Welcome …

Posted on

Linux: Broken sudoers file in Ubuntu

I’ve done this twice now, sometimes lessons need repeating. If you are going to edit /etc/sudoers in Ubuntu then set a root password or you risk locking yourself out.

If you edit the sudoers file and the syntax is incorrect then the system can no longer read the sudoers file. Now you can’t fix the file because

sudo vi /etc/sudoers

returns an error.

You need to reboot, holding shift before the grub menu, and choose recovery mode. Now go to the command line as root, mount the filesystem as read/write and give yourself permission to edit the sudoers file:

mount -n -o remount,rw /
chmod u+x /etc/sudoers

Now:

vi /etc/sudoers

and fix that mistake.

Really though .. if you had set a secure root password you could have avoided the pain with

su -

Related posts:

Posted on

Checkpoint: Change the Default WebUI Port in SecurePlatform and Gaia

The WebUI default access port is HTTPS 443. This can conflict when installing some Check Point products, e.g. Endpoint Security Server. In order to mitigate this, change the default webUI port as follows:

SecurePlatform

Log in to the SecurePlatform CLI in Standard mode, and run this command:

webui enable <port_number>

You should see the following:

Shutting down cp_http_server_wd [OK]
Shutting down cpwmd_wd [OK]
Running cp_http_server_wd [OK]
Running cpwmd_wd [OK]

To disable access to the WebUI, run the command:

webui disable

Gaia

To set the Webui port on Gaia enter clish and run:

CLISH> set web ssl-port <port number>

CLISH> save config

** Please read below – this must also be mirrored through SmartDashboard otherwise every policy installation will revert to the default 443 **

To change it through SmartDashboard:

Open ‘SmartDashboard > gateway/cluster object > platform portal’, and in the “Main URL” add the relevant port, for example:

https://143.100.80.100:xxx

This will force the machine to use port xxx. In the case of a cluster, this will also work for both members.

If this is not changed, every policy installation will change the port back to the default 443.

Related posts:

Posted on

VMWare: Backup ESXi Host Config Using vCLI

This process uses the vmware command line interface tools to backup your ESXi host configuration – a must have for disaster recovery when your ESXi host has to be rebuilt / cloned etc. The tools from the link below have been tested on all versions of ESXi from 3.5  onwards.

Note: This *DOES NOT* back up your virtual machines!!

1. Download the vCLI:

The installer will install the tools and also the ActivePerl sdk – the download link is currently here:

https://my.vmware.com/web/vmware/details?downloadGroup=VSP510-VCLI-510&productId=285

2. Use the esxcfg-cfgbackup.pl to backup your host configuration:

vicfg-cfgbackup.pl –server <server_name> -s <backup_file_name>

Example:

C:\Program Files (x86)\VMware\VMware vSphere CLI\bin>perl esxcfg-cfgbackup.pl — server 192.168.100.1 -s C:\Users\admin\Desktop\192.168.100.1.bin
Enter username: root
Enter password:
Saving firmware configuration to C:\Users\admin\Desktop\192.168.100.1.bin …

3. Use the esxcfg-cfgbackup.pl to restore your host configuration to a host:

esxcfg-cfgbackup.pl –server <server_name> -l <backup_file_name>

Note: this will cause the host to reboot once the process is complete.

Command Line Options

C:\Program Files (x86)\VMware\VMware vSphere CLI\bin>perl esxcfg-cfgbackup.pl –help

Synopsis: esxcfg-cfgbackup.pl OPTIONS [<backupfile>]
Command-specific options:
–force
-f
Force the restore of the configuration.
–load
-l
Restore configuration onto the host
–quiet
-q
Do not prompt for user confirmation.
–reset
-r
Resets host, restore to factory settings.
–save
-s
Backup the host configuration.

Common VI options:
–config (variable VI_CONFIG)
Location of the VI Perl configuration file
–credstore (variable VI_CREDSTORE)
Name of the credential store file defaults to <HOME>/.vmware/credstore/vicredentials.xml on Linux and <APPDATA>/VMware/credstore/vicredentials.xml on Windows
–encoding (variable VI_ENCODING, default ‘utf8’)
Encoding: utf8, cp936 (Simplified Chinese), iso-8859-1 (German), shiftjis (Japanese)
–help
Display usage information for the script
–passthroughauth (variable VI_PASSTHROUGHAUTH)
Attempt to use pass-through authentication
–passthroughauthpackage (variable VI_PASSTHROUGHAUTHPACKAGE, default ‘Negotiate’)
Pass-through authentication negotiation package
–password (variable VI_PASSWORD)
Password
–portnumber (variable VI_PORTNUMBER)
Port used to connect to server
–protocol (variable VI_PROTOCOL, default ‘https’)
Protocol used to connect to server
–savesessionfile (variable VI_SAVESESSIONFILE)
File to save session ID/cookie to utilize
–server (variable VI_SERVER, default ‘localhost’)
VI server to connect to. Required if url is not present
–servicepath (variable VI_SERVICEPATH, default ‘/sdk/webService’)
Service path used to connect to server
–sessionfile (variable VI_SESSIONFILE)
File containing session ID/cookie to utilize
–url (variable VI_URL)
VI SDK URL to connect to. Required if server is not present
–username (variable VI_USERNAME)
Username
–verbose (variable VI_VERBOSE)
Display additional debugging information
–version
Display version information for the script

Related posts:

Exit mobile version
%%footer%%