CONTINUAL INTEGRATION – Page 176 – A Technical I.T./DevOps Blog

How Do You Troubleshoot the PowerShell Error “Cannot connect to CIM Server: Access is denied”?

Problem scenario
You run a PowerShell command with a user who is not a local administrator on the server. You get the error "Cannot connect to CIM server: Access is denied". How do you circumvent this error?

Possible solution #1
Make the user a local administrator. Then try again.

Possible solution #2
Use JEA to allow the user to run the command. If you want directions on deploying JEA, see this posting.

Possible solution #3
1. As an Administrator of the server, go to Server Manager -> Tools -> Computer Management. On the left expand "Services and Applications" and right click "WMI Control". Go to "Properties".

2. In the newly open Window, click on Security tab.

3. Expand Root tree, and then click on the node CIMV2, and click the button security

4. In the newly open Window, click the button Advanced.

5. In the newly open Window, click the button Add under the permission tab.

6. In the newly open Window, click on “select a principal", then search for the user you that was having the problem.

'7. In the applies to, choose “this namespace and subnamespace".

8. For the permission, check on “Execute Methods", “Enable Accounts" and “Remote Enable"

9. Click accept on all the open dialogue boxes

10. Restart WMI services. As an Admininstrator of the server, go to Server Manager -> Tools -> Computer Management. On the left expand "Services and Applications" and click on "Services". Go to "Windows Management Instrumentation" and right click it. Then choose "Restart".

11. Try the command again. The above directions were adapted from this StackOverflow posting.

For further reading
To learn more about the Common Information Model of PowerShell, see PowerShell in Depth; the index of the book for "Common Information Model" has numerous references.

How Do You Troubleshoot the Powershell Error “Cannot find Get-Command”?

Problem scenario
You run a PowerShell command. You get "Cannot find Get-Command" even though the command you entered was not Get-Command. How do you solve this error?

Possible Solution #1
As an Admininstrator of the server, go to Server Manager -> Tools -> Computer Management. In this Window (or MMC) go to System Tools -> Local Users and Groups -> Users. Double click on the User that received the error.

Is the user a member of Guests or Users? Is this intentional? You may want to add the user to a group.

Are environmental variables set as normal? Will commands like "ls", "dir" or "whoami" work? If not run these commands:

$env:UserName
$env:PSmodulePath

This may help you troubleshoot the problem.

Possible Solution #2
Are you using JEA when this problem exists? If so, is your PowerShell Service Configuration (.pssc) file set to run as a virtual account? That is, do you have a stanza such as one of these below?

# RunAsVirtualAccount = $true
RunAsVirtualAccount = $false

The top one is commented out. Without using a virtual account, certain variables may not be readily available in the session. If the "whoami" command does not work, try this: "$env:UserName" # with no quotes.

How Do You Create a Function in the C Programming Language?

Problem scenario
You are familiar with functions in programming languages (e.g., Python or SQL). You like how you can create a modular program with a function. Functions can allow you to reuse code and do data processing in a way that is readable. Logic can be created rapidly when you know how to use a function. How do you write a function in the C?

Solution

Prerequisites
Install the C compiler. If you need directions, see this posting.

Procedures
Use this example. The function here is called "printer".

1. Create a file called funcexample.cc.

2. Put the following lines in it (starting with "/* function example */" and ending with the last "}").

/* function example */
#include <stdio.h>
#include <string.h>

int printer(int z) {
   printf ("found %s\n","a test");
   z = z + 1;
   return z;
}
int main ()
{
int y;
y = printer(3);
printf ("y is a %d\n",y);
return 0;
}

3. Compile the code with gcc funcexample.cc.

4. Run it like this: ./a.out
You should see that y was assigned via the "printer" function. Remember that "printer" is not a reserved word. It is a function that returns an integer based on the way it was defined above.

How Do You Troubleshoot the C Program Error “error: expected ‘;’ before string constant”?

Problem scenario
You try to compile a program with "gcc nameofprog.cc". You get this output: "foobar.cc.:55:error: expected ';' before string constant"

What do you do to compile your program?

