:::: MENU ::::


  • Feb 22 / 2022
  • Comments Off on Install pip packages offline

Install pip packages offline

Sometimes you might need to download some pip packages offline on a device with no Internet access. This is entirely feasible through multiple ways.

Install a single package:

You first need to download that package on a device with Internet access (using pip package as an example)

wget https://files.pythonhosted.org/packages/6a/df/a6ef77a6574781a668791419ffe366c8acd1c3cf4709d210cb53cd5ce1c2/pip-22.0.3-py3-none-any.whl

Then you push that file to the device you need to install the package on, and you can execute:

pip install pip-22.0.3-py3-none-any.whl

Install a list of requirements:

You first need to download the list of packages needed from the requirements.txt file:

pip download -r requirements.txt

Then, push all the downloaded files to the server, and install those requirements on the server, using the downloaded packages:

pip install --no-index --find-links /path/to/download/dir/ -r requirements.txt
  • Jun 03 / 2021
  • Comments Off on Issue with sudo – sudo:auth could not identify password for [user]

Issue with sudo – sudo:auth could not identify password for [user]

If you get the following error when trying to execute a sudo command, despite the fact that you configured your sudoers or sudoers.d config file properly:

sudo: pam_unix(sudo:auth): conversation failed
sudo: pam_unix(sudo:auth): auth could not identify password for [user]

Then, you might need to have a look at the PAM configuration on your device.
Ensure that you have this line enabled in your /etc/pam.d/sudo file:

# cat /etc/pam.d/sudo
# The line below should fix the sudo:auth could not identify password
auth       sufficient   pam_permit.so

# The lines below are the default config
auth       include      system-auth
account    include      system-auth
password   include      system-auth
session    optional     pam_keyinit.so revoke

session    include      system-auth

Once you changed this file, no need to restart anything – just retry your command and it should work!

  • Mar 21 / 2021
  • Comments Off on Use rsyslog omprog with a Python script

Use rsyslog omprog with a Python script

If you want to filter some specific logs and redirect them to another server or to another file, you can use the module provided with rsyslog called “omprog”.

Thanks to that module, you can just ask rsyslog to execute a script on every logs you have from a specific application and process it with your own rules.

Let’s go with a simple example, I want to filter my logs from postfix and only extract few specific information.

Below is the configuration I will now push to /etc/rsyslog.d/rsyslog_postfix.conf in order to:

  1. Redirect the current log to /var/log/maillog as a default path (to keep the raw log)
  2. Process every log line with my python script in order to extract only some specific informations that I will write in /var/log/rsyslog_postfix.log

mail.* {
        binary="/usr/bin/python3 /opt/rsyslog_postfix.py"

Rsyslog script

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# python_version  :3.6

import sys
import traceback
import datetime

if __name__ == '__main__':
    data = {}
    while True:
            line = sys.stdin.readline()
            msg = line.strip()
            if msg != "":
                timestamp = msg.split(' ')[0]
                proc= msg.split(' ')[2].split('[')[0]
                pid = msg.split(' ')[2].split('[')[1].split(']')[0]
                log = msg.split(' ', 3)[3]
                if proc.startswith("postfix/"):
                    data = { 
                        "Timestamp": timestamp,
                        "Process": proc,
                        "PID": pid,
                    data["PostfixID"] = log.split(' ')[0].split(':')[0]
        except Exception as e:
            err = traceback.format_exc()

Now, I just need to restart rsyslogd process and the logs will start to be processed as expected, and you should get the raw logs in /var/log/maillog and the filtered ones in /var/log/rsyslog_postfix.log

systemctl restart rsyslog
  • Feb 10 / 2021
  • Comments Off on Disable FIPS mode on CentOS 7

Disable FIPS mode on CentOS 7

FIPS (Federal Information Processing Standard) can be enabled (by default or not) on linux kernels to enable the FIPS kernel cryptographic features.
But in some case, this can also lead to some issues with openssl, or any cryptographic tool that you can use within any code.

You can check if FIPS is enabled with that command:

# cat /proc/sys/crypto/fips_enabled

If you need to turn this feature off, you will have to first remove any dracut-fips package that you have installed:

# yum -y remove dracut-fips* 

Then, take a backup of the FIPS initramfs and recreate a new file:

# cp -p /boot/initramfs-$(uname -r).img /opt/initramfs-$(uname -r).backup
# dracut -f 

Once the file creation is complete, update your GRUB configuration to disable fips flag and rebuild grub configuration

# perl -pi -e 's/fips=1/fips=0/g' /etc/default/grub 
# grub2-mkconfig -o /boot/grub2/grub.cfg
# grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg

Now, reboot the server and if you check FIPS status again, it should return a value of 0 indicating that FIPS is disabled:

# cat /proc/sys/crypto/fips_enabled
  • Oct 26 / 2020
  • Comments Off on MacOS – “No mountable file systems” issue when mounting ISO file

MacOS – “No mountable file systems” issue when mounting ISO file

If you try to mount an ISO file (like a Linux distribution) on MacOS and you get that weird error saying “No mountable file systems“:

Then, you can easily find a workaround by using CLI.

% mkdir /mnt/iso
% hdiutil attach -nomount FILENAME.iso
/dev/disk2              FDisk_partition_scheme          
/dev/disk2s2            0xEF
% mount -t cd9660 /dev/disk2 /mnt/iso

And now, the content of your iso file is available in /mnt/iso directory.

To unmount the ISO file, just type:

% umount /mnt/iso
  • Sep 27 / 2019
  • Comments Off on MacOS – Prevent the automatic creation of a .DS_Store file on network drives

MacOS – Prevent the automatic creation of a .DS_Store file on network drives

Mac OS X is automatically creating .DS_Store file as soon as you’re working on some network drives. This is used to store some custom attributes.

If you want to prevent the OS to create those files automatically, follow the steps below:

  • Open up a Terminal
  • Run this command
    defaults write com.apple.desktopservices DSDontWriteNetworkStores true
  • Restart your Mac

Once this is executed, the DS_Store files will only be created on local drives.

Question ? Contact