redhat enterprise linux – problems with usernames in docker

Good afternoon, I am currently configuring the user name for my containers in the daemon.json file and following the tutorials that I post below:

I am using the following documentation:

https://docs.docker.com/engine/security/userns-remap/

https://sandro-keil.de/blog/docker-daemon-tuning-and-json-file-configuration/

(dockermd)# sudo systemctl restart docker
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe" for details.

Running systemctl status docker.service

(dockermd)# sudo systemctl status docker.service
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/docker.service.d
           └─http-proxy.conf
   Active: failed (Result: exit-code) since Wed 2020-08-05 14:09:34 -04; 2s ago
     Docs: https://docs.docker.com
  Process: 2480121 ExecStart=/usr/bin/dockerd -H fd:// (code=exited, status=1/FAILURE)
 Main PID: 2480121 (code=exited, status=1/FAILURE)

Aug 05 14:09:34 TMT097 systemd(1): docker.service: Service RestartSec=2s expired, scheduling restart.
Aug 05 14:09:34 TMT097 systemd(1): docker.service: Scheduled restart job, restart counter is at 3.
Aug 05 14:09:34 TMT097 systemd(1): Stopped Docker Application Container Engine.
Aug 05 14:09:34 TMT097 systemd(1): docker.service: Start request repeated too quickly.
Aug 05 14:09:34 TMT097 systemd(1): docker.service: Failed with result 'exit-code'.
Aug 05 14:09:34 TMT097 systemd(1): Failed to start Docker Application Container Engine.

Running dockerd

dockerd unable to configure the Docker daemon with file /etc/docker/daemon.json: open /etc/docker/daemon.json: permission denied

so I have my daemon.json

  {
    
            "data-root": "/opt/docker",
            "storage-driver": "overlay2",
            "log-driver": "json-file",
            "userns-remap": "10007:10007",
            "log-opts": {
         

           "max-size": "10m",
                "max-file": "3"
  }
}

enter image description here

my id user

enter image description here

I need to do this, because for security reasons, the use of root permissions is very limited, so many functionalities of docker root permissions, and I am doing this test with a view to having the least use of root in production

What solution could I apply?

redhat – Does the BootHole Vulnerability Effect Grub1 or Only Grub2?

I’ve been doing some reading on BootHole to help understand our attack surface and see everything talking about GRUB2, but nothing about GRUB “Legacy” or GRUB1. Wondering if it has tested against this older version of the bootloader. Older distros (RHEL5 & 6) used GRUB1 and am just curious if they have been proven unaffected by BootHole. I can’t be the only one thinking this, but haven’t been able to find anyone talking about it.

port – Can not install semanage tool on RedHat virtual machine

I’m trying to change the MongoDB default port on my AWS Virtual Machine but semanage is not found on the server

semanage port -a -t mongod_port_t -p tcp 27042

-bash: semanage: command not found

Trying to find the package that provides semanage fails.

dnf whatprovides semanage

Errors during downloading metadata for repository ‘rhui-client-config-server-8’: Curl error (58): Problem with the local SSL certificate for https://rhui3.eu-west-3.aws.ce.redhat.com/pulp/mirror/protected/rhui-client-config/rhel/server/8/x86_64/os (could not load PEM client certificate, OpenSSL error error:0200100D:system library:fopen:Permission denied, (no key found, wrong pass phrase, or wrong file format?))

Error: Failed to download metadata for repo ‘rhui-client-config-server-8’: Cannot prepare internal mirrorlist: Curl error (58): Problem with the local SSL certificate for https://rhui3.eu-west-3.aws.ce.redhat.com/pulp/mirror/protected/rhui-client-config/rhel/server/8/x86_64/os (could not load PEM client certificate, OpenSSL error error:0200100D:system library:fopen:Permission denied, (no key found, wrong pass phrase, or wrong file format?))

dnf update works and the system is up-to-date

Last metadata expiration check: 0:42:00 ago on Tue 21 Jul 2020 10:11:35 AM UTC. Dependencies resolved. Nothing to do. Complete!

Additional informations :

cat /etc/redhat-release

Red Hat Enterprise Linux release 8.2 (Ootpa)

ll ~/.ssh/

-rw——-. 1 ec2-user ec2-user 385 Jul 21 09:30 authorized_keys

-rw-r–r–. 1 ec2-user ec2-user 186 Jul 21 09:54 known_hosts

dnf repolist

repo id / repo name

mongodb-org-4.2 / MongoDB Repository

rhel-8-appstream-rhui-rpms / Red Hat Enterprise Linux 8 for x86_64 – AppStream from RHUI (RPMs)

rhel-8-baseos-rhui-rpms / Red Hat Enterprise Linux 8 for x86_64 – BaseOS from RHUI (RPMs)

rhui-client-config-server-8 / Red Hat Update Infrastructure 3 Client Configuration Server 8

Could you help me to find a solution with this Curl error 58 please ? Many thanks.

How do you search all Redhat repos for a package

I have RHEL7. How do I search ALL repositories (including those I’m not subscribed to with subscription-manager) for any and all packaged with “dav_svn” in the name?

