Monthly Archives: September 2013

Save Time with DNS Search on Ubuntu and Mac OS X

Do you SSH and/or ping a lot of servers under the same domain name? Ever get tired of typing the same domain name multiple times a day? E.G.:

ssh server1.ourcompanysname.com
ssh server2.ourcompanysname.com
ping merp.ourcompanysname.com

Easily setup your machines to automatically fill it in for you. Instead you’ll be able to:

ssh server1
ssh server2
ping merp

Here’s how on Ubuntu 14.04:

  • Edit your /etc/resolvconf/resolv.conf.d/base file with your favorite editor:
sudo vi /etc/resolvconf/resolv.conf.d/base
  • Add lines like this and save your changes:
search ourcompanysname.com
  • Now update resolvconf with:
sudo resolvconf -u
  • That’s it!

Here’s how on Ubuntu (older versions):

  • Edit your /etc/network/interfaces file with your favorite editor:
sudo vi /etc/network/interfaces
  • Under each interface (if you have more than one) look for a ‘dns-search’ line, and create it if it’s not there. The file should end up looking something like this:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
 address 123.123.123.123
 netmask 255.255.255.0
 # dns-* options are implemented by the resolvconf package, if installed
 dns-nameservers 8.8.8.8 8.8.4.4
 dns-search ourcompanysname.com
  • After saving your changes, restart networking:
sudo /etc/init.d/networking restart
  • That’s it!

 

Here’s how on Mac OS X: (I’m using Mountain Lion.)

  • Both view and edit your settings with the ‘networksetup’ command.
  • First check what network interfaces you have:
sudo networksetup -listallnetworkservices
  • If you’re like me, you’ll only need to setup search domains for the ‘Ethernet’ and ‘Wi-Fi’ interfaces.
  • Check if there are already any set; you’re likely to see “There aren’t any Search Domains set on [interface].”:
sudo networksetup -getsearchdomains Ethernet
sudo networksetup -getsearchdomains Wi-Fi
  • Set a new search domain for each interface you use:
sudo networksetup -setsearchdomains Ethernet ourcompanysname.com
sudo networksetup -setsearchdomains Wi-Fi ourcompanysname.com
  • That’s it!
Advertisements

Regaining root access to a virtual machine with Guestfish

Passwordless users with SSH public/private key access is a great way to go, but this requires a user to have passwordless sudo rights if it is to have sudo at all.

A couple of times now I have locked my user out of a having root access on a VM via various methods. – I still am able to get into the machine, but not use sudo, and no other user can use sudo either. What now?

If you have root access to the host machine and you’re able to install libguestfs, you can recover it. NOTE: Ubuntu 12.04 is the first Ubuntu version to have the libguestfs package available in the repository.

I have fixed both Ubuntu 10.04 and 12.04 Virtual Machines of the qcow2 format. Guestfish claims it can do many other formats. I used a Ubuntu 12.04 host machine to run guestfish. This will install the libguestfs package and any other dependencies you don’t already have:

sudo apt-get update
sudo apt-get install guestfish
Be sure to shutdown the VM before making any changes with guestfish. You are likely to corrupt your VM if you try to use guestfish in read/write mode while the VM is running.

Now we will open the sudoers file on the VM:

sudo guestfish --rw -a /path/to/vm_file.qcow2 -i edit /etc/sudoers

Make sure to add the following line at the end of the file, since other sudoer lines may override it otherwise:

[USERNAME] ALL=(ALL) NOPASSWD: ALL

where [USERNAME] is your user on the VM. Mine looked like this:

davidamick ALL=(ALL) NOPASSWD: ALL

Now save the file, close the editor, and restart the VM to find your user able to gain root without using it’s non-existent password. 🙂 It’s a good idea to then continue to set it up in whatever more proper way you use normally, like adding your user to an admin group who has the NOPASSWD: directive, and removing the line you just added. P.S. Guestfish is very powerful, and is also capable of adding a password to a root or other user. If you need to do this, try using guestfish’s “command” command to run a command inside the VM. You would not however want to run any command that requires user feedback, (I.E. the “passwd” command) since guestfish will hang and not play nice with this (as I found out the hard way.) Instead, practice first on a separate machine using the “crypt” and “usermod” commands to change the password in a single command, then run that command with guestfish on the VM.

UPDATE: Here is an example of adding a new password:

command "bash -c 'echo davidamick:asdfasdf | chpasswd'"