Kind of finally. SuSE https://www.suse.com/news/SUSE-Preserves-Choice-in-Enterprise-Linux/

So... I think this is kind of the worst case scenario re SuSE - an actual fork. But Oracle kind of hints at that, and Amazon already dropped a RHEL compatible AWS Linux for sort of a Fedora Server?

Obviously none of this is great, but would anyone really want Oracle leading a RHEL "close as possible" rebuild? I don't know anyone is going to downstream them.

SuSE is even weirder, as I understand it, SLE/OpenSuSE is a fork from decades ago, or at least also uses RPM? I can't imagine they get any value from trying to make a RHEL fork really... Why not push SLE? All very confusing, that's for sure.

Hello c/sysadmin, and welcome to the Patch Megathread! I'm editing this post and leaving it up as a single catch-all sticky post for patch days for the time being, since we're not seeing enough activity to warrant new threads IMO. If someone wants to help moderate / curate content and actively create new patch day posts, please let me know and I'll add you to the mod team.

This is the place to talk about the latest patches, updates, and releases. We put this thread into place to help gather all the information about this month's updates: What is fixed, what broke, what got released and should have been caught in QA, etc. We do this both to keep clutter out of the community, and provide a singular resource to read.

While this thread is timed to coincide with Microsoft's Patch Tuesday, feel free to discuss any patches, updates, and releases, regardless of the company or product.

Remember the rules of safe patching:

• Deploy to a test/dev environment before prod.
• Deploy to a pilot/test group before the whole org.
• Have a plan to roll back if something doesn't work.
• Test, test, and test!

Hey all, in my company we've been having a lot of trouble with our first-line support team and I wanted to get some ideas how it works in other companies.

To give some context, I work in a Customer Team (L2-L3 Support) for a MSP, previously I belonged to the Internal Operations Team and they had a very negative view on the first-line team, with opinions like:

• we don't need them
• they lack knowledge
• management can't create a good first-line team because they don't want to invest

But I didn't interact a lot with them before, but now, I have to interact with them on a daily basis, and I see some things that have started to make me worried about the team:

• They ignore KB's
• They say that they don't have access to certain servers, or that they don't find the correct credentials and just pass the ticket for us to solve
• They have people that lack knowledge in some basic support, I have had tickets passed on with notes like "I don't know how to use Linux"

From my point of view and the team I belong now, we all think that management didn't really verify the required knowledge for some members of that team, but they really have a few that are trying really hard to improve their skills.

We have started to try to help them, so that our job can also become easier:

• Improve the language in legacy KB's
• Simplify the process in the monitoring platform with more directions
• Automating some processes so that the first-line can execute fixes without having the required knowledge on the backend
• Picking the best members of their team and promoting them to our team

That team also has some problems that I fully recognize:

• Shit pay
• Bad leadership, that team has had 6 different Team Leaders in a short time (I have been here for only 2 years)
• Lacking interview and requirements for the position

Sorry for the long text, would love to have some feedback from your sides, or is this normal in a lot of companies?

Suncor is replacing employee computers after a cybersecurity incident last week shut down debit and credit processing at Petro-Canada gas stations across the country, among a series of other security measures at the Calgary-based company.

"Normally you wouldn't expect hardware to be compromised so fully that you need to replace everything,"

What are you favourite/useful rsync tricks these days?

Mine is rsync -r --chown=AUSER:AGROUP SRC DST to copy the files and change the ownership on the fly.

I got my new PC for about 3 or 4 months. Today, I was using my PC as usual and suddenly everything stopped reacting. Rebooting just boots be into the UEFI interface. Which is very concerning.

Then I got a liveusb to look into what's happening. Upon using smartctl. It shows that my SSD have 0% spare capacity despite only writing 15TB to it.

So far, I knew that Samsung's EVO 980 and 990 SSDs have a firmware bug that can cause this. But this is the 1st time I know of 970 Pros having this issue.

I know there's a lot of servers using consumer drives for their system. Be careful and check if you are using a 970. If so, check the spare capacity RIGHT NOW and decided if to upgrade the firmware or RMA the product.

It started off with an employee sending an email to a distribution list called "Bedlam DL3" asking to be taken off the list. With 13,000 recipients and everyone replying all with, "Me too!" and other messages, it was estimated that over 15 million messages were sent through the system in an hour. This crashed the MTA service due to a recipient limit. Each time the MTA service recovered, it would attempt to resend the message again which lead to a crash loop.

As a result of the incident, the Exchange team introduced message recipient limits and distribution list restrictions to Exchange, which is something we all use today!

More on the story here: https://techcommunity.microsoft.com/t5/exchange-team-blog/me-too/ba-p/610643

cross-posted from: https://techy.news/post/2224

Looks like OWA is down for some users, the rest of the O365 apps appear to be fine.

