that have systemd running for service control. I’ve basically been starting from scratch on this - I don’t have any experience with other container platforms like Docker, I have had some limited exposer to lxd on Ubuntu systems, but I’ve always treated them as live systems – more like a VM than a container. Read more
May 27, 2020

Host list with Hammer CLI

On occasion I need to pull a host list from Satellite 6; and while using the web ui is often simple enough, the hammer cli that comes with foreman is often faster. Here is a quick way to get a full host list: hammer host list That command will print list of all hosts registered with your Satellite server. Filter by OS major version Often when I’m generating this list it’s because someone has asked me something like: “How many RHEL 5, servers do we have? Read more

Contact

If you’d like to get in touch, contact with me via email - or follow on Twitter.

[email protected]