Hi,
on a Linux (SLES15) salt client that is integrated in an Active
Directory, the following scriptlet fails with an error message that the
user (svc-backup005) is unknown:
/home/svc-backup005:
file.directory:
- user: svc-backup005
- group: users
- mode: '0700'
Similar scripts with other users run fine. The only difference is, that
those users are local users (/etc/passwd) and svc-backup005 is an AD
user. Login (PAM + sss) and commands like getent or id run fine with
this user but it seems that Salt doesn't recognize AD users.
Any idea?
Thanks in advance!
Regards,
Tobias.
--
To unsubscribe, e-mail: uyuni-users+unsubscribe(a)opensuse.org
To contact the owner, e-mail: uyuni-users+owner(a)opensuse.org
Hey Christian
That looks awesome. Would you like to present it in the next Uyuni Community Hours, in 4 weeks?
Thank you
Pau Garcia Quiles
SUSE Manager Product Owner & Technical Project Manager
Phone: +1 385-666-5608
SUSE Software Solutions Spain
________________________________
De: Stankowic, Christian
Enviado: Viernes, 29 de Mayo de 2020 16:15
Para: uyuni-users(a)opensuse.org
Asunto: [uyuni-users] Ansible Role for installing and configuring Uyuni
Hi community,
I’m working as a consultant and pretty often I need to install Uyuni or SUSE Manager on customer systems.
A lot of my customers use Ansible and so I decided to create a role for installing and configuring it.
I know SUSE focusses heavily on Salt – but maybe somebody also needs to install and configure Uyuni via Ansible.
I’d love to hear your thoughts and feedback: https://galaxy.ansible.com/stdevel/uyuni
I successfully tested it with the latest Uyuni and SUSE Manager versions: some features such as Proxy configuration are planned for the future.
Best wishes,
Christian.
Hi everyone,
As discussed today at the Uyuni Community Hours, there are some opportunities
for all the community to contribute back.
You do not really need to be a developer, as you can also help with
translation, documentation, or even design. Even with the website!
Here are the topics that were proposed:
- Translations: UI, documentation (no coding skills required)
- Learning pills (articles, videos)
- Salt formulas, forms: Active Directory authentication, Samba, Web Server...
(no real coding skills required)
- Import Debian and Ubuntu patches ("errata") information.
- Debian autoinstallation: preseed support
- Amazon Linux 2 repository syncing (requires adding sqlite support)
- Virtual host gatherers for your favourite cloud or virtualizaton platform
- Implemente GPG key management RFC
- Content mirroring and statging
- Virtualization enhacements: network configuration, snapshots management, PXE
boot...
- Support for more operating systems: MS Windows, Mac, Android...
- LSP support in file viewers / editors (e.g. Eclipse Theia / Microsoft
Monaco)
- Integrate create-your-own-dashboard framework.
Those are just some examples, so if you want to do something else, feel free
to bring it forward.
So if you are interested in any of the topics above, or you want to propose
others, just write at uyuni-devel(a)opensuse.org so we can kickoff a discussion
:-)
Have a nice weekend and... happy hacking!
--
Julio González Gil
Release Engineer, SUSE Manager and Uyuni
jgonzalez(a)suse.com
Hi list!
Many thanks to everybody who showed up to the very first Uyuni Community
Open Hour! I counted at least 40 people! This clearly shows that there
is more than enough demand to make this a regular thing and we'd be
delighted to see you again in four weeks to continue and deepen the
discussions!
We'll make a calendar appointment available very soon, so that you won't
miss it and there won't be timezone conversion issues again!
Also we'd like to know if you'd be interested in us recording the
meeting, so that you'd be able to revisit the discussions later or watch
it if you weren't able to make it.
Pics or it didn't happen!? Here we go! ;D
https://i.imgur.com/BHNZWWu.png
Have a nice weekend everybody!
Jochen
--
SUSE Software Solutions Germany GmbH
Maxfeldstr. 5
90409 Nuremberg
Germany
(HRB 36809, AG Nürnberg)
Managing Director: Felix Imendörffer
--
To unsubscribe, e-mail: uyuni-users+unsubscribe(a)opensuse.org
To contact the owner, e-mail: uyuni-users+owner(a)opensuse.org
Hi community,
I'm working as a consultant and pretty often I need to install Uyuni or SUSE Manager on customer systems.
A lot of my customers use Ansible and so I decided to create a role for installing and configuring it.
I know SUSE focusses heavily on Salt - but maybe somebody also needs to install and configure Uyuni via Ansible.
I'd love to hear your thoughts and feedback: https://galaxy.ansible.com/stdevel/uyuni
I successfully tested it with the latest Uyuni and SUSE Manager versions: some features such as Proxy configuration are planned for the future.
Best wishes,
Christian.
Hello all.
I've recently came over form spacewalk to suse manager, and found an issue,
regarding spacewalk-repo-sync, because some of my inhouse software providers
do not sign their repomd.xml file:
# spacewalk-repo-sync --channel inhousechannel
06:42:48 ======================================
06:42:48 | Channel: inhousechannel
06:42:48 ======================================
06:42:48 Sync of channel started.
Preparing custom SSL CAPATH at /var/cache/rhn/reposync/.ssl-certs/1
Retrieving repository 'inhousechannel' metadata
----------------------------------------------------------------[]
Warning: File 'repomd.xml' from repository 'inhousechannel' is unsigned.
Note: Signing data enables the recipient to verify that no modifications
occurred after the data
were signed. Accepting data with no, wrong or unknown signature can lead
to a corrupted system and in extreme cases even to a system compromise.
