[Howto] Run programs as non-root user on privileged ports via Systemd

Running programs as a non-root user is must in security sensitive environments. However, these programs sometimes need to publish their service on privileged ports like port 80 – which cannot be used by local users. Systemd offers a simple way to solve this problem. Background Running services as non-root users is a quite obvious: if … Continue reading [Howto] Run programs as non-root user on privileged ports via Systemd

Insights into Ansible: environments of called playbooks

Usually when Ansible Tower executes a playbook everything works just as on the command line. However, in some corner cases the behavior might be different: Ansible Tower runs its playbooks in a specific environment. Different playbook results in Tower vs CLI Ansible is a great tool for automation, and Ansible Tower enhances these capabilities by … Continue reading Insights into Ansible: environments of called playbooks

Impressions of #AnsibleFest London 2016

The #AnsibleFest was taking place today in London, and I was luckily able to attend. This post shares some impressions from the event, together with interesting announcements and stories. Preface The #AnsibleFest London 2016 took place near the O2 Arena and lasted the entire day. The main highlight of the conference was the network automation … Continue reading Impressions of #AnsibleFest London 2016

So you think offline systems need no updates?

Often customers run offline systems and claim that such machines do not need updates since they are offline. But this is a fallacy: updates do not only close security holes but also deliver bug fixes – and they can be crucial. Background Recently a customer approached me with questions regarding an upgrade of a server. … Continue reading So you think offline systems need no updates?

[Short Tip] Debug Spamassassin within Amavisd

Filtering e-mail for spam and viruses can be done efficiently with Amavisd-New. Besides its own technologies to identify and filter out Spam it can also make use of Spamassassin and its results. However, since Amavisd starts Spamassassin itself, it sometimes is hard to debug when something is not working. For example in a recent case … Continue reading [Short Tip] Debug Spamassassin within Amavisd