Author: admin

Sudo Flaw Permits Restricted Root Runas Access

admin • October 15, 2019

Sudo Flaw Permits Restricted Root Runas Access. sudo configured to allow a user run commands as another user with the ALL keyword using the runas command specifying the user ID -1 or 4294967295 can run commands as root even when explicitly disallowed. The PAM session will not run for the command. This vulnerability is assigned as CVE-2019-14287 and affects sudo...Read More »

How to Create a Centralized Log Server with Rsyslog in CentOS/RHEL 7.4+

admin • October 5, 2019

The syslog server comes standard on CentOS/RHEL 7+ and is a system utility providing support for message logging. Support of both internet and unix domain sockets enables this utility to support both local and remote logging. With a couple of configuration changes can become a central monitoring server. There are syntax changes pre CentOS/RHEL 7.4 and CentOS/RHEL 7.4+ for semanage...Read More »

Create an Ansible script for DISA STIG and execute it in CentOS 7

admin • September 29, 2019

Securing a CentOS 7 install doesn't have to be tough. Code already exists, we just have to find it and execute it. Prerequisites yum install openscap scap-security-guide -y Verification The version of the scap-security-guide that was tested is 0.1.40. scap-security-guide.noarch 0.1.40-13.el7.centos @updates Test The purpose of this test is to determine if the scap-security-guide supports DISA STIG. oscap info /usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml...Read More »

Ansible TRANSFORM_INVALID_GROUP_CHARS settings warning [resolution]

admin • September 26, 2019

I have an ansible playbook that has worked for months. It still works but, now has a DEPRECATION WARNING that looks ominous along with a python error. Problem BECOME password[defaults to SSH password]: [DEPRECATION WARNING]: The TRANSFORM_INVALID_GROUP_CHARS settings is set to allow bad characters in group names by default, this will change, but still be user configurable on deprecation. This...Read More »

How to remove a bad disk from LVM2

admin • August 13, 2019

While doing a little house cleaning on a VM, I discovered I was unable to reboot it. Basically, I had a logical volume that was rather large and wanted to remove it. I used the lvremove to remove the logical volume that spanned across two hard drives. There was no other logical volume on those drives. Shutdown the server and...Read More »

Convert OVFs to an OVA without the ovftool.exe

admin • August 12, 2019

VMware requires you to have an account to logon and download a free tool called "VMware OVF Tool". That alone is not annoying. What is annoying is that the tool is extremely slow. There is a much faster way to create an OVA without the need of this tool. Using the ovftool is easy enough, the following is an example...Read More »

NFL Pick ‘Em buildSchedule.php for any season

admin • July 21, 2019 • 1 Comment

I have been playing around with the buildSchedule.php component of NFL PHP Pick 'Em as this is the component that makes it all possible to generate tables needed to create the SQL script to import into the new season. My previous post on this subject required a spreadsheet, which never really was necessary. Even though the output filename contains a...Read More »

NFL Pick ‘Em for 2019 Season

admin • July 18, 2019

NFL PHP Pick 'Em is a free php web app that allows you to host a weekly NFL pick 'em football pool on your website. This fantastic tool replaced the use of spreadsheets. There was a time that this tool was not supported. However, I just checked out the www.phpickem.org website it is is updated for 2019. I wish I...Read More »