slapd command on MacOS - macos

I have the following commands on MacOS
$ sl
slapacl slapadd slapauth slapcat slapconfig slapdn
slapindex slappasswd slapschema slaptest sleep slogin
I am following this tutorial on running an ldap server on MacOS:
http://krypted.com/mac-security/starting-openldap-on-mac-os-x-client/
seems strange that I don't have a slapd command - anyone know why?

Since slapd is almost never run "by hand", it's not in one of the binaries directories that're in the default PATH. Instead, it's in /usr/libexec, which is the usual place for things that're run automatically rather than manually. So run it with sudo /usr/libexec/slapd instead of just as slapd. (BTW, the sudo is needed so it can allocate low-numbererd TCP ports, and get full access to its database).

Related

ssh-add not saving identity after reboot - continues to fail after editing config file and trying numerous flag options

I have tried numerous options to add my ssh key for bitbucket to no avail.
When I reboot it ssh-add -L it says The agent has no identities.
I have tried using the following guides to add my ssh-key:
https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent
https://support.atlassian.com/bitbucket-cloud/docs/set-up-an-ssh-key/
I have tried several configurations of my config file including the following:
From BitBucket docs
Host *
UseKeychain yes
From Github docs
Host *
AddKeysToAgent yes
UseKeychain yes
IdentityFile ~/.ssh/bitbucket
I tried using ssh-add -K ~/.ssh/bitbucket and ssh-add --apple-use-keychain ~/.ssh/bitbucket
I tried starting the agent 2 different ways
From BitBucket docs
eval `ssh-agent`
From GitHub Docs
eval "$(ssh-agent -s)"
When I run it, it works until I reboot. Sometimes it doesn't work when I switch terminals or use git operations in VSCode.
On reboot nothing works.
Looking for any solutions
I'm guessing from:
--apple-use-keychain
that you're on macOS (I added that to the tags). This matches up with another part of your question:
Sometimes it doesn't work when I switch terminals ...
There are two tricky bits that intertwine here:
It's possible to have more than one ssh-agent running (but generally you don't want this).
On macOS, when you boot up the system and log in—even before any Terminal windows open up—the system has started one ssh agent for you.
This second bullet point is specific to macOS. On other systems, it's usually the case that the system has not started an agent for you, and therefore you must start one. But on macOS the system has started one for you. You don't want to start a second one! So do not run eval `ssh-agent`.
If you do run it, you get a second agent, as requested, and then only that one Terminal window can talk to that agent. This results in other Terminal windows not working, as you observed, and could lead to other similar issues like the VSCode one, perhaps. (I don't use VSCode so this part is just a guess.)
You do have to run:
ssh-add ~/.ssh/bitbucket
or similar at least once; I do it after each reboot, to load the key into the agent. According to this question on apple.stackexchange.com, using -K will save the passphrase for the key, and on Sierra or later you must take an extra step as well; see that question and its answer for more.
(I switch OSes a lot so I tend to avoid depending too much on any one particular OS's features. The trick with Terminal and ssh-agent is actually kind of annoying, in that respect. 😀 But it is useful.)

why run this command :"gpg-connect-agent updatestartuptty /bye"

I have a arch linux in vm,
I imported my gpg keys and configs gpg as described here:
https://github.com/drduh/YubiKey-Guide
and also config pass & git to use gpg keys, and everything works fine,
so for example when I run git pull for first time it asks me the password,
the problem is:
when I restart my vm, before I can run any command(like git pull),I have to run this command:
gpg-connect-agent updatestartuptty /bye
then everything works fine,
How can I solve this issue?
GPG depends on pinentry to provide user interaction for typing the passwords such as the one to protect your smartcard. In order to function properly, pinentry (which, on terminal, is either pinentry-tty or pinentry-curses) needs to know which tty it should listen for user interaction.
When GPG is acting as your ssh-agent to provide git+ssh authentication, it will keep a reference of the first tty available when it started, which is not the same you will have when you connect to your VM. Unfortunately, gpg-agent has no way to know at runtime which tty you are connected to, so it will fail every time it tries to communicate with its startup tty. That's why you need to update the startup tty using that command. This behavior is shortly described on their docs.
An alternative to avoid that command every time is to use any pinentry application that does not rely on tty, such as GUI ones like pinentry-gtk-2, pinentry-gnome and so on.

