My Fedora is getting fat…

Monitor your Fedora disk usage:

abrt-cli [list|rm]
journald --disk-usage
[sudo] yum clean all

Store vm|docker data outside /var

virsh pool-edit default
#/etc/sysconfig/docker
OPTIONS="-g /data/docker"

Enable virsh for `wheel` users (from goldmann.pl)

sudo tee -a /etc/polkit-1/rules.d/80-libvirt.rules << EOF
# Don't ask password if user is in the wheel group.
polkit.addRule(function(action, subject) {
  if (action.id == "org.libvirt.unix.manage" && subject.local && subject.active && subject.isInGroup("wheel")) {
      return polkit.Result.YES;
  }
});

EOF

# Set context.
chcon --reference=/etc/polkit-1/rules.d /etc/polkit-1/rules.d/80-libvirt.rules

NetworkManager please, stay away from my docker0

To set a list of unmanaged-devices you can just do the following.

cat >> /etc/NetworkManager/NetworkManager.conf <<EOF

[keyfile]
unmanaged-devices=interface-name:vboxnet0;interface-name:virbr0;interface-name:docker0

EOF

and

sudo nmcli connection reload

Strangely I had to put this in NetworkManager.conf. Using
/etc/NetworkManager/conf.d/20-unmanaged-bridges.conf didn’t work.

Firewalld to your jboss container

When you dockerize your jboss, the expose directive (luckily) doesn’t open firewall ports.

On Fedora20 you need to update your firewalld configuration:

 1- add one or more services to /etc/firewalld/zones/public.xml
 2- define ports in   /etc/firewalld/services/eap6-standalone.xml

<service>
  <short>eap-standalone</short>
  <port port="8080" protocol="tcp" />
  ...
</service>

Now 
  # restorecon -R /etc/firewalld/

Then 
  #firewall-cmd --reload

389org on Sabayon

Babel sponsored a Fedora DS release for Sabayon/Gentoo. The work has been done by the Sabayon maintainer lxnay with my support: we involved richm aka Mr. Fedora DS.

This work lead us to discover some issues on the server:

1. the AdminServer – using mod_cgi – plays the dup2/close game to close stdfd: this caused an error on Sabayon but not on Fedora.

  • We discovered that, even if Admin Server requires Apache2 mpm  (multithread), the Fedora  mod_cgi was build using prefork (single-threaded)
  • On Sabayon, like Gentoo,  you have to compile from scratch all packages, so you’re not supposed to mix prefork/mpm, and the mod_cgi was compiled in a multithread environment.
  • obviousily the dup2/close game won’t fit on multithread environment, because will close the fds of the main process (and not the child’s one)
  • further info on http://www.spinics.net/lists/fedora-directory/msg11697.html
2. the 389org schema files dropped the ldap aliases: we filed a bug and now they’re recovering them.