Archive for the ‘RedHat Solution’ Category

Red Hat Enterprise Linux (RHEL) – how to replay terminal sessions recorded with the Linux ’script‘ command

Donnerstag, Januar 28th, 2021

The Linux ’script‘ command – allows you to create replayable terminal sessions by simply entering commands

# script –t=<logfile> -q <script file>
# script –t=<logfile> -q -a <script file>

When you want to end and save the file use Ctrl-D on your keyboard

┌──(root💀rpi-iot-jsho-openvas-01)-[~]
└─# script
Script started, output log file is ‚typescript‘.
┌──(root💀rpi-iot-jsho-openvas-01)-[~]
└─# gvm-check-setup
gvm-check-setup 20.8.0
Test completeness and readiness of GVM-20.8.0
Step 1: Checking OpenVAS (Scanner)…
OK: OpenVAS Scanner is present in version 20.8.0.
OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
Checking permissions of /var/lib/openvas/gnupg/*
OK: _gvm owns all files in /var/lib/openvas/gnupg
OK: redis-server is present.
OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
OK: redis-server configuration is OK and redis-server is running.
OK: _gvm owns all files in /var/lib/openvas/plugins
OK: NVT collection in /var/lib/openvas/plugins contains 64728 NVTs.
Checking that the obsolete redis database has been removed
OK: No old Redis DB
OK: ospd-OpenVAS is present in version 20.8.0.
Step 2: Checking GVMD Manager …
OK: GVM Manager (gvmd) is present in version 20.08.0.
Step 3: Checking Certificates …
OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
OK: Your GVM certificate infrastructure passed validation.
Step 4: Checking data …
OK: SCAP data found in /var/lib/gvm/scap-data.
OK: CERT data found in /var/lib/gvm/cert-data.
Step 5: Checking Postgresql DB and user …
OK: Postgresql version and default port are OK.
gvmd | _gvm | UTF8 | C.UTF-8 | C.UTF-8 |
OK: At least one user exists.
Step 6: Checking Greenbone Security Assistant (GSA) …
Oops, secure memory pool already initialized
OK: Greenbone Security Assistant is present in version 20.08.0~git.
Step 7: Checking if GVM services are up and running …
OK: ospd-openvas service is active.
OK: gvmd service is active.
OK: greenbone-security-assistant service is active.
Step 8: Checking few other requirements…
OK: nmap is present in version 20.08.0~git.
OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
WARNING: Could not find makensis binary, LSC credential package generation for Microsoft Windows targets will not work.
SUGGEST: Install nsis.
OK: xsltproc found.

It seems like your GVM-20.8.0 installation is OK.

┌──(root💀rpi-iot-jsho-openvas-01)-[~]
└─#
exit
Script done.
┌──(root💀rpi-iot-jsho-openvas-01)-[~]
└─# cat typescript
Script started on 2021-01-28 11:33:08+00:00 [TERM=“xterm“ TTY=“/dev/pts/0″ COLUMNS=“80″ LINES=“39″]
┌──(root💀rpi-iot-jsho-openvas-01)-[~]
└─# gvm-check-setup
gvm-check-setup 20.8.0
Test completeness and readiness of GVM-20.8.0
Step 1: Checking OpenVAS (Scanner)…
OK: OpenVAS Scanner is present in version 20.8.0.
OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
Checking permissions of /var/lib/openvas/gnupg/*
OK: _gvm owns all files in /var/lib/openvas/gnupg
OK: redis-server is present.
OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
OK: redis-server configuration is OK and redis-server is running.
OK: _gvm owns all files in /var/lib/openvas/plugins
OK: NVT collection in /var/lib/openvas/plugins contains 64728 NVTs.
Checking that the obsolete redis database has been removed
OK: No old Redis DB
OK: ospd-OpenVAS is present in version 20.8.0.
Step 2: Checking GVMD Manager …
OK: GVM Manager (gvmd) is present in version 20.08.0.
Step 3: Checking Certificates …
OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
OK: Your GVM certificate infrastructure passed validation.
Step 4: Checking data …
OK: SCAP data found in /var/lib/gvm/scap-data.
OK: CERT data found in /var/lib/gvm/cert-data.
Step 5: Checking Postgresql DB and user …
OK: Postgresql version and default port are OK.
gvmd | _gvm | UTF8 | C.UTF-8 | C.UTF-8 |
OK: At least one user exists.
Step 6: Checking Greenbone Security Assistant (GSA) …
Oops, secure memory pool already initialized
OK: Greenbone Security Assistant is present in version 20.08.0~git.
Step 7: Checking if GVM services are up and running …
OK: ospd-openvas service is active.
OK: gvmd service is active.
OK: greenbone-security-assistant service is active.
Step 8: Checking few other requirements…
OK: nmap is present in version 20.08.0~git.
OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
WARNING: Could not find makensis binary, LSC credential package generation for Microsoft Windows targets will not work.
SUGGEST: Install nsis.
OK: xsltproc found.