Monitoring and observability tools commit the cardinal sin of tricking people into thinking monitoring is an easy problem. It is very simple to monitor a small application or service. Almost none of those approaches scale.

Hey like the title says I'm looking for a way to keep up with outages and vulnerabilities. I mostly used r/sysadmin to alert me to things, but given everything I don't want to go to reddit if I don't have to.

If I can have my preference I just want one point to check at least until the numbers build up here and it becomes the go to place for that info. Anybody know of anything?

VMSA-2023-0014 - VMware vCenter Server updates address multiple memory corruption vulnerabilities (CVE-2023-20892, CVE-2023-20893, CVE-2023-20894, CVE-2023-20895, CVE-2023-20896) Please see the advisory here: https://www.vmware.com/security/advisories/VMSA-2023-0014.html Impacted Products: • VMware vCenter Server (vCenter Server) • VMware Cloud Foundation (Cloud Foundation)

cross-posted from: https://lemmy.run/post/10475

Testing Service Accounts in Kubernetes

Service accounts in Kubernetes are used to provide a secure way for applications and services to authenticate and interact with the Kubernetes API. Testing service accounts ensures their functionality and security. In this guide, we will explore different methods to test service accounts in Kubernetes.

1. Verifying Service Account Existence

To start testing service accounts, you first need to ensure they exist in your Kubernetes cluster. You can use the following command to list all the available service accounts:

kubectl get serviceaccounts

Verify that the service account you want to test is present in the output. If it's missing, you may need to create it using a YAML manifest or the kubectl create serviceaccount command.

2. Checking Service Account Permissions

After confirming the existence of the service account, the next step is to verify its permissions. Service accounts in Kubernetes are associated with roles or cluster roles, which define what resources and actions they can access.

To check the permissions of a service account, you can use the kubectl auth can-i command. For example, to check if a service account can create pods, run:

kubectl auth can-i create pods --as=system:serviceaccount:<namespace>:<service-account>

Replace <namespace> with the desired namespace and <service-account> with the name of the service account.

3. Testing Service Account Authentication

Service accounts authenticate with the Kubernetes API using bearer tokens. To test service account authentication, you can manually retrieve the token associated with the service account and use it to authenticate requests.

To get the token for a service account, run:

kubectl get secret <service-account-token-secret> -o jsonpath="{.data.token}" | base64 --decode

Replace <service-account-token-secret> with the actual name of the secret associated with the service account. This command decodes and outputs the service account token.

You can then use the obtained token to authenticate requests to the Kubernetes API, for example, by including it in the Authorization header using tools like curl or writing a simple program.

4. Testing Service Account RBAC Policies

Role-Based Access Control (RBAC) policies govern the access permissions for service accounts. It's crucial to test these policies to ensure service accounts have the appropriate level of access.

One way to test RBAC policies is by creating a Pod that uses the service account you want to test and attempting to perform actions that the service account should or shouldn't be allowed to do. Observe the behavior and verify if the access is granted or denied as expected.

5. Automated Testing

To streamline the testing process, you can create automated tests using testing frameworks and tools specific to Kubernetes. For example, the Kubernetes Test Framework (KTF) provides a set of libraries and utilities for writing tests for Kubernetes components, including service accounts.

Using such frameworks allows you to write comprehensive test cases to validate service account behavior, permissions, and RBAC policies automatically.

Conclusion

Testing service accounts in Kubernetes ensures their proper functioning and adherence to security policies. By verifying service account existence, checking permissions, testing authentication, and validating RBAC policies, you can confidently use and rely on service accounts in your Kubernetes deployments.

Remember, service accounts are a critical security component, so it's important to regularly test and review their configuration to prevent unauthorized access and potential security breaches.

cross-posted from: https://lemmy.run/post/10044

Beginner's Guide to nc (Netcat)

Welcome to the beginner's guide to nc (Netcat)! Netcat is a versatile networking utility that allows you to read from and write to network connections using TCP or UDP. It's a powerful tool for network troubleshooting, port scanning, file transfer, and even creating simple network servers. In this guide, we'll cover the basics of nc and how to use it effectively.

Installation

To use nc, you first need to install it on your system. The installation process may vary depending on your operating system. Here are a few common methods:

Linux

On most Linux distributions, nc is usually included by default. If it's not installed, you can install it using your package manager. For example, on Ubuntu or Debian, open a terminal and run:

sudo apt-get install netcat

macOS

macOS doesn't come with nc pre-installed, but you can easily install it using the Homebrew package manager. Open a terminal and run:

brew install netcat

Windows

For Windows users, you can download the official version of nc from the Nmap project's website. Choose the appropriate installer for your system and follow the installation instructions.

