Paul's Blog

The articles below are on various topics, though the majority are focused on some aspect of systems administration.

Stripping an Atom RSS Feed · September 10, 2014

At work, we’ve got an internal-only blog for some upcoming special projects. Our experience, however, is that blogs get ignored without some external notification system like RSS. The problem is that some of our employees use public aggregators like feedly, which cannot see behind our firewall.

Our internal blog generates an RSS feed, but the feed includes <content> and <summary> sections that we really don’t want published in a public RSS feed.

My solution is to copy the feed to a public web host, but massage it with XSLT to remove the sensitive sections.


Of CFEngine and CentOS 7 · September 6, 2014

All the cool DevOps kids are using puppet and chef for configuration management these days, but I’m still sticking with CFEngine, which has served me well since the late 1990s.

CentOS doesn’t have a native cfengine package, so I’ve used the EPEL cfengine package on CentOS 6 machines for some time now. There’s currently no such package for CentOS 7, however, so I’ve relied instead on the one found in the Fedora 20 package set.


Block Single Host with firewalld · September 1, 2014

I’m fairly fluent in basic firewall operations with iptables, but the firewalld included in CentOS 7 is new to me. I’d gotten the firewalld-friendly version of fail2ban working on a VM I manage. One remote host was pounding away on port 22/tcp; it was duly denied access for several minutes at a time, but it never took the hint and went away.

I finally decided just to drop all packets from the IP address completely. To do so, I had to spend some time in the man page for firewall-cmd, the command-line interface to firewalld.


Welcome · August 23, 2014

So I’ve got a blog now. I like DocBook for the precision it gives me in my long-form articles, but it presents too much overhead for shorter pieces. The software behind the blog is Hexo, which is based on node.js. Writing is done in the lightweight markdown markup language. I did have to wrestle with the Hexo theme quite a bit before the blog layout would work and play well with the rest of my site, but I’m pretty pleased with the results.