Note: File 'repomd.xml' is the repositories master index file. It
ensures the integrity of the whole repo.
Warning: We can't verify that no one meddled with this file, so it might
not be trustworthy anymore! You should not continue unless you know it's
safe.
File 'repomd.xml' from repository 'inhousechannel' is unsigned, continue?
[yes/no] (no):
If i press y, the sync will occur, but i was wondering if there is a flag i
can pass for the missing xml signature being ignored?
I know that is a BAD security error to do so, but at the present i really do
not have any choice.
Can you help me please?
Thanks
Nuno
Hi all,
On a CentOS 7 server registered in Uyuni (2020.05), I have this:
# yum check-updates
Loaded plugins: fastestmirror, susemanagerplugin
Loading mirror speeds from cached hostfile
Update notice CESA-2019:2079 (from susemanager:centos7-x86_64-updates) is broken, or a bad duplicate, skipping.
You should report this problem to the owner of the susemanager:centos7-x86_64-updates repository.
To help pinpoint the issue, please attach the output of "yum updateinfo --verbose" to the report.
The issue seems to come from the fact that this errata has been published on 2 repos:
spacecmd {SSM:0}> errata_details CESA-2019:2079
Name: CESA-2019:2079
Product: CentOS Linux
Type: Security Advisory
Issue Date: 2/6/20
...
Affected Channels
-----------------
centos7-x86_64
centos7-x86_64-updates
There is an endless discussion over the years regarding this issue here: https://bugzilla.redhat.com/show_bug.cgi?id=1203963
Does somebody found a workaround about it ?
Could be good to have Uyuni checking the duplicate erratas among all the channels belonging to the same parent, and automatically skip them.
And BTW, is there a plan to have Uyuni managing the erratas of .DEB and .RPM OS families to avoid to use third-party scripts to inject them in Uyuni ?
Thanks !
Regards,
Philippe.
Philippe Bidault | Unix Engineer
Getronics
________________________________
M. 34617301667 | E. Philippe.Bidault(a)Getronics.com | W. www.getronics.com
[cid:M17520GetronicsConnectingPossibilitiesE-Sig425x204_e1803ca0-99a5-4a65-abd8-074c86bf11aa.png]<http://www.getronics.com/>
<http://www.linkedin.com/company/2077785>[cid:LinkedIn_4aeb630a-f385-4f22-927e-31323d2554b8.png]<https://www.linkedin.com/company/2077785> [cid:Twitter_6c9cce61-b2e3-49d4-991c-e799d031f1ae.png] <https://twitter.com/Getronics> <http://twitter.com/Getronics> [cid:Youtube_5150f807-4ba8-46a3-bbbf-038ccfdc2793.png] <https://www.youtube.com/user/getronicsonline?feature=results_main> <http://www.youtube.com/user/getronicsonline?feature=results_main> sign-info
<http://www.getronics.com/knowledge-share/news-and-events/ovum.php#sthash.cb…>
Getronics CMC Service Desk Iberia S.L - VAT No:S.L.: B66686262.
Registered Office - Getronics CMC Service Desk Iberia S.L, C/Rosselloi, Porcel, 21 planta 11, 08016 Barcelona, Spain.
The information transmitted is intended only for use by the addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material. Thank you.
Legal disclaimer: http://www.getronics.com/legal/
Dear Uyuni community,
I am writing because we are considering to drop one feature before the next version, that is the ability to create unpublished patches. Reasons are that, as of now, it seems to be obsoleted and unused, and its presence makes it more difficult to improve the codebase in other aspects (case in point is performance of channel management).
Background: Uyuni allows users to create their own patches/errata (via WebUI or API).
After a patch is created, it can be published or left unpublished[1]. When a patch is left unpublished, it is not part of any channel so it will just not be visible to any client. At some point users can publish an unpublished patch, and at that moment it will be seen normally by clients that have corresponding channels attached. In the vast majority of use cases, both the documentation and the Web UI assume that any "patch" is in fact a "published patch" - unless otherwise noted.
The unpublished errata mechanism has been created very long ago (the earliest trace we found is 2002), when lifecycle tools did not exist at all. Today, instead of creating an unpublished patch, it would be advisable to use a regular (published) patch to a test channel instead - the Content Lifecycle Management feature for instance makes it easy to promote it once it has been tested successfully. Testing is just impossible with unpublished errata, which makes us believe the whole mechanism is basically redundant as of today.
We would like to know if any of you uses this feature actively or can point out cases we haven't thought about so far.
Unless we get a valid case in this thread, we will most probably proceed removing the feature and cleaning up the corresponding codebase soon, and that will open the door to further optimizations around channel management we hope to ship soon.
Thanks!
[1] feature is documented here:
https://www.uyuni-project.org/uyuni-docs/uyuni/client-configuration/patch-m…https://www.uyuni-project.org/uyuni-docs/uyuni/reference/patches/manage-pat…https://www.uyuni-project.org/uyuni-docs/uyuni/reference/patches/clone-patc…
Regards,
--
Silvio Moioli
SUSE Manager Development Team
--
To unsubscribe, e-mail: uyuni-users+unsubscribe(a)opensuse.org
To contact the owner, e-mail: uyuni-users+owner(a)opensuse.org
Hello
We are considering starting Uyuni Community Hours, open to the public.
If you think it's an interesting idea, please complete this survey:
https://bit.ly/2LxqMy0
Thank you
Pau Garcia Quiles
SUSE Manager Product Owner & Technical Project Manager
SUSE Software Solutions Spain