I have a FreeIPA server with the following information: FreeIPA server: utility.lab.example.com FreeIPA realm: LAB.EXAMPLE.COM FreeIPA domain: lab.example.com I want to add 2 normal users: User Login: rhvadmin, First Name: RHV, Last Name: Admin, Password: CentOS123^ User Login: normaluser, First Name: Normal, Last Name: User, Password: CentOS123^ [root@utility ~]# ipa user-add rhvadmin --first RHV --last Admin --password Password: CentOS123^ Enter Password again to verify: CentOS123^ --------------------- Added user "rhvadmin" --------------------- User login: rhvadmin First name: RHV Last name: Admin Full name: RHV Admin Display name: RHV Admin Initials: RA Home directory: /home/rhvadmin GECOS: RHV Admin Login shell: /bin/sh Principal name: rhvadmin@LAB.EXAMPLE.COM Principal alias: rhvadmin@LAB.EXAMPLE.COM User password expiration: 20201204121711Z Email address: rhvadmin@lab.example.com UID: 1829600001 GID: 1829600001 Password: True Member of groups: ipausers Kerberos keys available: True [root@utility ~]# ipa user-add normaluser \ > --first Normal --last User --password Password: CentOS123^ Enter Password again to verify: CentOS123^ ... The rhvadmin will be asked to change the password on its first login. To prevent this from happening, we can change the user’s password with kpasswd util. ...

Again, just a quick note to remind myself how to attach a disk to a VM guest from the command line. The following steps is based on these assumptions: A spare disk: an LVM volume name db2_data on data volume group The name/domain of the VM is db2 List the name of the VM guest and available logical volume. [root@mathvm5 ~]# virsh list | grep db2 20 db2 running [root@mathvm5 ~]# lvs | grep db2 db2 vm -wi-ao---- 80.00g db2_data vm -wi-a----- 128.00g Run virsh attach-disk command to attach a disk to a VM. Notice that –persistent option is passed to the command so that this new disk will be permanently attached to the VM. ...

I have a FreeIPA server with the following information. FreeIPA server: utility.lab.example.com FreeIPA realm: LAB.EXAMPLE.COM FreeIPA domain: lab.example.com. I want to insert a few DNS records: hosta.lab.example.com - 172.25.250.10 hostb.lab.example.com - 172.25.250.11 hostc.lab.example.com - 172.25.250.12 hostd.lab.example.com - 172.25.250.13 bastion.lab.example.com - 172.25.250.254 And I’d like to use the command line to do this. Acquire the admin’s Kerberos ticket. [root@utility ~]# kinit admin Password for admin@LAB.EXAMPLE.COM: List the DNS zones. [root@utility ~]# ipa dnszone-find Zone name: 250.25.172.in-addr.arpa. Active zone: TRUE Authoritative nameserver: utility.lab.example.com. Administrator e-mail address: hostmaster.lab.example.com. SOA serial: 1606798502 SOA refresh: 3600 SOA retry: 900 SOA expire: 1209600 SOA minimum: 3600 Allow query: any; Allow transfer: none; Zone name: lab.example.com. Active zone: TRUE Authoritative nameserver: utility.lab.example.com. Administrator e-mail address: hostmaster.lab.example.com. SOA serial: 1606798523 SOA refresh: 3600 SOA retry: 900 SOA expire: 1209600 SOA minimum: 3600 Allow query: any; Allow transfer: none; ---------------------------- Number of entries returned 2 ---------------------------- Find DNS record whose name contains “hosta” (e.g. hosta.lab.example.com) [root@utility ~]# ipa dnsrecord-find lab.example.com. --name hosta ---------------------------- Number of entries returned 0 ---------------------------- Add a record name hosta.lab.example.com with IP 172.25.250.10. [root@utility ~]# ipa dnsrecord-add lab.example.com. \ > hosta \ > --a-rec 172.25.250.10 Record name: hosta A record: 172.25.250.10 [root@utility ~]# ipa dnsrecord-find lab.example.com. --name hosta Record name: hosta A record: 172.25.250.10 ---------------------------- Number of entries returned 1 ---------------------------- Repeat the above steps for hostb, hostc, and hostd [root@utility ~]# ipa dnsrecord-add lab.example.com. hostb --a-rec 172.25.250.11 Record name: hostb A record: 172.25.250.11 [root@utility ~]# ipa dnsrecord-add lab.example.com. hostc --a-rec 172.25.250.12 Record name: hostc A record: 172.25.250.12 [root@utility ~]# ipa dnsrecord-add lab.example.com. hostd --a-rec 172.25.250.13 Record name: hostd A record: 172.25.250.13 Add a record name bastion.lab.example.com with IP 172.25.250.254 [root@utility ~]# ipa dnsrecord-add lab.example.com. bastion --a-rec 172.25.250.254 Record name: bastion A record: 172.25.250.254 I just realized that all my DNS records do not have reverse records created for them. There are 2 ways to achieve this. First is to create a PTR records for each record above. The second option is to delete the existing record, and create a new one with PTR record created automatically. ...

Dell just released a new BIOS firmware of the Latitude 7400 series. This firmware was released on 23 Nov 2020. Fixes: Modified the default settings of the Intel Rapid Storage Technology driver. Firmware updates to address the Intel Technical Advisory INTEL-TA-00391 (CVE-2020-8753, CVE-2020-8745, CVE-2020-8705, CVE-2020-8757, CVE-2020-8756, CVE-2020-8760, CVE-2020-8751, CVE-2020-8754, CVE-2020-8747, CVE-2020-8746, CVE-2020-8749 CVE-2020-8752, CVE-2020-12303, CVE-2020-12355, and CVE-2020-12356). Firmware updates to address the Intel Security Advisory INTEL-SA-00358 (CVE-2020-0587, CVE-2020-0591, CVE-2020-0592, and CVE-2020-0593). Firmware updates to address the Intel Security Advisory INTEL-SA-00381 (CVE-2020-8696 and CVE-2020-8698). Firmware updates to address the Intel Security Advisory INTEL-SA-00389 (CVE-2020-8694 and CVE-2020-8695). Firmware update to address CVE-2020-26189. Enhancements: ...

I need to have an iSCSI storage to be used by my oVirt lab. The last time I had to create an iSCSI target was during the preparation of the RHCE 7 exam. Therefore, I think this is an opportunity to practice doing this again. First, install the required package. Then enable the target service, otherwise the target won’t work on the next reboot. [root@utility ~]# dnf install targetcli -y [root@utility ~]# systemctl enable target Run the targetcli command to create an iSCSI target/storage using the storage block (/dev/mapper/data_iscsi LVM volume). ...