Klunky Blog

Previously, cron jobs used to live in /var/spool/cron, and the world was simple.

Much later new folk thought this was too simple, and cron jobs were split up into /etc/crontab, /etc/cron.d /etc/cron.daily, /etc/cron.weekly, and /etc/cron.monthly. Overly complicated but with good intentions ( road to hell ). But /var/spool/cron was left for posterity and crontab -e works.

A bit later, new folk decided they had a better idea, and moved some of the system cron programmes from cron to systemctl triggers. I quite like it because it is new and pretty and shiny.

Now we have three related cron systems:

         crond  -> /var/spool/cron + /etc/cron*
         systemd timers

Where is logrotate? It's called from here:

         systemctl status logrotate.timers

If this enabled, and active, then you are good to go.

See what it has been up to with:

          journalctl -u logrotate.timers

But really crond with /var/spool/cron/ was far simpler, and less error prone. Yes, you have to actually be able to write a basic shell script, but one had to be proficient in writing in C and in Shell scripts to consider a career in UNIX/Linux administration. ( rant over )

Nevertheless, I like systemd.

When somebody's policy makes varibles readonly, such as HISTFILE, with this in a /etc/profile.d/* file: typeset -r HISTFILE

Lets us modify readonly the environment varibles. This works only if we have gdb installed. Done on RHEL7.9

    export HISTFILE=abd
    -bash: HISTFILE: readonly variable
    $ echo $HISTFILE mailto:/home/myuser@AD-domain/.history/20231107.155621
    $  gdb -ex 'call unbind_variable("HISTFILE")' --pid=$$ --batch
    0x00007f7ec902d46c in waitpid () from /lib64/libc.so.6
    $1 = 0
    [Inferior 1 (process 35393) detached]
    $ HISTFILE=.bash_history
    $ touch .bash_history
    $ ls
    $ cat .bash_history
    HISTFILE=.bash_history
    touch .bash_history
    ls
    $

If gdb is available, then stick this into your .bashrc:

    [ -f /usr/bin/gdb ] && /usr/bin/gdb -ex 'call unbind_variable("HISTFILE")' --pid=$$ --batch' >/dev/null 2>&1

And now we can set up our history with something sensible ( at least sensible for me).

    export HISTFILESIZE=
    export HISTSIZE=
    unset HISTTIMEFORMAT
    export HISTFILE=~/.bash_eternal_history
    PROMPT_COMMAND="history -a; $PROMPT_COMMAND"`

Job done. Back to work.

Thanks APT. Let's stop right there shall we, because I need fdisk (/sbin/fdisk /sbin/cfdisk /sbin/sfdisk) amoung other programme. Face-Palm.

    #  apt-get autoremove --purge
    Reading package lists... Done
    Building dependency tree... Done
    Reading state information... Done
    The following packages will be REMOVED:
    bsdmainutils* cpp-8* fdisk* g++-10* geoip-database* glib-networking* glib-networking-common*
    glib-networking-services* ...
    ^c
    #

This week I had to setup some Cisco SNMP credentials for a client. I've not done this before, and this page exi sts to remind me later.

Cisco ASA

    sh snmp engineid # this is needed in a later command
    Local SNMP Engine ID: 800003A6F7BE00
    conf t
     
    snmp-manager
    snmp-server enable traps
    smp-server user Sophie AdminGrp v3 auth sha Mypassword1 priv aed 256 MyOtherPasswd
    snmp-server engineID remote 10.1.1.50 udp-port 162 @engineID
    snmp-server engineID remote 10.1.1.51 udp-port 162 @engineID
    snmp-server host 10.1.1.50 version 3 priv Sophie
    snmp-server host 10.1.1.51 version 3 priv Sophie

…more

    $ openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -keyout hixxxxxxxx.onion.key -out hixxxxxxxx.onion.crt

Stick it in your nginx configuration.

SSL Stapling not required because it's self-signed. So, it's commented.

    ssl_certificate         /etc/ssl/certs/hixxxxxxxx.onion.crt ;
    ssl_certificate_key     /etc/ssl/private/hixxxxxxxx.onion.key ;
    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1.2;
    ssl_ecdh_curve  secp384r1;
    ssl_session_timeout 10m;
    ssl_session_tickets off;
    #ssl_stapling on;
    #ssl_stapling_verify on;
    #ssl_trusted_certificate /etc/blah/blah/blah.pem;  
    resolver 127.0.0.1 8.8.8.8 valid=300s;
    resolver_timeout 2s;
			

We're good to go.

Colours distract. Highlighted opening and closing brackets hurt, and search terms usefullness is lost after five seconds. Let's turn it off.

Stick this into your .vimrc

 syntax off
 set nohlsearch
 set t_Co=0

If your Macbook is hot then istats run from the CLI helps. This runs on Sierra.

…more

The most important pieces of information when using sane qwerty keyboards in a world ruled by crazy Azerty, espe cially on Consoles is

    loadkeys us
    setxkbmap -layout us
			

…more

Hi!

