Posts from 2015-10

X2X: An alternative to synergy

posted on 2015-10-20 23:22:45

When for whatever reason synergy quits working, try x2x:

apt-get install x2x -y

(On the machine where you want to direct your keyboard/mouse output to.)

ssh -XC <user>@<host> x2x -west -to :0.0

If -X (for X forwarding) is not working, enable it via X11Forwarding yes in your /etc/ssh/sshd_config.

All cardinal directions are fine, this is enough to use it. For everything else refer to the manpage. There may be minor glitches, i.e. when having monitors with different resolutions, but this is not a problem usually.

iptables: list installed modules

posted on 2015-10-18 23:47:45

I will get some proper output for that when I revisit that posting.

For now:

echo; echo Available Modules:; \ls -1 /usr/lib*/xtables | \grep -v -e '[A-Z]\+'; echo; echo Available Actions:; \ls -1 /usr/lib*/xtables | \grep -e '[A-Z]\+'

mysql: grants, revisited

posted on 2015-10-18 00:07:40

Another way to gather information about grants, can be seen here:

mysql --skip-column-names -A -e"SELECT CONCAT('SHOW GRANTS FOR ''',user,'''@''',host,''';') FROM mysql.user WHERE user<>''" | mysql --skip-column-names -A | sed 's/$/;/g'

This assumes you have a .my.cnf in your /root / homefolder so you can access the mysql cli without a password. Else you have to pass -u and -p, too.

Pipe this command into less for viewing, or safe it into a file for exporting to another server. On the other server it can be piped directly into mysql, and they you have transferred all your users and access rights at once.

In case of transferring the userdata like this, beware of the root user in there, too. It will kill the current root password on the new server, if you don't clean it from the file prior to replaying it into mysql there.

bash prompt deluxe

posted on 2015-10-12 00:31:04

For quite a long time I have had the same prompt on and off, like:

[user@host ~/folder]$ 

This one was already colored. However quite a while ago I read about Steve Losh and his ZSH prompt, where he also used to show git or mercurial repository information.

After quite a while (making the exit code colored depending on wether it is zero or not is harder than it seems...), this was also added. Without further ado (or any explanation how the colors look like, here are some exmples:

REGULAR, GIT, SVN:
0 [256] 1 [ sjas@nb.dyn.sjas.de ~] 00:06:39 $ cd repo/gitolite-admin/
0 [257] 2 [ sjas@nb.dyn.sjas.de ~/repo/gitolite-admin git:[master] ] 00:06:45 $ cd ../non-modal-swing-dialog-read-only/
0 [258] 3 [ sjas@nb.dyn.sjas.de ~/repo/non-modal-swing-dialog-read-only svn:[Rev 41] ] 00:06:50 $ 

ERROR CODE as first number:
0 [258] 3 [ sjas@nb.dyn.sjas.de ~/repo/non-modal-swing-dialog-read-only svn:[Rev 41] ] 00:07:05 $ asdf
bash: asdf: command not found
127 [259] 4 [ sjas@nb.dyn.sjas.de ~/repo/non-modal-swing-dialog-read-only svn:[Rev 41] ] 00:07:07 $

The second number is the history count altogether like in the history file, the third one the count of the current session. Everything is colored, and for me it is not too long due to the colors.

This goes into the ~/.bashrc:

promptfunction() {
    local EXIT="$?"
    local VCS=""
    PS1=""
    if git branch &>/dev/null
    then
        VCS=" git:$(git show-branch | awk '{print $1}') "
    else
        if svn info &>/dev/null
        then
            VCS=' svn:[Rev '"$(svn info | \grep -i revision | awk '{print $2}')"'] '
        fi
    fi
    PS1="\[\e[3$(if [ $EXIT = 0 ]; then echo '2'; else echo '1'; fi);1m\]\$?\[\e[0m\] [\!] \# \[\e[31;1m\][\[\e[37;1m\] \u\[\e[33;1m\]@\[\e[37;1m\]$(hostname -f) \[\e[32;1m\]\w\[\e[36;1m\]$VCS\[\e[0m\]\[\e[31;1m\]]\[\e[0m\] \[\e[33;1m\]\t\[\e[0m\] \[\e[36;1m\]\\$ \[\e[0m\]"
}
export PROMPT_COMMAND=promptfunction

I could have changed the coloring such that i'd have used variables for the coloring, but by now I can read them just as well. If you want to know more about the coloring, google 'ansi escape codes'. :)

IP over serial connection / RS232 via SLIP

posted on 2015-10-10 03:31:04

As of 2015, this is very likely stuff which is needed anymore. Still, for documentation reasons:

slattach /dev/ttyUSB0 -p slip -s 9600 -dL &
# interface 'sl0' just got created now
ifconfig sl0 <IP>

Repeat this on the other host, and you should be able to send ping over your serial connection.

tput reset: reset RS232 serial terminal

posted on 2015-10-06 22:17:50

When serial terminals seem to hang:

tput reset > /dev/ttyXXX

CPU architecture overview

posted on 2015-10-06 00:57:24

Since my superficial knowledge may be of use to others, a little write up:

  1. You can only use binaries (compiled from source) for your architecture.
  2. That also a reason why different compilers exist, although it's not the only one.
  3. Most common for Desktops and 'normal' servers is the intel architecture. (x86 family)
  4. '32 bit' vs. '64 bit' usually means intel architecture.