I am required to use RHEL7 for this project. I must have SimpleSAMLPHP installed, which required PHP 5.6+. RHEL7 comes with PHP 5.4. So, to upgrade it, I used the subscription repos to install PHP73. That required removing HTTPD and installing HTTPD24. Another requirement: Subversion must be installed. Subversion required mod_dav_svn. I believe that mod24_dav_svn is required when using HTTPD24. However, I cannot find that package in any repository. There are so many to look through. That is the reason that I want to knwo how to search all the repositories at once – especially onces I did not subscribe to.

ntp – Redhat Enterprise Linux 7: How to disable DST – Daylight Saving Time

You don’t disable DST per se, you set the desired time zone, and you get DST if the time zone has DST.

You can check the configured time zone with timedatectl.

If your timezone has DST you’ll see something like this:

(root@stonard ~)# timedatectl 
      Local time: Sat 2020-06-20 18:27:30 EDT
  Universal time: Sat 2020-06-20 22:27:30 UTC
        RTC time: Sat 2020-06-20 22:27:30
       Time zone: America/New_York (EDT, -0400)
     NTP enabled: yes
NTP synchronized: yes
 RTC in local TZ: no
      DST active: yes
 Last DST change: DST began at
                  Sun 2020-03-08 01:59:59 EST
                  Sun 2020-03-08 03:00:00 EDT
 Next DST change: DST ends (the clock jumps one hour backwards) at
                  Sun 2020-11-01 01:59:59 EDT
                  Sun 2020-11-01 01:00:00 EST

Otherwise you’ll see something like this:

(root@farshire ~)# timedatectl 
      Local time: Sat 2020-06-20 22:26:50 GMT
  Universal time: Sat 2020-06-20 22:26:50 UTC
        RTC time: Sat 2020-06-20 22:26:50
       Time zone: Etc/GMT (GMT, +0000)
     NTP enabled: yes
NTP synchronized: yes
 RTC in local TZ: no
      DST active: n/a

To change the time zone, use timedatectl set-timezone ZONE, where ZONE is a valid zoneinfo zone. For example:

# timedatectl set-timezone Europe/Kiev

redhat – Joining OpenShift server to Active Directory

Is it possible to make an OpenShift server a member computer of an Active Directory domain to enjoy the same AD services that a Windows Server would have?

Specifically, I am looking for integrated security, where a user with domain credentials logged in to a Asp.NET Core application on OpenShift would be similarly exposed in the System.Security.Principal object.

redhat enterprise linux – OpenSSL Timestamp log location

I am trying to debug an openssl ts based perl http server. The server logs display an openssl ts -reply command failing with exit code 1.

Where can I see the logs related to this openssl command, or a more verbose explanation of the error? The OS is RHEL 7.3

amazon web services – growpart failed on RedHat Ec2

I have created an m5.2xlarge Ec2 instance and attached 100 GB EBS volume as root volume. I am following AWS documentation to assign this 100 GB space to one of the partitions. However I am getting the below error:

no tools available to resize disk with ‘gpt’
FAILED: failed to get a resizer for id ”

Here are some additional details:

OS installed: Red Hat Enterprise Linux Server release 7.8 (Maipo)

Output of lsblk command:
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
nvme0n1 259:1 0 100G 0 disk
├─nvme0n1p1 259:2 0 1M 0 part
└─nvme0n1p2 259:3 0 6G 0 part /
nvme1n1 259:0 0 2T 0 disk

Command executed:
# growpart /dev/nvme0n1 2
no tools available to resize disk with ‘gpt’
FAILED: failed to get a resizer for id ”

# yum install cloud-utils-growpart
Loaded plugins: amazon-id, search-disabled-repos
rhel-7-server-rhui-rh-common-rpms | 2.1 kB 00:00:00
rhel-7-server-rhui-rpms | 2.0 kB 00:00:00
rhui-client-config-server-7 | 2.1 kB 00:00:00
Package cloud-utils-growpart-0.29-5.el7.noarch already installed and latest version
Nothing to do

# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 16G 0 16G 0% /dev
tmpfs 16G 0 16G 0% /dev/shm
tmpfs 16G 17M 16G 1% /run
tmpfs 16G 0 16G 0% /sys/fs/cgroup
/dev/nvme0n1p2 6.0G 3.5G 2.6G 58% /
tmpfs 3.1G 0 3.1G 0% /run/user/1000

Please let me know how can I fix this issue?

Thanks
Sanjeeb.

redhat – How can i install an old samba version on Oracle Linux 7.5

Apologies if this is a lame question but i don’t have much experience with subject..

I know that there are a bunch of posts regarding this but i wasn’t able to find a proper solution…

I running Oracle Cloud 7.5 (Red Hat 7.5) on Oracle Cloud Infrastructure with samba 4.9 and i need to install Samba 3.6.23, when i use yum --showduplicates list samba i can only see 4.x…

How can i install this specif version of samba?
Can i download the rpm from somewhere and install it manually? (found one for Cent Os 6 but i don’t know if it’s ‘compatible’ with Oracle linux)

Thanks

redhat enterprise linux – What is the driver update image file?

I am running an installation of RHEL 5.11 on my server. Since my server's DVD-ROM does not work, I have decided to create a multi-boot USB disk using YUMI. Everything works during disk creation, I select the RHEL5 ISO file to load it into the USB disk.

Problems that occur after starting on the RHEL installation page. You are asking me to select the driver disk source, which I have no idea on which device the USB disk is mounted. I tried to randomly select all the options and it seems that device / dev / sda4 works for me. But then he asks me to choose the driver update image file, I have no idea what it is.

Can anyone help me with this?