We have iPads that had difficulty viewing certain content from Roundcube [RC], and we've mended this problem with help from our RoundCube community. This issue is present with Roundcube 0.9.5 and is fixed in future releases (this post edited in 2019).

Lets frame our problem If we send emails from RC with specific default encoding then iPad's Mail programme displays this silly message,

    This message cannot be displayed because of the way it is formatted.
    Ask the sender to send it again using a different format or email program. multipart/alternative
			

…more

We suspected our 3PAR storage rcopy deltas were corrupt, and how should we verify? 3PAR will not tell us our We suspected our 3PAR storage rcopy deltas were corrupt, and how should we verify? 3PAR array won't really tell us its out of sync on such low levels, that our deltas have been corrupted.

There is an undocumented command named checkvvropy that can help us, and being undocumented there was no help text available.

…more

etckeeper is a collection of tools to let you store your precious /etc files in a repository which is updated daily from cron. One can choose git darcs hg bzr. There is very little configuration to do.

…more

Posted on March 21, 2012 by disharmony Most people use DTrace to see what their system is actually doing. What functions or systemcalls are being executed, what is my process doing, where is most time spent, etc. The possibilities are endless and DTrace is such an awesome tool that I just can’t stop talking about it.

Not everyone might know that DTrace is not only able to trace your system and applications, but it can also change memory on the fly. I knew this from the beginning but actually never took the time to dig into this, until now.

While reading DTrace’s documentation about copyout and copyoutstr it became immediately clear to me that this means even more fun! Extending the, already endless, possibilities.

Imagine the following example:

open64(""/etc/vfstab"", O_RDONLY);

The open64 systemcall takes 2 arguments: arg0 and arg1, where arg0 is a const char pointing to a file and arg1 is the flag that specifies the access mode, in this example readonly.

We can easially dtrace all processes that are calling open64 and print arg0 and arg1:

syscall::open64:entry
{
    printf(""%s: %s %i"", execname, copyinstr(arg0), arg1);
}

which will show something like:

dtrace: description 'syscall::open64:entry ' matched 1 probe
CPU ID    FUNCTION:NAME
  1 16560 open64:entry cron: /system/contract/process/template 2
  1 16560 open64:entry cron: /var/adm/lastlog 258
  1 16560 open64:entry cron: /dev/null 0
  1 16560 open64:entry cron: /tmp/croutUSLV2gaKT 1281
  3 16560 open64:entry cron: /system/contract/process/latest 0
  3 16560 open64:entry cron: /system/contract/all/117346/ctl 1
  0 16560 open64:entry cron: /system/contract/process/latest 0
  0 16560 open64:entry cron: /system/contract/all/117347/ctl 1
  2 16560 open64:entry cat: /etc/vfstab 0
  0 16560 open64:entry cron: /system/contract/process/template 2
  0 16560 open64:entry cron: /system/contract/process/latest 0

There is a cat process showing up with /etc/vfstab as arg0, and 0 (O_RDONLY) as arg1. Wouldn’t it be awesome if we could change arg0 into something different, like /etc/hosts, on the fly?

It’s quite simple to do this with DTrace. We only need to run DTrace in destructive mode (be carefull !!) and to use copy out to rewrite arg0:

#pragma D option destructive

syscall::open64:entry
/execname == ""cat"" && copyinstr(arg0) == ""/etc/vfstab""/
{
    this->f=""/etc/hosts"";
    copyout(this->f, arg0, sizeof(this->f) + 1);
}

It’s important to keep in mind that the size of /etc/hosts is smaller than /etc/vfstab. Writing data that doesn’t fit in the application buffer is dangerous!

We need two tools here:

1. ngrep to find an SSL certificate in the TCP packets, and
2. iptables to block the SSL string.

3. …more

Hundreds of articles on the Internet address this and many spend their time seeking these out. Here is on

e more, with examples cribbed from someone else, so that a search engine picks it up and helps someone else.

In Unix, the character transliteration tool 'tr' exists almost from the beginning.

To remove CR=13(dec)=15(oct)

…more

Apache mod_qos module

I was asked to implement rate limiting on Apache and my first thought was mod_sec. Mod_sec turned out to be too complicated with too much of an overhead. Something lighter and easier should be sought. mod_qos worked :)

…more

Use LSI Logic for the SCSI controller in the virtual machine settings

Today I had to install SLES 10 SP3 onto a VMware instance, and during initial installation process a message akin to ""no disks found"" popped up! Changing the disc controller type to LSI Logic SAS worked and discs appeared.

…more

root@ehc:/> w
12:52pm  up 2970 day(s), 21:59,  2 users,  load average: 0.00, 0.02, 0.02
User     tty           login@  idle   JCPU   PCPU  what
root     console      11Jan12166days      4         -sh
root     pts/1        12:48pm            3         w
root@ehc:/> uptime
12:52pm  up 2970 day(s), 22 hr(s),  2 users,  load average: 0.00, 0.02, 0.02