Patching for Dirty Cow on Debian, Red Hat, Ubuntu, CentOS

“Dirty Cow” is the common name given to Linux vulnerability CVE-2016-5195. It is a “privilege escalation” that allows a non-root user to gain root access on a system. An attacker must have system access first, as a normal user. Then they use the bug to obtain root rights. It is dangerous and should be patched.

The Linux kernel itself was fixed in October 2016. Since then, Linux vendors have all released patches. Many Internet articles suggest addressing the bug by doing a general system update. While that might be fine for a test machine or Linux desktop, it isn’t ideal for a production server. This article describes how to fix the bug in the least invasive way possible – by updating the kernel only. Continue reading

ESXi Embedded Host Client

The ESXi embedded host client is a web application served direct from an ESXi server that allows basic management of virtual infrastructure. It is somewhat similar in appearance to Vsphere, though the feature set at the moment is less rich. Vmware has released it as a “fling“, which can be easily added to an existing ESXi server as follows. NB it is recommended to try this in a lab environment rather than a production machine. Continue reading

Repairing and Recovering a Broken ESXi VM

This post describes the recovery of a broken virtual machine within ESXi 5.1 (update 1). The VM was damaged in several ways: the vmxf file was missing, and so was one of the vmdk files. The system was down and not bootable due to the missing files. In addition, the root password had been lost and needed recovery. The same procedure, or parts of it, should work for other ESXi VMs. The broken VM was running Red Hat, but that barely impacts the procedure, apart from the password recovery bit. Continue reading

Upgrading ESXi from 5.0.0 to 5.0.0 Update 3

After a security scan showed vulnerabilities, a recent client of mine requested the above update. The target server was a stand alone HP DL360 running ESXi version 5.0 (GA). The upgrade was performed with the following procedure, which should work equally as well for other ESXi versions. A system reboot is required. Continue reading

BL460c G7 Blade Cannot see NC542m Mezzanine Card

This post explains how to install the mlx4 driver into ESXi 5.1 in order that it can see and communicate with the NC542m 2-port Ethernet adapter card.  The card was fairly new (at the time) and ESXi 5.1 could not see it by default. Continue reading

List Virtual Machines on ESXi

ESXi is popular hypervisor product from VMware. It comes with several management GUIs including Vsphere and VCenter. Command line tools are also bundled, though they are used more rarely. This article describes a short script to list all virtual machines on the system.

The script is below. It is intended to run under the Busybox shell, the default environment when you ssh directly into the system hosting ESXi. Continue reading

Solaris Tictimed Catastrophic File Error

Solaris administrators may have seen the message “Catastrophic file error – zero length” in their system logs. Although it sounds serious, there is nothing “catastrophic” about it. This post explains how to stop the message from flooding your log files. Continue reading

An Example of Parallel Processing

This post shows how to use parallel processing to get a CPU intensive job done faster in Unix/Linux. By splitting a large task into several parts, it is quite easy to give each part to a separate CPU, and complete the task many times faster than it would on a single processor.

These days, even small PCs and other devices often come equipped with several CPU cores. But some tasks will use only one core, sometimes using 100% of it, while other cores stand by idle. Sometimes this is a waste of resources. Continue reading