Using Puppet’s Exec Resource to Run Commands Manually

Published on 2009-09-25 in Linux. 1 Comment

The title of this post may seem confusing. The whole point of Puppet is to promote efficiency by eliminating manual administrative tasks, so why would anyone want to use Puppet to do things manually? Well, one simple example is when you want to install software from source, or from a binary package that is not supported by the package type. Your first instinct may be to use exec to do something like this:

exec { "install-foo":
    command => "curl -s -o /tmp/foo.run http://example.com/foo.run \
                && chmod o+x /tmp/foo.run \
                && /tmp/foo.run ",
    creates => "/usr/local/bin/foo",
}

This is pretty straightforward. The “command” parameter downloads and installs the package, while the “creates” parameter tells Puppet not to execute the command again as long as “/usr/local/bin/foo” exists. This keeps Puppet from unnecessarily downloading and reinstalling the program over and over again, but what happens when there’s a new version of foo.run? How does puppet know when it’s time to upgrade?

There may be better ways of doing this, but here’s a simple approach that has worked well for me:

$serial = "2009092501"
$serialfile = "/var/log/puppet/foo.serial"
exec { "install-foo":
    command => "curl -s -o /tmp/foo.run http://example.com/foo.run \
                && chmod o+x /tmp/foo.run \
                && /tmp/foo.run \
                && echo \"$serial\" > \"$serialfile\"",",
    unless  => "test \"`cat $serialfile 2>/dev/null`\" = \"$serial\"",
}

Notice that after running the command, I echo the value of $serial into the file at $serialfile. Then I use the “unless” parameter to check if the contents of $serialfile equals the value stored in $serial. If the values match, the command will not be executed. But now when I want to upgrade the foo package, all I need to do is update the value of $serial.

Citrix Receiver and SSL Error 61 on Linux

Published on 2009-09-15 in Linux. 0 Comments

Are you getting an error like this?

You have chosen not to trust “Go Daddy Secure Certificate Authority”, the issuer of the server’s security certificate (SSL error 61).

The solution is to download the appropriate root certificates (Godaddy’s are here) and save them to /usr/lib/ICAClient/keystore/cacerts.

wget -P /usr/lib/ICAClient/keystore/cacerts --no-check-certificate https://certs.godaddy.com/repository/gd-class2-root.crt https://certs.godaddy.com/repository/gd_intermediate.crt https://certs.godaddy.com/repository/gd_cross_intermediate.crt

Edit: One of my co-workers has a script that will do this for you.

Mass File Rename with Linux

Published on 2009-09-10 in Linux. 0 Comments

When people ask me why I love Linux so much, I tell them it’s the little things; like being able to do very simple mass file renaming on the command line:

rename "s/foo/bar/" *.baz

The first parameter is a Perl expression. The second is a file glob. This command will replace the string foo with the string bar in all filenames ending in .baz.

My RHCE Exam Experience

Published on 2009-09-08 in Information Technology and Linux. 25 Comments

On September 4th, 2009, I took the new 3.5 hour, single-section RHCE exam. This was my first time taking the exam, and to be perfectly honest, it was nowhere near as challenging as I thought it would be. While I don’t want to downplay the significance of the RHCE certification or give anyone the false impression that the exam is necessarily easy, I do want to emphasize that contrary to popular belief, it is quite possible to self-study your way to a perfect score. Not only was I able to breeze through the entire list of test objectives, I had time to thoroughly check and double-check all of my work with almost an hour to spare. This meant I was done long before anyone else in the room, including those who took the official Red Hat training courses. So how did I accomplish this feat?

The first thing you should know is that I had already been working professionally with Linux for ~10 years before I began studying for the exam. I doubt that so much experience is really necessary, but because the exam measures actual competency on live systems rather than your ability to memorize or “read between the lines,” I think it’s highly unlikely that someone with little or no working knowledge of Linux could successfully cram for this test. So I’d have to say that experience is an important prerequisite, but I’d also have to say that experience alone is almost certainly not enough. Considering the wide range of subject matter, it’s very likely that you’ll be tested on something you’ve never had to touch before.

In my opinion, the hardest thing about self-studying for the RHCE exam is knowing how much you need to know about each study point in the RHCE Prep Guide. In other words, when it says something like “you need to know basic configuration of x,” it’s hard to know exactly what “basic configuration” means. Although I’ve signed an NDA preventing me from revealing any details about the exam itself, I can tell you that nearly all of my study material came from two places:

  1. RHCE Red Hat Certified Engineer Linux Study Guide by Michael Jang
  2. Red Hat Deployment Guide

The rest of my study material came from search engines. I spent a lot of time comparing other people’s study notes to mine and reading anecdotes about the RHCE exam. While the result of this was usually a temporary blow to my confidence (there are a lot of horror stories out there!), I did find a few blogs and forum posts with some helpful information. Usually it was just an alternative way of doing something, but it was also nice to come across the occasional words of encouragement from a self-studied RHCE. Just knowing that other people had done it gave me a slight confidence boost (as I hope this post does for some of you).

