Ubuntu 18.04 change DHCP address to Static IP with netplan

Netplan config location can be found at:


user@host:~$ ls -l /etc/netplan/
total 4
-rw-r--r-- 1 root root 583 Sep 5 16:27 50-cloud-init.yaml

Output of the config file is presented where we see that dhcp is set to true


user@host:~$ sudo cat /etc/netplan/50-cloud-init.yaml
[sudo] password for user:
# This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
ethernets:
enp0s3:
dhcp4: true
version: 2

 

We then amend the file so we do not use DHCP server but static IP we want like in config below.


user@host:~$ sudo vim /etc/netplan/50-cloud-init.yaml
[sudo] password for user:
# This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
ethernets:
enp0s3:
dhcp4: false
addresses: [192.168.1.2/24]
gateway4: 192.168.1.1
nameservers:
search: [host]
addresses: [192.168.1.1, 208.67.222.222]
version: 2
 

After this what we only need is to generate this YAML into configuration files understood by the backends. And then apply the same.


user@host:~$ sudo netplan generate
user@host:~$ sudo netplan apply

If you are connected via putty on old IP you would probably lose connection so amend IP in putty properties and reconnect.

[ Simple ] POP SS and MOV to SS detection

I have seen that new vulnerability is detected by Red Hat CVE-2018-8897 [Moderate] & CVE-2018-1087 [Important] on Linux kernel.

This was a great opportunity for me to demonstrate how BSA Compliance can be used in very simple and yet very powerful way. With this you can in 10 minutes create and execute job who would detect vulnerable systems and then you could use BSA Patching to update these kernels.

You can download this Component Template from BSA Communities and also you can look into my process of thought when I was creating this Component Template on Youtube link. After I have created this I realized that I needed to update detection logic for 32bit systems which I did in Component Template and you can look into differences.

I wanted to do this to show how easy it can be to use BSA for compliance. Also there are more ways to do this. You could use Red Hat script that they have provided and run it as NSH Type 3 script against your all targets which could get you results back.

As always with BSA you have huge number of possibilities to approach any topic. Usually the only limitations are we users.