Network interface disabled by default in CentOS 7

After a fresh installation of CentOS 7, your main network interface may be disabled. Its name may be enp0s3.

Check its status with :

nmcli dev status

To enable it permanently, look at its configuration file at /etc/sysconfig/network-scripts/ifcfg-enp0s3 and make the change from :

ONBOOT=no
to
ONBOOT=yes

Restart the network service :

systemctl restart NetworkManager

The network interface status should now be as connected :

nmcli dev status

Winbind does not reflect AD group membership change

Sometimes, Winbind does not reflect AD group membership change. How to recover from it ?
The below steps have been successfully tested on a Red Hat server :

Get OS version :
cat /etc/redhat-release

Get Winbind version :
wbinfo -V

Stop Winbind service :
service winbind stop

Flush any Winbind cache :
net cache flush

Delete all tdb files :
rm -rf /var/lib/samba/*.tdb

Restart Winbind service :
service winbind start

Look up details for a given user :
id username

Remote: error: insufficient permission for adding an object to repository database objects

If you push code to a git repo, you might get this error :

remote: error: insufficient permission for adding an object to repository database objects
remote: fatal: failed to write object

Make sure that the system permissions are set properly. Stackoverflow provides some good troubleshooting steps.

The commands below solve the issue :

cd /path/to/repo.git
chgrp -R groupname .
chmod -R g+rwX .

git config core.sharedRepository true
 

For groupname, make sure it matches the user account details that you use for logging in and pushing code to the git server.

 

Setting aliases in Powershell 4

In Powershell, aliases are shortcuts for cmdlets or for your own functions.
You can create one easily using New-Alias or Set-Alias cmdlets.
To make them available within any Powershell session, put them in the $Profile configuration file.
Let’s have an example :

function start_vm() {
VBoxManage startvm "devbox"
}

Set-Alias -name svm -value start_vm -description "Booting dev VM"

To make these new aliases available in your current session, reload your configuration file :

.$Profile

To list all the available aliases :

Get-Alias

or

gal

Clock skew too great

wbinfo -u command did not display any Active Directory users although the server is part of the its domain. Checking the trust secret for this domain with wbinfo -t provides a successful output.

The Samba log file for this domain reports the following error :

winbind_error_clock_skew_too_great

To make it work again, on Centos 6.7, make sure that the server’s time is up to date.
Restart the ntpd daemon :

[root@localhost:~]# service ntpd status

Restart the winbind daemon :

[root@localhost:~]# service winbind status

As a test, retrieve details from a given user using the id command :

[fool@localhost:~]$ id username

If successful, all the groups the user belongs to will be listed.

Job for rpc-statd.service failed. See ‘systemctl status rpc-statd.service’ and ‘journalctl -xn’ for details.

NFS client running Centos 7.1 fail to mount NFS share due to a failure of the rpc-statd service.
Error message :
Job for rpc-statd.service failed. See ‘systemctl status rpc-statd.service’ and ‘journalctl -xn’ for details.
mount.nfs: rpc.statd is not running but is required for remote locking.
mount.nfs: Either use ‘-o nolock’ to keep locks local, or start statd.
mount.nfs: an incorrect mount option was specified

Make sure that the rpcbind service is enabled, up and running.

[fool@localhost:~]$ sudo systemctl enable rpcbind.service
[fool@localhost:~]$ sudo systemctl start rpcbind.service
[fool@localhost:~]$ sudo systemctl status rpcbind.service

To mount your NFS share :


[fool@localhost:~]$ sudo mount -t nfs -o vers=3 fqn_nfs_server:/path/nfsshare /mnt/share

Using the netrc file for curl

Using a netrc file in curl is useful to avoid typing your password for each new request.

The syntax of your netrc file is as follows :

machine fqdn_of_your_server
login your_login
password your_password

If you log in using any LDAP-based authentication, make sure to add the DOMAIN.


machine fqdn_of_your_server
login your_login@DOMAIN
password your_password

Make sure to change the permissions on your netrc file :

chmod 600 netrc

By default, curl looks for a netrc file in your home directory.
If needed, you can manually mention the location of your netrc file :

curl --netrc-file mynetrc