Using privileged mode (become) in Ansible without a password

So I was working on automating some stuff using Ansible when the necessity to have password less superuser access came up. A simple way would be adding the ansible management key to the root account itself and allow SSH to root, but allowing ssh to root is usually a bad idea.

I tried many things – NOPASSWD in sudo entry, requiretty, etc. And after nearly two hours of digging a spark ignited and I found a way – Linux has PAM module called pam_wheel.so which can implicitly allow root access via su when a user is present in the wheel group (the group can be configured in module options). This module is disabled by default on most Linux distributions, in fact Ubuntu doesn’t even have a wheel group. But in this particular case I was managing CentOS which has the wheel group.

Add the Ansible management user to the wheel group and enable the pam_wheel.so module:

Now when you SSH to the machine using the ansible user and run su – it will give you root access without asking for password. Consequently, now when you set become_method = su in your Ansible configuration by way of editing config files, setting variables in playbook or inventory, etc. Ansible will become privileged without a password.

0

LXD OpenVSwitch and VLANs

LXD is a fantastic container virtualization tool that comes by default with Ubuntu. In one of my applications I needed to have many containers each within it’s own VLAN network.
So I used OpenVSwitch in combination with LXD to achieve this.

There is no inherent facility in LXD to provide VLAN tag numbers to the interface. So it is necessary to use a “Fake bridge”. I managed to do it after reading this article by Scott – VLANs with Open vSwitch Fake Bridges

Let’s say the OpenVSwitch bridge is named vm-bridge and we want to add 10 fake bridges ranging from VLAN 20 to 30. Here’s how I did it:

In LXD you can specify the bridge to which it will connect containers to, so I created 10 containers using a similar loop 😀
Further to bind each container to the fake bridge this step is needed:

2

You can no longer count on reliability of budget smartphones or Android One

The story here is about my bad experience with a Nokia 7 Plus smartphone which is a certified Android One device.

I have been using Android over the last 7-8 years or so, and like every geek out there I was involved in flashing custom ROMs and tracking XDA forums for new builds. I even had one of the best phones suited for this purpose – The LG Nexus 4.

Continue reading “You can no longer count on reliability of budget smartphones or Android One”
0

A small review of JBL E65BTNC

In 2016, I came across a nice deal for an on-ear headphone – The Motorola Tracks Air. It was selling on Flipkart for ₹2500. That was steal deal, considering the original price is ₹8990. I used it for on and off for quite some time but the on-ear type meant it started hurting my ears when using them for more than 30 minutes. So gradually the usage waned off and I stopped using it. Usually I do not buy new stuff unless the previous one I have is completely dead, this is especially true in case of electronics. Because of the online shopping deals it’s very easy to accumulate unnecessary junk. Just like that due to impulsive purchases without much thought I have a few electronic junk lying around which is in pristine condition not used even a single time.

In order to get rid of the Tracks Air headphones which I had, I tried putting an ad for it on OLX India site which is a famous marketplace for pre-owned stuff. I have successfully sold quite a lot of things on the platform and even bought a few. But for some reason people didn’t seem to be interested in this headphone at any price, so I gave it to someone I knew and didn’t have any headphone for free. At least something lying in my junk is useful to someone.

Continue reading “A small review of JBL E65BTNC”
0

Maintain lead acid batteries regularly

Thursdays are usually maintenance day for the electrical power supply company in my area. So there was nearly a full day power cut. Luckily, I have a UPS so that sorts out the problem for 8-9 hours. The lead acid battery I use for my UPS is about 3-4 years old, and these being unsealed batteries they last long, really long if maintained properly.

In the past I have had one such battery last for a decade before requiring a replacement.

Unsealed lead acid batteries require two important maintenance activities:

  1. Topping up distilled water every 6 months
  2. Applying petroleum jelly / grease on the terminals to prevent corrosion
Continue reading “Maintain lead acid batteries regularly”
0

Tree plantation – Wild Almond

Tree plantation has always been a thing I wanted to do & has been in my to-do list for the last couple of years. This year I started with the first tree, a Wild Almond. Somebody gifted it to my mom on World Environment Day, 5th June 2019.

Here’s how it looks as before and after plantation:

There were little bit of pre-monsoon showers yesterday evening so the soil was a bit soft, but there were lot of stones underneath, my Khurpa (the weeding tool) has it’s nose bent due the impact against stones while digging.

Continue reading “Tree plantation – Wild Almond”
0

When you get blocked on social media (Twitter) for defending Yoga

In the world of Twitter I came across an interesting thread, discussing morning affairs that every human being has to go through:

I thought it would be a good idea to pitch in with my limited yoga knowledge because yoga has helped me in that morning affair as well:

To that, this person @abhijitkadle says he wants to see scientific basis or else it is bullshit:

I have experienced a lot of health benefits due to practicing yoga over the years compared to when I was not. Alright, so I started replying to this thread with various links and articles which had the appropriate references to some studies and papers by prestigious institutes. Let me share the links I have shared with Mr. Prometheus lapetus on the thread one by one and the referring research papers each of the link(s) had.

Continue reading “When you get blocked on social media (Twitter) for defending Yoga”
0

Ubuntu 18.04 add e1000e Intel driver to dkms

e1000e is an Intel NIC driver which often needs to be updated on servers so that the NIC can operate trouble free.

Note: I assume you have DKMS and the necessary kernel headers to compile the drivers already installed. If not use apt / apt-get to install the same.

Here’s a quick guide on how to add the Intel e1000e driver to DKMS (Dynamic Kernel Module Support) so that it gets installed / uninstalled automatically with future kernel updates and removals.

Download the driver from Intel website https://downloadcenter.intel.com/download/15817

As of my writing this article, the e1000e version is 3.4.2.1. On download the tarball I get e1000e-3.4.2.1.tar.gz.

Extract it to /usr/src:

Create a dkms.conf in /usr/src/e1000e-3.4.2.1 with following contents:

Next, we have to tell DKMS that such a module has been added and build it for each of the kernels we have on the system:

Finally, reboot the system and the new module should be live.

3

Date range in a MariaDB query using the Sequence Engine

One of my applications involved generating a date-wise report for items created on that day and we needed zeroes against the count of items on the date which had no entries.

User selects a date range and the application must generate this report. Not so easy if I had not come across the MariaDB Sequence Storage Engine!

Sequences have long been good features in databases like Oracle, PostgreSQL and the likes, I absolutely had no idea of it’s existence in MariaDB — just came across it while browsing the documentation of MariaDB.

Here’s a sample of my use case:

After a couple of attempts with the samples provided in the MariaDB documentation page, I managed to devise a query which provided me exactly what I needed, using SQL UNION:

Yeah, that’s basically filling in zero values for the dates on which there were no entries. Can this be done using RIGHT JOIN? I tried to but couldn’t form a JOIN condition. If you know drop a comment!

0

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: