Return to Level1Techs.com

Sysadmin Mega Thread

I’ve done that using saltstack (2K system), but the company is moving to ansible (so i will have to redo it all a second time i guess…)

The harder is (for the entire team) to have the will to never change something by hand on the system. but that mean longer reaction time …

1 Like

Urgh - there’s a vulnerability in Grub2…

@sgtawesomesauce Right - that’s what I use.

@oO.o I’m on my way.

1 Like

The fix is worse than the problem, so far.

1 Like

I heard - Patched about 20 preprod servers this weekend that use SLES - they’re doing ok so far (knock on wood).

I hear RHEL is taking it on the chin.

See thread here. GRUB2 Secure Boot Vulnerability: Boothole

Though not much discussion that is fully on topic.

Destroy and redeploy is the life I live.

Red Hat has a fixed shim in the big report that is saw if it’s critical to patch sooner than later… I’d hold off honestly and consider other options.

stroke?

4 Likes

Absoblibky

1 Like

You’re thinking standby on this one?

It looks like they have fixed it but I’ve not checked through it all

https://access.redhat.com/errata/RHBA-2020:3262

That’s definitely the shim bug that caused the no boot issue

So presumably as long as your up to date it should pull that. Not sure what the package delay is for centos et al.

2 Likes

I’m running SLES 15 && 15 SP1 and the patch for this seems to be good, but I’m wondering about some CentOS boxes I have running…

https://bugs.centos.org/view.php?id=17631

Looks like you should be ok now.

I am closing this bug as the shim packages with the correct fix were pushed to mirrors. Make sure you use shim-x64-15-15.el8_2.x86_64.rpm ( EL8 ) or respectively shim-x64-15-8.el7_8.x86_64.rpm ( EL7 ) ( or newer )

1 Like

laughing in BSD loader

2 Likes

laughs in systemd-boot

inb4 reee

4 Likes

Oracle is breathing new life into the Spacewalk project.

https://blogs.oracle.com/linux/announcing-the-release-of-spacewalk-210-for-oracle-linux

For those unaware, Spacewalk was the popular open-source tool used for managing updates in a RHN (RedHat Network). RedHat basically killed off the project in favor of Satellite, and anyone still using Spacewalk was just plum out of luck.

Now, Oracle has spun its own version of Spacewalk to make it compatible with OEL 8.

This is important because there was a heavily reliance on Postgres 9 which has been deprecated and Java.

It’s good to see the project living on.

3 Likes

The absolute state of winning on GNU/GNU

1 Like

Good guy Oracle

…wait…

…what?

But yeah, if they manage it properly this might win them some goodwill back, lord knows they could use it if they want to work with the FLOSS community.

3 Likes

They’re not really white knights about this though. They have no intention of FLOSS, but they do value OSS software.

The biggest issue is that since OEL pulls from upstream RHEL, and RedHat made Satellite, there was a gap in services offered because Oracle, and most other big companies, believe in eating their own dog food so if they have a service that they offer they will use it internally instead of using competitors.

With this step, they are closer to providing a more comprehensive environment like what Red Hat offers.

Still waiting for a Foreman replacement though.

2 Likes