It seems like your GVM-20.8.0 installation is OK.

┌──(root💀rpi-iot-jsho-openvas-01)-[~]
└─#
exit
Script done on 2021-01-28 11:33:49+00:00 [COMMAND_EXIT_CODE=“0″]
┌──(root💀rpi-iot-jsho-openvas-01)-[~]
└─#

Red Hat Enterprise Linux (RHEL) – ’sudo‘ vulnerability allows attackers to gain root privileges (CVE-2021-3156)

Donnerstag, Januar 28th, 2021

Red Hat Enterprise Linux (RHEL) 8 – how to set up SSH dynamic port forwarding

Dienstag, Januar 26th, 2021

Red Hat Enterprise Linux (RHEL) 8 – how to set up SSH dynamic port forwarding

Red Hat Enterprise Linux (RHEL) 8 – XFS Copy-on-Write (CoW) data extents

Sonntag, Januar 24th, 2021

The XFS file system – supports shared Copy-on-Write (CoW) data extent functionality this feature enables two or more files to share a common set of data blocks. When either of the files sharing common blocks changes, XFS breaks the link to common blocks and creates a new file. This is similar to the Copy-on-Write (COW) functionality found in other file systems

Red Hat Enterprise Linux (RHEL) – Individual Developer subscription for RHEL can be used in production for up to 16 systems

Mittwoch, Januar 20th, 2021

The updated Individual Developer subscription for RHEL will be available no later than February 1, 2021

Red Hat Gluster Storage – managing volume snapshots

Freitag, Januar 1st, 2021

Red Hat Gluster Storage – managing volume snapshots

Red Hat Gluster Storage – performance and sizing

Mittwoch, Dezember 30th, 2020

Red Hat Enterprise Linux (RHEL) 8.x – deprecates the ‚BtrFS‘ filesystem

Freitag, Dezember 11th, 2020

The BtrFS file system – has been removed this includes the following components

btrfs.ko kernel module
btrfs-progs package
snapper package

Red Hat Enterprise Linux 8.3 – delivers updated container tools new security profiles and enhanced performance capabilities

Freitag, Oktober 30th, 2020

Red Hat OpenShift – Roadmap Update

Montag, Oktober 12th, 2020

Red Hat OpenShift – eine technische Einführung mit einem Blick unter die Haube

Mittwoch, Oktober 7th, 2020

Red Hat OpenShift – accelerate Container Storage with Intel

Donnerstag, September 17th, 2020

Red Hat OpenShift – die erste und einzige container ­zentrierte Hybrid ­Cloud Lösung auf Basis von Projekten wie Docker Kubernetes Project Atomic oder OpenShift Origin konzipiert mit Red Hat Enterprise Linux CoreOS als zentralem Fundament

Donnerstag, September 3rd, 2020

Red Hat Gluster Storage – an architectural overview

Mittwoch, September 2nd, 2020

Red Hat Enterprise Linux 7.x / 8.x – the System Security Services Daemon (SSSD) is a system service to access remote directories and authentication mechanisms

Dienstag, August 4th, 2020

The System Security Services Daemon (SSSD) – it connects a local system (an SSSD client) to an external back-end system (a domain) this provides the SSSD client with access to identity and authentication remote services using an SSSD provider. For example, these remote services include: an LDAP directory, an Identity Management (IdM) or Active Directory (AD) domain, or a Kerberos realm