Basic Usage

Once you have nc installed, you can start using it to interact with network connections. Here are a few common use cases:

Connect to a Server

To connect to a server using nc, you need to know the server's IP address or domain name and the port number it's listening on. Use the following command:

nc <host> <port>

For example, to connect to a web server running on example.com on port 80, you would run:

nc example.com 80

Send and Receive Data

After establishing a connection, you can send and receive data through nc. Anything you type will be sent to the server, and any response from the server will be displayed on your screen. Simply type your message and press Enter.

File Transfer

nc can also be used for simple file transfer between two machines. One machine acts as the server and the other as the client. On the receiving machine (server), run the following command:

nc -l <port> > output_file

On the sending machine (client), use the following command to send a file:

nc <server_ip> <port> < input_file

The receiving machine will save the file as output_file. Make sure to replace <port>, <server_ip>, input_file, and output_file with the appropriate values.

Port Scanning

Another useful feature of nc is port scanning. It allows you to check if a particular port on a remote machine is open or closed. Use the following command:

nc -z <host> <start_port>-<end_port>

For example, to scan ports 1 to 100 on example.com, run:

nc -z example.com 1-100

Conclusion

Congratulations! You've learned the basics of nc and how to use it for various network-related tasks. This guide only scratches the surface of nc's capabilities, so feel free to explore more advanced features and options in the official documentation or online resources. Happy networking!

cross-posted from: https://lemmy.run/post/8710

Beginner's Guide to htop

Introduction

htop is an interactive process viewer and system monitor for Linux systems. It provides a real-time overview of your system's processes, resource usage, and other vital system information. This guide will help you get started with htop and understand its various features.

Installation

We are assuming that you are using ubuntu or debain based distros here.

To install htop, follow these steps:

1. Open the terminal.
2. Update the package list by running the command: sudo apt update.
3. Install htop by running the command: sudo apt install htop.
4. Enter your password when prompted.
5. Wait for the installation to complete.

Launching htop

Once htop is installed, you can launch it by following these steps:

1. Open the terminal.
2. Type htop and press Enter.

Understanding the htop Interface

After launching htop, you'll see the following information on your screen:

1. A header displaying the system's uptime, load average, and total number of tasks.
2. A list of processes, each represented by a row.
3. A footer showing various system-related information.

Navigating htop

htop provides several keyboard shortcuts for navigating and interacting with the interface. Here are some common shortcuts:

• Arrow keys: Move the cursor up and down the process list.
• Enter: Expand or collapse a process to show or hide its children.
• Space: Tag or untag a process.
• F1: Display the help screen with a list of available shortcuts.
• F2: Change the setup options, such as columns displayed and sorting methods.
• F3: Search for a specific process by name.
• F4: Filter the process list by process owner.
• F5: Tree view - display the process hierarchy as a tree.
• F6: Sort the process list by different columns, such as CPU usage or memory.
• F9: Send a signal to a selected process, such as terminating it.
• F10: Quit htop and exit the program.

Customizing htop

htop allows you to customize its appearance and behavior. You can modify settings such as colors, columns displayed, and more. To access the setup menu, press the F2 key. Here are a few options you can modify:

• Columns: Select which columns to display in the process list.
• Colors: Customize the color scheme used by htop.
• Meters: Choose which system meters to display in the header and footer.
• Sorting: Set the default sorting method for the process list.

Exiting htop

To exit htop and return to the terminal, press the F10 key or simply close the terminal window.

Conclusion

Congratulations! You now have a basic understanding of how to use htop on the Linux bash terminal. With htop, you can efficiently monitor system processes, resource usage, and gain valuable insights into your Linux system. Explore the various features and options available in htop to get the most out of this powerful tool.

Remember, you can always refer to the built-in help screen (F1) for a complete list of available shortcuts and commands.

Enjoy using htop and happy monitoring!

cross-posted from: https://lemmy.run/post/9328

1. Introduction to awk:

   awk is a powerful text processing tool that allows you to manipulate structured data and perform various operations on it. It uses a simple pattern-action paradigm, where you define patterns to match and corresponding actions to be performed.

2. Basic Syntax:

   The basic syntax of awk is as follows:

   awk 'pattern { action }' input_file
   

   • The pattern specifies the conditions that must be met for the action to be performed.
   • The action specifies the operations to be carried out when the pattern is matched.
   • The input_file is the file on which you want to perform the awk operation. If not specified, awk reads from standard input.

3. Printing Lines:

   To start with, let's see how to print lines in Markdown using awk. Suppose you have a Markdown file named input.md.

   • To print all lines, use the following command:

     awk '{ print }' input.md
     

   • To print lines that match a specific pattern, use:

     awk '/pattern/ { print }' input.md
     

4. Field Separation:

   By default, awk treats each line as a sequence of fields separated by whitespace. You can access and manipulate these fields using the $ symbol.

