Backtrack:  
Blog
 
showing posts tagged with 'linux'
Change passwords using passwd in scripts (linux)
edited by on April 15th 2013, at 08:40

You can script password changes in linux by using passwd without any additional effort. The syntax for this is:

echo "your-password" | passwd --stdin user
 
Change delimiter of a for-loop in Bash shell-scripts
edited by on March 28th 2013, at 14:15

You can change the delimiter of a for-loop by changing the value of the global variable $IFS. By default this is set to a space.

For example, if you want the delimiter to be a new line, set it like so:

IFS=$'n'
 
Disable SSL with fetchmail
edited by on January 10th 2013, at 17:53

You can disable SSL in fetchmail by adding this line to your rc file:

sslproto ssl23

This restricts fetchmail to only use SSLv2 and SSLv3, disabling TLSv1. Note that this will cause the connection to be unencrypted, unless you use a proper SSL plugin, or SSL is requested explicitly.

 
Kiosk Chrome
edited by on November 26th 2012, at 17:42

Google Chrome can start up in fullscreen (F11) by default. This is done by enabling Kiosk-mode during startup. To do this, set the shortcut to Chrome like so:

C:\path\to\chrome.exe --kiosk
 
dnsmasq + openvz: set capabilities failed
edited by on September 24th 2012, at 12:24
When running dnsmasq inside a VPS on an OpenVZ server, you may get an error while trying to start up dnsmasq (this is in particular the case for Debian):Starting DNS forwarder and DHCP server: dnsmasqdnsmasq: setting capabilities failed: Operation not permitted

This is because dnsmasq does not run as root (which is a good thing). What happens is that dnsmasq gets started as root, then attempts to set privileged functions to the dnsmasq user before changing user from root to that user. When setting these capabilities fails, you get the above error.

The reason for failing is usually because either the kernel is missing the required features, or, in case of OpenVZ, the permissions are not pas  ...
 
Remote-reboot Polycom phones using SIP NOTIFY
edited by on November 4th 2011, at 14:51
You can remote-reboot your Polycom phones from the Asterisk CLI by sending a SIP NOTIFY command. This command instructs the phone to recheck its configuration, and therefore, will reboot when certain parameters have been set in your phone configuration provisioning.

Make sure the following directive is set in your provisioning config:

<specialEvent voIpProt.SIP.specialEvent.checkSync.alwaysReboot="1" />

You find this in sip.cfg, or you can set it in your own configuration (mine's called aaps-settings.cfg, but that's just an arbitrary name).

Notice
When setting this variable in your own configuration, be sure that it's set in the right context, like so:<localcfg> &l  ...
 
Postfix: block SMTP access by IP
edited by on September 28th 2011, at 12:23
If you wish to restrict SMTP access via IP addresses or a network range, one way to do it would be via Postfix configuration. You can set up restrictions using a Postfix hash-table or via a cidr file. You can choose one or both methods to perform the restrictions. The end-result will be the same.

Create a text file with the addresses you would like to reject. You can choose whatever file name you wish. E.g.: /etc/postfix/smtp_client_access

Its content should be something like:

192.168.0.1 REJECT Stop mailing us192.168.0.2 REJECT Stop mailing us192.168.1 REJECT Stop mailing us

Next, postmap it by running:

postmap /etc/postfix/smtp_client_access

Then add/edit this in your main.cf:

smtpd  ...
 
Automated backup of PostgreSQL in linux
edited by on June 5th 2011, at 13:17

To have scripted automated backup of PostgreSQL databases on a linux platform, you can create a script like so:

#!/bin/bash
PGPASSWORD="your-password" /usr/bin/pg_dump -U user database > sql-file.sql

Replace user and your-password with your username and password; replace database with the database you want to backup. The output of the dump goes to stdout and can be piped to a plain text file or compressed to something else.

 
Debian: turn off incremental (pdiff) package updates
edited by on October 20th 2010, at 11:57
Debian has introduced incremental updating of package lists. While in theory, this is a great feature, it is not always practical.

Incremental updates enable to download less data by fetching only the differences between the previous versions of the list. This results in significant savings concerning the amount of downloaded data.
The unfortunate downside is that a whole lot more fetches need to be done as each incremental update requires a server request. This becomes apparent when you don't often download package list updates, and there are suddenly a whole number of files waiting to be downloaded. The overhead of requesting each incremental slice separately causes the update to take mor  ...
 
Batch processing with The GIMP
edited by on August 26th 2010, at 12:53
While batch processing was already possible using the rather complex Script-Fu, there's now a plug-in for GIMP allowing simple batch processing through a dialog.

DBP David's Batch Processor allows for automatic operations on a collection of image files. Operations such as colour correcting, resizing, cropping, sharpening, and even renaming can be performed with ease, saving them to a different location in a different image format. All operations (except loading and saving) are optional so you can use this for simple image format conversion as well.

DBP can be found here: http://members.ozemail.com.au/~hodsond/dbp.html.
It is mainly designed for linux version of The GIMP but pre  ...
 
Determine shell script's own location
edited by on August 23rd 2010, at 16:47

For a shell script to determine its own location, you can use this code snippet. It takes relative and absolute paths into account.

#!/bin/bash
if [[ $0 == '/'* ]]; then
	MYLOCATION="`dirname $0`"
else
	MYLOCATION="`pwd`"/"`dirname $0`"
fi
echo "My location is: $MYLOCATION"
 
Regenerating SSH host keys
edited by on August 19th 2010, at 16:19

If for some reason you lost your SSH server keys, sshd will fail to start with error:

Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_dsa_key

You can recreate your host keys with these commands:

ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key

After recreating the keys, you will probably have to let your clients know as with the change of keys, they'll probably get warnings about it (Linux SSH will not even connect until you kick out the old keys).