Solution
Go to line 55 of foobar.cc. If there is a printf command, be sure that the thing to be printed is surrounded by parentheses. Here is an example of a line that will cause the problem:
printf "This is a test";

Here is an example of a printf command with proper syntax:
printf ("This is a test");

How Do You Log onto a Free WiFi Network When There Is a “Internet not available” Error?

Problem scenario
You try connect via your wireless router to a WiFi network (e.g., at a restaurant, hotel, or public library). You open a web browser because you were told you would be prompted with a splash screen. On this page you would agree to the terms of service and/or enter a password. You are not seeing this web page. You try different URLs (e.g., www.yahoo.com, www.google.com). You are never prompted for a username or password.

Firefox may show something like this: "Hmm. We’re having trouble finding that site."

Chrome may show something like this: "There is no Internet connection...DNS_PROBE_FINISHED_NO_INTERNET"

The Wireless Network Connection status shows you do not have internet access. You cannot ping 8.8.8.8 from a command prompt either. There is no evidence you are connected to the network. You appear to be connected to the WiFi network itself. What should you do to gain access to the internet?

Solution(s)
Possible solution #1
Go to an IP address (with numbers) in a web browser and NOT a regular URL with letters. Any IP address should work (e.g., 5.5.5.5). This may resolve to the intended entrance webpage.

Possible solution #2
Try a different web browser.

Possible solution #3
Try a different machine (e.g., a smart phone, tablet, or PC).

Possible solution #4
Reboot the machine.

Possible solution #5
Do you have a software firewall or security application with strict security settings? This could be the cause of the problem.

Possible solution #6
Is your wireless network interface card configured to work with an internal DNS? If there was special configuration done on your NIC, it may not be ready for a regular, public WiFi.

How Do You Troubleshoot the C Program Error “warning: deprecated conversion from string constant to ‘char*’ [-Wwrite-strings]”?

Problem scenario
You try to compile a program with "gcc nameofprog.cc". You get this output:

"warning: deprecated conversion from string constant to 'char*' [-Wwrite-strings]"

What do you do to compile your program?

Solution
The program may still compile and run. Look for the a.out file to be created. It may be a working C program. Just run it like this: ./a.out

To get rid of the error, which is recommended as future C compilers may not be so forgiving, do the following. First find the line number throwing the error. The compilation error should have looked like this:

foobar.cc:15...warning: deprecated...

That means line 15 of the program named foobar.cc is causing the problem. Line 15 will look something like this:

char* other = "coolphrase";

Rewrite it to be like this:

char const * other = "coolphrase";

Why Does the Repoquery Command Return Incorrect Information When the %{Size:M} Flag Is Used?

Problem scenario
You ran this command: sudo repoquery openssl* --qf "%{name} %{size:m}"

You saw the following:

openssl 492 M
openssl-devel 1542 M
openssl-devel 1542 M
openssl-libs 991 M
openssl-libs 1221 M
openssl-perl 70.3 M
openssl-pkcs11 54.3 M
openssl-static 1068 M
openssl-static 1268 M
openssl098e 803 M
openssl098e 793 M

You know that the openssl packages are not this size.

The command "repoquery --version" returns this: "Repoquery version 0.0.11"

What should you do about the incorrect sizes of the packages you check with the repoquery command? Or why do RPM packages look to be so big?

Solution
Use this command instead:

sudo repoquery openssl* --qf "%{name} %{size:h}"

You may want to use "yum info" if you do not trust openssl.

sudo yum info openssl*

Root cause
We suspect this is a bug. The numeric values and lowercase "k" and uppercase "M" seem accurate with the ":h" flag and our cross-reference with the "yum info" command's results. Here is an example of the output of the above repoquery command but with the ":h" flag:

[jdoe@goodserver ~]$ sudo repoquery openssl* --qf "%{name} %{size:h}"
openssl 492 k
openssl-devel 1.5 M
openssl-devel 1.5 M
openssl-libs 991 k
openssl-libs 1.2 M
openssl-perl 70 k
openssl-pkcs11 54 k
openssl-static 1.0 M
openssl-static 1.2 M
openssl098e 803 k
openssl098e 793 k

Additionally the man page of the repoquery command had this output:

"BUGS
There are of course no bugs, but should you find any, you should first consult the FAQ section on http://yum.baseurl.org/wiki/Faq and if unsuccessful in finding a resolution contact the mailing list: yum-devel@lists.baseurl.org.