   • To print the first field of each line, use:

     awk '{ print $1 }' input.md
     

5. Conditional Statements:

   awk allows you to perform conditional operations using if statements.

   • To print lines where a specific field matches a condition, use:

     awk '$2 == "value" { print }' input.md
     

6. Editing Markdown Files:

   Markdown files often contain structured elements such as headings, lists, and links. You can use awk to modify and manipulate these elements.

   • To change all occurrences of a specific word, use the gsub function:

     awk '{ gsub("old_word", "new_word"); print }' input.md
     

7. Saving Output:

   By default, awk prints the result on the console. If you want to save it to a file, use the redirection operator (>).

   • To save the output to a file, use:

     awk '{ print }' input.md > output.md
     

8. Further Learning:

   This guide provides a basic introduction to using awk for text manipulation in Markdown. To learn more advanced features and techniques, refer to the awk documentation and explore additional resources and examples available online.

Remember, awk is a versatile tool, and its applications extend beyond Markdown manipulation. It can be used for various text processing tasks in different contexts.

Hi guys, I recently started working at a company with about 50 people that has grown to large for their current IT setup. They have no documentation or any SOPs. Has anyone been in a similar situation and how did you go about creating documentation, especially when you are new and don't fully understand all of the services they have in place?

Thankfully it's mostly a Microsoft shop and pretty low tech but there are dozens of exchange rules in place that no one knows why they exist or what they do, dozens of SharePoint sites with critical information strewn about them and so on. It's hard to think where to even start and decide what the best way to organize this information will be, and keep in a place a system where we will update it regularly. Any advice would be greatly appreciated.

I started a new job as a systems engineer not too long ago and am looking for a way to get comfortable with FOS as I've never had to manage FC switches before. Anyone know of a way to emulate it, or should I just resign myself to buying an old switch on ebay and throwing it in the rack?

Hi, all!

For those of you who work in organizations that do decent documentation, what are you using?

We currently just have a bunch of word docs in a SharePoint document library. I've previously used dedicated solutions for this such as Bookstack and Confluence. The company is very anti-Atlassian, so Confluence is out.

Just want to see what y'all are using as I search for a better solution.

Thanks!

Here come the helpdesk tickets!

cross-posted from: https://lemmy.world/post/158455

I sometimes have to use remote systems that I don't have root access to. I often find that I need to install packages in my home directory, so either I build from source or copy over my own pre-compiled versions.

Recently I've found out about pkgsrc. I'm looking for opinions from anyone who has used it to install packages without root access. Any feedback is useful!

A buffer overflow vulnerability was found within SSL-VPN in FortiOS leading to unauthorized code execution. Options are either to disable SSL-VPN or upgrade to a patched version.

cross-posted from: https://sh.itjust.works/post/87144

Received this QNAP security bulletin this morning. Update your QNAP products!

June 14, 2023 - QNAP® had published security enhancement against security vulnerabilities that could affect specific versions of QNAP products. Please use the following information and solutions to correct the security issues and vulnerabilities.

Vulnerabilities in Samba

Release date: June 14, 2023 Security ID: QSA-23-05 Severity: Medium CVE identifier: CVE-2022-37966 | CVE-2022-37967 | CVE-2022-38023 | CVE-2022-45141 Affected products: Certain QNAP Devices

Summary

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba, including vulnerabilities related to RC4 encryption. If exploited, some of these vulnerabilities allow an attacker to take control of an affected system. The following QNAP operating systems are affected:

• QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances) QES is not affected.

Only QNAP devices that run the affected operating systems and also act as a domain controller or AD member are affected.

Standalone QNAP devices are not affected by the vulnerabilities.

QNAP is currently fixing the vulnerabilities in QTS, QuTS hero, QuTScloud and QVP (QVR Pro appliances).

Please check this security advisory regularly for updates and promptly update your QNAP operating system to the latest version as soon as it is available.

Recommendation

Because RC4 encryption poses a high security risk, we strongly recommend replacing RC4 with the more secure AES algorithm when using a QNAP device as a domain controller or AD member.

• When the QNAP device acts as a domain controller, we strongly recommend enforcing AES encryption. • When the QNAP device acts as an AD member, the encryption method should follow that of the domain controller. We also strongly recommend that the domain controller is configured to enforce AES encryption. Before security updates are available, depending on the AD domain role of your QNAP device, we recommend enforcing AES encryption only or at least allowing both AES and RC4 encryption to mitigate the risks posed by the vulnerabilities.

cross-posted from: https://lemmy.cloudhub.social/post/14149

What's everyone using for status monitoring and/or status pages either in their lab or at work?

I setup a status page for my fediverse instances using Uptime Robot (have an existing subscription), and the features are kinda lacking. I feel like they haven't really updated anything in the last 5 years which is unfortunate.