 
IPSEC on multi-WAN linux firewall
edited by on June 23rd 2010, at 17:14
Working on implementing Multi-WAN at our office (more about that later), in which we use a rather special routing setup, we got this error message on our IPSEC tunnels:

Quote
ipsec_setup: Starting Openswan IPsec U2.4.12/K2.6.26-2-amd64...
ipsec_setup: no default route, %defaultroute cannot cope!!!

While the reason was obvious to me (there's indeed no default route in the main routing table, this is by design), fixing the problem was not.
I tried adding options like leftnexthop=ip-address but it did not really matter; the error persisted.

After searching around Google, I came across a post with a similar error, along with an unusual solution: adding the following line solve  ...
 
Fiddling with Shorewall
edited by on June 3rd 2010, at 20:03
Linux has always been a great player in internetworking, thanks to a very advanced networking stack. In addition, the filtering capabilities provided by Netfilter are only surpassed by a very select group of devices. It doesn't come as a surprise there are a lot of firewalls and internet gateways out there that are running this powerful combo.
Detailing the features of linux as a firewall/internet gateway would take up an entire article so I'm not going to elaborate on it. It suffices to say that whatever you can think up of setting up, the linux + netfilter combo can probably do it. Worst case, there are other third party applications (Squid as a web proxy and content filter, for instance)   ...
 
Maximum message size in Postfix
edited by on April 14th 2010, at 20:22

Like any other MTA, Postfix has a maximum message size that it allows to pass through. By default, when not defined, it is set to 10 MB.
To change it, add/change the following in main.cf:

message_size_limit = 15728640

This sets the limit to 15 MB. To make it unlimited, set it to 0.

 
php_flag vs. php_value
edited by on April 1st 2010, at 15:14
Had an issue where I was not able to change the post_max_size and upload_max_filesize through the Apache2 configuration.
After googling around, I finally found what was wrong: apparently, aside of php_flag, there's also a php_value flag to set configuration variables. The difference?

Use php_flag only when setting boolean values like 0 | 1, off | on.

Use php_value to actually set values other than boolean (like the filesizes of post_max_size and upload_max_filesize).

Thus, a working example looks like:

<Directory /var/www/> <IfModule mod_php5.c> php_flag register_globals off php_value post_max_size 16M php_value upload_max_filesize 16M </IfModule><  ...
 
Incoming PPTP VPN passthrough on OpenWRT
edited by on February 1st 2010, at 16:46
To set up a Windows PPTP VPN server behind your OpenWRT enabled router, you need to forward the necessary ports and protocols, and install the proper modules.

Finding information about how to do this was a lengthy process. I never actually found the necessary info (although I noticed there are quite a few people which are rather clueless about networking; makes me wonder why they're bothering with OpenWRT in the first place, it's not the easiest firmware out there).
But I've managed to compile the bits and pieces of various sources into a coherent mass. It's not a guide in the literal sense, but will tell you want you need, assuming you do know your way around OpenWRT.

The setup was tested  ...
 
SpamAssassin and 2010
edited by on January 6th 2010, at 10:18
Versions 3.2 of SpamAssassin have (until very recently) a bug in their rules which would mark mails dated 2010 (this year) as being spam.

The reason for this is that a rule exists which would add an additional score of 3.2 to mails with a date set to 2010, because when the rule was created, the date would be in the very far future. Of course, this is no longer the case.

The bug was already discovered in 2008, and resolved in the SpamAssassin repositories, but was not backported to 3.2 until 2010-01-01, when the issue was discovered by Mike Cardwell, a developer in the UK.

Users with this problem can easily resolve it by updating the rules:

sa-update

This changes the regexp so it exclude  ...
 
Keep-alive issues when proxying IIS with Apache2
edited by on September 8th 2009, at 18:26
We had a bit of trouble with an Apache2 server, configured as a front-end proxy for a IIS running various different sites. The idea for this has grown because of the fact that our client had only one public IP address at the time, but had to run multiple sites. Rather than running the sites in IIS on different ports, we setup the Apache2 to proxy requests to the IIS back-end, so the sites were accessible by means of sub-urls.
E.g.:

http://myserver/mysubdomain1/ -> http://internal-ip:my-port/

For this, we used mod_proxy, and the ProxyPass and ProxyPassReverse.

Lately, our client complained of regular errors when surfing the sites. Apache2 would give HTTP error 502 (Bad gateway) on the page  ...
 
Installing r8168 driver in 2.6.24
edited by on May 1st 2008, at 14:22
Currently, the Realtek R8168 driver does not work in a 2.6.24 kernel because of changes in the kernel structures. I found a patch on the Ubuntu Forums which adjusts the driver source so it can compile for a 2.6.24 kernel. The patch was written for 8.005.00, but I verified it working for 8.006.00 (latest version at time of writing). The patch is attached.

Download driver here.

Got the patch from here, but for your convenience, I've attached it to this article too.

Note that these instructions are also found on the page at Ubuntu Forums

After unpacking the driver, copy the patch in ./r8168-8.006.00/src/. Then run:

cd ./r8168-8.006.00/src/patch < r8168-8.005.00.hardy.diff.txt

Then comp  ...
 
showing posts tagged with 'linux'
 
 
« April 2024»
SunMonTueWedThuFriSat
 123456
78910111213
14151617181920
21222324252627
282930    
 
Links
 
Quote
« You only find out who is swimming naked when the tide goes out. »
Warren Buffett