The first thing I did was read Michael Jang’s book cover to cover, just trying to absorb what I considered to be the most important information from each chapter (i.e. concepts rather than commands). This took me a week or two. When I was done, I set up a test environment using VirtualBox. Then I decided it would help to have a condensed, single-page study guide to refer to, so I created a “wikified” version of the RHCE Prep Guide which I called my RHCE “cheat sheet”. For the next few weeks, I went through each study point on the “cheat sheet” and used my study material to test and document everything I thought I might need to know.

I found Michael Jang’s book to be a great study guide (the labs and example problems were a huge help), but I wasn’t completely happy with the amount of detail on some topics, as well as how it tends to follow the Red Hat course outlines rather than just sticking to the RHCE Prep Guide. I also found quite a few typos and just plain incorrect information, so that’s where the Red Hat Deployment Guide came in. While I was working on the RHCE “cheat sheet,” I would usually read the appropriate chapter(s) from Michael Jang’s book first, then I would supplement it with the appropriate chapter(s) from the Red Hat Deployment Guide. If I felt particularly weak in a certain area, I would also peruse the man pages and any HOWTOs I could find online. This was a long, arduous process, but it helped ensure that I wasn’t missing any important details.

For the last couple weeks, I tested myself by putting the “cheat sheet” away, doing a minimal install of CentOS in my test environment, and trying to configure everything I could without referring to any documentation whatsoever. Since the test takes place on a live system, I assumed from the beginning that the man pages would be available, but in order to save time, I wanted to make sure I could do everything off the top of my head. As a result, I ended up memorizing almost everything on the “cheat sheet,” which is probably why I was able to complete the exam so quickly.

Since I didn’t have a study partner, preparing for the troubleshooting section of the exam was a bit of a challenge. I did come across an interesting project called Trouble Maker which directly addresses this problem, but unfortunately, it has not been updated in several years and does not work on recent versions of CentOS. For a while, I actually considered writing my own trouble maker program, but I ultimately decided that this would be too much work. Luckily, I have a few friends who know enough about Linux to make a machine unbootable, so we made a game of it. I would give them my root password and challenge them to do something that would keep me from using my computer, then I would try to fix it as fast as I could.

When it was all said and done, I spent roughly six weeks (studying a few hours each day) to prepare for the RHCE. Considering how easy the exam was for me, I believe that I worked a lot harder than I needed to, but the results were clearly well worth the effort. The best advice I can give to prospective RHCEs is to take your time and practice until you can do everything in the RHCE Prep Guide off the top of your head. If you feel weak in anything, do yourself a favor and postpone the exam.

RHCE Exam Results

Published on 2009-09-04 in Information Technology and Linux. 10 Comments

The results are in, and I got a perfect score!

Dear Michael T Conigliaro:
 
The results of your RHCE Certification Exam are reported below.  The
RHCE Certification Exam allows candidates to qualify for the
Red Hat Certified Engineer (RHCE) and Red Hat Certified Technician
(RHCT) certificates.  Please note that the RHCE designation is
understood to both include and supersede the RHCT designation.
 
RHCE requirements: score of 70 or higher on RHCT components (100 points)
                   score of 70 or higher on RHCE components (100 points)
 
RHCT requirement:  score of 70 or higher on RHCT components (100 points)
 
RHCT components score:                             100.0
RHCE components score:                             100.0
 
RHCE Certification:                                PASS
 
Congratulations -- you are now certified as a Red Hat Certified
Engineer!  Your RHCE Certificate number is 805009592042441.
The attached file is your personal print-ready certificate.
 
You are entitled to print this document and use it to demonstrate
that you are an RHCE, provided you remain an RHCE in good standing.
You may not modify or change the document's contents in any way, nor 
may you appropriate any elements of this document for use in other 
electronic documents or printed materials.  You may only print the 
document in its entirety.  Any other use of the document must be
approved by Red Hat, Inc.
 
Your RHCE number should be available for verification at Red Hat 
Certification Central:
 
http://www.redhat.com/training/certification/verify/?rhce_cert_display:certno=805009592042441&rhce_cert_display:verify_cb=Verify
 
You can verify the certificates of other RHCEs and RHCTs at 
 
https://www.redhat.com/training/certification/verify
 
Please visit RHCE Connection, our web site exclusively for RHCEs:
 
https://www.redhat.com/training/certification/
 
There you will find special offers from Red Hat, logo art, forums, job
listings, and more.  You can also use the site to manage your contact
information.  In order to access the site, you will need a PIN number.
You can have the PIN sent to the email address we have on file at
 
https://www.redhat.com/training/certification/lostpin.html
 
If you wish to connect to the forums directly:
 
https://certforums.redhat.com
 
Certification in Red Hat Enterprise Linux opens up new opportunities. 
We hope you will keep Red Hat updated with your experiences and successes
with Red Hat Enterprise Linux.
 
Please feel free to contact us with ideas and suggestions as to ways
we can enhance our Red Hat Enterprise Linux training and certification 
programs at
 
https://www.redhat.com/training/certification/comments.html
 
Thank you very much for your interest in Red Hat Enterprise Linux!
 
Red Hat Certification Central