Starting a application with graphical interface on boot

I have a small question that I havn't found any answers to.
I run a virtual machine on my CentOS server, and I have made a simple script to start the virtual machine. I would like to run the script on boot so that the virtual machine starts up on boot also. So I successfully registered the script with following
chkconfig --add myscript
and enabled it with following
chkconfig --level 2345 myscript on
at last I checked it so its registered and enabled correctly with
$ chkconfig --list | grep myscript
So long, so fine, but when I restart my machine to test it, well nothing happens.
So now I wonder why isn't my script running? I had some thaughts that it cold be because of some missing arguments, myscript requires an argument "start" to run properly, so I think that could be the cause why it's not running, in that case where should I add the argument?
Note also, my script is ok, or at least I can run it manually.
UPDATE
The script is run during boot and is working as it should. Tha application I try to start with a script, my virtal machine, has a graphical interface and it seems like it's that causing the trouble. Does anyone have any experience in starting a graphical application with script on boot, on unix based OS's ofcourse? Or if there are any other clever ways of achieve this?
Thanks!
Make sure that the proper symlinks get created in /etc/rc.?/ and your startup script in /etc/init.d/ should contain start and stop methods.

Cannot open graphical application through command line?

I am having trouble opening graphical applications in linux (Sublime Text 2 in this case) through the terminal. I am using Fedora 17. I get this error for other graphical applications that I try to open up through the command line as well.
[root#computer djproject]# sublime settings.py
No protocol specified
(sublime:4202): Gtk-WARNING **: cannot open display: :0
Also, I get the same type of error when I try to do:
sudo sublime
Note in the command above I was logged in as a regular user without root access. Also 'sublime' is mapped to Sublime Text 2, and I have tested it before in other scenarios, so it is not the problem. Also, I have set this particular user up as a valid sudoer and the sudo command also works in other cases.
While researching the problem I came across many similar cases with no clear solution.
The following link has a user with a similar problem (although using ssh and on Ubuntu, rather than local and Fedora in my case).
Thanks in advance!
I spent quite a lot of time trying to figure this problem out, and came across this thread as I found a fix.
My problem was simply that I was running my commands from within the byobu session. I opened a new terminal tab and successfully ran the same commands.
Since DISPLAY is being defined, this may be a problem with permissions. How are you starting X? (As far as I know normally X is started by root and when you login you are granted access such that these issues don't occur, unless you're running sudo from a different account than the one you're logged into X with.)
You need to provide the correct 'cookie' file to access the session (simply being root isn't enough to get in). For users this is normally ~/.Xauthority, so executing xauth merge /home/<user>/.Xauthority should do the trick.
Alternatively have you tried gksu?
I actually needed this (run an X application from CLI with a different user), and valid workarround is to SSH -X:
user1 owns X
user2 is the second user that wants to run an X program from CLI, in this example, eclipse ide
user1:~$ ssh -X user2#localhost
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
user2#localhost's password:
Welcome to Ubuntu 14.04.1 LTS (GNU/Linux 3.13.0-44-generic x86_64)
user2:~$
user2:~$ /opt/eclipse/eclipse
I know this is 5 years old post, but I spend much time to solve issue like this on installation of Renderman of Pixar. Then I like to send my solution that maybe helps someone else
The problem is because of this "sudoer (here root) has no access to graphical space". (I don't know it is always or sometimes. I faced this issue on Ubuntu 16.04)
Doing the following solved my issue:
first, start Terminal as graphical user, Alt+Ctrl+T
then, execute these lines
$ unset XAUTHORITY
$ xhost add $DISPLAY . 123f
$ xhost +local:all
$ sudo xclock # or any graphical program needs sudoer
Let me know your feedbacks

Installing Membase from source

I am trying to build and install membase from source tarball. The steps I followed are:
Un-archive the tar membase-server_src-1.7.1.1.tar.gz
Issue make (from within the untarred folder)
Once done, I enter into directory install/bin and invoke the script membase-server.
This starts up the server with a message:
The maximum number of open files for the membase user is set too low.
It must be at least 10240. Normally this can be increased by adding
the following lines to /etc/security/limits.conf:
Tried updating limits.conf as suggested, but no luck it continues to pop up the same message and continues booting
Given that the server is started I tried accessing memcached over port 11211, but I get a connection refused message. Then figured out (netstat) that memcached is listening to 11210 and tried telneting to port 11210, unfortunately the connection is closed as soon as I issue the following commands
stats
set myvar 0 0 5
Note: I am not getting any output from the commands above {Yes: stats did not show anything but still I issued set.}
Could somebody help me build and install membase from source? Also why is memcached listening to 11210 instead of 11211?
It would be great if somebody could also give me a step-by-step guide which I can follow to build from source from Git repository (I have not used autoconf earlier).
P.S: I have tried installing from binaries (debian package) on the same machines and I am able to successfully install and telnet. Hence not sure why is build from source not working.
You can increase the number of file descriptors on your machine by using the ulimit command. Try doing (you might need to use sudo as well):
ulimit -n 10240
I personally have this set in my .bash_rc so that whenever I start my terminal it is always set for me.
Also, memcached listens on port 11210 by default for Membase. This is done because Moxi, the memcached proxy server, listens on port 11211. I'm also pretty sure that the memcached version used for Membase only listens for the binary protocol so you won't be able to successfully telnet to 11210 and have commands work correctly. Telneting to 11211 (moxi) should work though.

Resources