In my case krb5kdc ist running out of leck mich, cause the host system hasn't realy enough system resources.

The correct thing to do is adjust net.ipv4.tcp_max_syn_backlog to a high enough value that it no longer fires this warning.

You will probably also want to adjust the TCP stack in general to have more memory.

Continue reading...

Sometimes you'll need to setup a single point of authentification for e.g. to centralize stuff. 

I've found a nice Document, about Integrating Linux systems with Active Directory using Open Source Tools from 2017.

https://www.heinlein-support.de/sites/default/files/slac2017_Integrating-Linux-Systems-With-Active-Directory-Using-OpenSource-Tools.pdf

Redhat, Autor: Torsten Scherf

And an additional Link from Redhat with an interesstig post from Dmitri Pal from 2014.

https://rhelblog.redhat.com/2015/02/04/overview-of-direct-integration-options/

 

 

 

Continue reading...

is about a locale issue during a foreman setup on CentOS 7.

locale environment variables were bad; continuing with LANG=C

In my case the output of locale -a showed en_US.utf8 but the output of env and the line line in /etc/locale.conf reads different.
en_US.UTF-8 which seams to be wrong or not translated correctly.
Long Story short, either export the correct settings or update the /etc/locales.conf file so that it read like this for example

LC_ALL=en_US.utf8
LANG=en_US.utf8
LANGUAGE=en_US.utf8

Continue reading...

short but sweet

firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload

Continue reading...

as a fix solution you can use google, as smtp relay for e.g. notifications. In this example I am working on a Fedora 27 Host.

Install needed packages

dnf -y install postfix mailx cyrus-sasl-plain

Restart and enable services

systemctl restart postfix && systemctl enable postfix

Adjust /etc/postfix/main.cf depends your needs (marked in red)

myhostname = zuerich.tuxclouds.org

relayhost = [smtp.gmail.com]:587
smtp_use_tls = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous

Setup the secret

vim /etc/postfix/sasl_passwd
[smtp.gmail.com]:587 username:password

Issue the command postmap to read the new secret

postmap /etc/postfix/sasl_passwd

Set correct owner and permissons

chown root:postfix /etc/postfix/sasl_passwd
chmod 640 /etc/postfix/sasl_passwd

Reload the service

systemctl reload postfix

Verify the setup, by sending you a Test Notification Mail

echo "Test Mail" | mail -s "Test Notification Mail" joe@example.net

 

Continue reading...