Skip to main content


Showing posts from August, 2017

Using Ansible to Fix CFEngine (after a trust failure as a result of re-addressing policy hub)

One of the things I have been given (cursed with) in my life in IT is maintenance of CFEngine. CFEngine is one of the oldest, typically left on the wayside, systems for configuration management on Linux and other Unix (and I think also Windows these days).... I'd love to drastically refactor and clean it up, because its grown pretty organically.

Anyway, its on some old equipment and I need to migrate it to a new IP to keep management happy from a risk perspective. How bad could that get? Turns out that CFEngine is sensitive to this, and I get another deluge of email:
!! Not authorized to trust the's public key (trustkey=false)  !! Authentication dialogue with failed  ... ad nuseum
So.... I think I just broke all the CFEngine agents, which won't be able to grab policy updates. Let's fix this using Ansible.

VirtualBox 5.1.27 + RHEL 7.4 (and others) + kernel update = suggest double reboot

For a long time now, every damn time I go to apply a kernel update, I have to rebuild the VirtualBox Guest Additions. If I have any vboxsf mounts set to mount at boot in /etc/fstab, I can look forward to a rescue-mode prompt. This is not specific to RHEL7, or to RHEL (I see plenty of reports of Ubuntu 11.04 with the same issue).

The 'dkms' (Dynamic Kernel Module Support) is meant to prevent this issue by triggering a rebuild when a kernel package is updated. It's installed,....  so why isn't it working. Time to get my hands dirty and learn a bit about dkms.

VirtualBox 5.1.26 + RHEL 7.4 = GA 5.1.27 needed

Well, its that time of the month again when life gets difficult. That's right, it patching time. So naturally, on the Monday after patch week, I decided to apply the updates that VirtualBox was notifying me about.

This time, its an update from 5.1.24 to 5.1.26.... it did not go as smoothly as I would have hoped. But the breaking change seems to be in the upgrade from RHEL 7.3 to 7.4, which changed the version of to 1.19, which Guest Additions 5.1.26 doesn't seem to support.

The symptom was that the graphic driver didn't seem to work (so tiny resolution). Other functionality such as shared clipboard still worked, thankfully.