To file a bug use http://bugzilla.redhat.com for Fedora/RHEL/Centos related bugs and http://yum.baseurl.org/report for all other bugs.

Panu Matilainen 17 October 2005 "

We think that in 2018 we have discovered a bug.

Is It Acceptable to Store Configuration Files in Git, Subversion, CVS or Another Code Versioning Tool?

Problem scenario
You like the backup feature of a code versioning tool for potentially restoring files in a disaster recovery situation. You want to store complete code bases including necessary configuration files in such a repository.

This reputable link (https://www.cyberciti.biz/tips/my-10-unix-command-line-mistakes.html) says to use code versioning tools to store configuration files. However this different reputable link says to not use code versioning tools to store configuration files. Can you store .ini and other configuration files in a version control system?

Solution
According to the 12 Factor App rules, "A litmus test for whether an app has all config correctly factored out of the code is whether the codebase could be made open source at any moment, without compromising any credentials."

Based on a recommendation by SANS.org, we recommend not using Git for configuration files if they have a username and password. Non-code files that store parameters and other configuration information can be stored in a code versioning repository. We do not recommend such files that include credentials or sensitive information. In other words, there are many exceptions to the rule "do not store configuration files in code versioning systems." For disaster recovery or rolling back changes, you will want to have all the files that you need to get your software to work again. You may want to include a file in a repository such as a README.txt that will direct the user to where the sensitive parameters and credentials are to be found.

How Do You Access the Networking Port of a Docker Container When There Appears to Be No Port Mapping, Just a Single Port Exposed by Itself?

Problem scenario
You run "docker ps -a" and see values in the PORTS column. You see values such as these for two separate containers:

Container 1 has this: 0.0.0.0:32775->5000/tcp

Container 2 has this: 5731/tcp

You cannot reach the containers that have no "->" symbol in them via web browsers or other network connectivity tools. You can reach those containers with the "->" symbol in the PORTS value. What is wrong with the Docker containers with only one TCP port and not "->" syntax?

Solution
Those containers with no "->" mapping symbol in the PORTS value in the results of a "docker ps -a" command were potentially created without a necessary flag. The "-P" option may be enough to get them to work properly.

For creating a container with a TCP port that will be exposed, use this command (with a known working Docker image):

docker create -it -P <image ID>

Alternatively you can use the "docker run" command to create and start a Docker container. Here is the syntax for doing that with a known good image to create a container with a TCP port that will be exposed:

docker run -d -P <image ID>

How Do You Use Terraform to Create AWS Servers?

Problem scenario
You want to use Terraform to deploy EC-2 instances (VMs in AWS). How do you do this?

Solution
These directions can work on a Linux server in your enterprise, a Linux server in Azure or a Linux server in AWS.

1. Install Terraform. See this link if you do not know how.

2. Create a file like this called contint.tf with this as the content:

provider "aws" {
access_key = "accessKeyHere"
secret_key = "secretKeyHere"
region = "us-east-2"
}

resource "aws_instance" "example" {
ami = "ami-0b1e356e"
instance_type = "t2.micro"
}

3. Replace accessKeyHere with your AWS account's access key. Replace secretKeyHere with your AWS account's secret key. (You may also change the Amazon Machine ID if you desire.)

To find the AWS Access Key ID and AWS Secret Access Key, in the AWS console, click on your name in the upper right hand corner. Click on "My Security Credentials." Click "Create New Access Key." Then click "Show Access Key."

Save the changes to the .tf file.

4. From the directory with the .tf file, run these commands one at a time:

terraform init
terraform apply

5. You are done. The above steps will create an server (EC2 instance) in the "Ohio" region (also known as the us-east-2 region). After the server is created you can create another server and delete the one you just created by changing the word "example" of basic.tf, then running the command "terraform apply" with no quotes. Invoking "terraform apply" in a directory with a .tf file that is the same except the word "example" will do two things: delete the server that was created and create a new one. If you want to delete the AWS server, you can run this command:

terraform destroy

# The above command will destroy terraform-provisioned infrastructure.