Making SELinux context on NFS mounts persistent

If you want to use for example a central NFS export with your Nagios configuration under /etc/nagios on your Nagios server the nfs mount is basically mounted with the “nfs_t” context. To start Nagios you need the context “nagios_etc_t” for /etc/nagios instead. Unfortunately a simple “semanage fcontext -a -t …” is not sufficient. You need to add the context as a mount option to your /etc/fstab file like this:

server:/export /etc/nagios	nfs	vers=4,context="system_u:object_r:nagios_etc_t:s0"  0 0

Permanently add line numbers to vim

If you open a file with vim then it is often very helpful to know the line number which you currently editing. To display line numbers within vim you can enable them every time you start vim with:

:%number

To enable line numbers permanently you can add the following line to /etc/vimrc (if you want to enable line numbers globally) or to ~/.vimrc (if you want to enable them only for your personal user):

echo set number >> /etc/vimrc

vim_line_numbers

Red Hat IPA on RHEL 6 with Active Directory one-way-sync and self signed certificates

In principle, a central Linux / UNIX user authentication should be provided for every user. Basically you will find Microsoft`s Active Directory as single point of truth in customer environments regarding identity management (IdM). Unfortunately a lot of requirements within the Linux / UNIX world are not met by Active Directory like

  • Central sudo definitions
  • Central host-based-access (actually for Red Hat systems only)
  • Central unique user and group ID management

Continue reading Red Hat IPA on RHEL 6 with Active Directory one-way-sync and self signed certificates