Hack things together

A little scripting never hurt anybody

Sometimes you have to do a specific task and you are fully capable of doing it manually, however those tasks are also great to flex your muscles and hack something together.

They can be an excellent tool to sharpen your skills with the tools you use regularly, and improve your quick prototyping skills.

In addition, with a couple of iterations, again sharpening an important skill, you could afterwards create a more general purpose tool from a hacky script.

[Read More]

How SELinux screws with scripts when run over VMware Tools

SELinux by default prohibits certain things from working through VMware tools (Ansible connection or plain API).

This can be solved two ways:

  • Disabling SELinux: BAD, but easy
  • Writing a custom SELinux policy: complicated but more secure

Note: Adding/Changing this policy through a VMware tools connection is thankfully possible

Example policy

This policy is the base for a VMware tools policy and allows entering the rpm context (yum).

module custom-vmtools 1.0;

require {
        type rpm_script_t;
        type vmtools_unconfined_t;
        class process transition;
}

#============= vmtools_unconfined_t ==============

allow vmtools_unconfined_t rpm_script_t:process transition