An overview:

  • i386 / i586 / i686 / ia32 = all x86, 32 bit
  • amd64 / x86_64 / intel64 = all x86, 64 bit
  • ia64 = intel itanium, forget about that, fast. if you'd need it, you'd know.
  • arm = raspberry uses them, there exist 32/64bit versions, and different versions like v6 and v7
  • powerpc = apple used these in their macs, but now use there x86 just as well, too
  • sparc = sun server stuff

arm will very likely become popular over time in datacenters. While not being powerful, they are dirt-cheap when it comes to their energy bill. We will see how their performance will improve over time.

GNU screen: multiuser support

posted on 2015-10-05 00:51:07

When wanting to share a screen between two people using the same console via the same user:

#1st user (via ssh)
screen -S <sessionname>
#in case the multiuser functionality is disabled:
<ctrl-a>:multiuser on 

#2nd user (via ssh)
screen -x <sessionname>

Now both people should be able to write into the same terminal.

openvswitch: installation for the impatient

posted on 2015-10-04 20:15:52

There is a lot of information out there concerning openvswitch, but a universal installer does not seem to exist.

For testing purposes, all this is done in a fresh virtualbox VM, with nothing else configured. Used virtualbox network type is NAT. Also these settings will not stick, unless you persist them in your network configuration afterwards. You have been warned.

install

Back to basics, openvswitch has a big download button.

cd ~/Downloads
mkdir ovs
mv openvswitch-2.4.0.tar.gz ovs
cd ovs
tar xzvf openvswitch-2.4.0.tar.gz
cd openvswitch-2.4.0
./configure
make -j4 # depends on the number of cores you have in your system
make install
rmmod bridge
modprobe openvswitch
modprobe brcompat

Then this suff will have been put to /usr/local hierarchy afterwards. Now make sure that /usr/local/bin and /usr/local/sbin are also part of your $PATH environment.

setup

Then:

ovsdb-tool create /usr/local/etc/openvswitch/conf.db vswitchd/vswitch.ovsschema
ovsdb-server -v --remote=punix:/usr/local/var/run/openvswitch/db.sock --remote=db:Open_vSwitch,Open_vSwitch,manager_options --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --pidfile --detach --log-file
# ovs-01 will be our switch name, its arbitrary and is the shown name of the network interface in linux
ovs-vsctl add-br ovs-01

Then you can add other interfaces to the switch. However, if you do things wrong, you might have no more network connectivity, so either first try this in a virtual machine, or have a notebook at hand so you can keep on googling.

configuration theory

First some notes on the IP's:

eth0 is our default interface, and it will usually have 10.0.2.15 which is the default ip for a single vbox VM. The hypervisor (the machine which runs your virtualbox) usually gets the 10.0.2.2 for whatever reason, it least from the virtual maching. You will not be able to see or ping this IP on the host itself.

Second on basic OVS switch usage:

Add all interfaces to your new OVS instance, wether they are virtual or physical. (It's all layer2, baby!) Then assign the switch the actual IP you'd have given your external NIC usually.

actual configuration

ip addr / ip link / ip route are abbreviated ip a / ip l / ip r for brevity. Also ovs-vsctl is better shortened to just ovs via alias ovs=ovs-vsctl, but that is a matter of taste. In the following I will use the complete command name, so noone gets confused more than needed.

Armed with that kind of knowledge, the configuration should work like this:

# take interface down (ssh tunnels will die!)
ip l s eth0 down
# clear ip from current interface
ip a d 10.0.2.15/24 dev eth0
# flush all routes
ip r f all

# add physical interface to the switch, it was created already above at 'setup'
ovs-vsctl add-port ovs-01 eth0

# add ip back to it and create default route with the hosts gateway
ip a a 10.0.2.15 dev ovs-01
ip r a default via 10.0.2.2

testing

Now you should be able to ping google.com.

troubleshooting

In case the test fails, try these steps:

  1. ping 10.0.2.2 to see if you can reach the gateway. (Else your vbox network is somehow broken.)
  2. ping 8.8.8.8 to see if you have internet connectivity.
  3. ping google.com to see if your DNS works. Else try setting a dns server.

Use echo nameserver 8.8.8.8 >> /etc/resolv.conf for testing purposes.

persisting

If all that works and you want to make your changes persistant, put these informations into your interface configuration:

Make your new interface ovs-01 get an ip via DHCP (instead of eth0) and set eth0 to manual. No need to fix the nameserver entry, as this should be handled automatically.

linux: chroot and reinstall grub2

posted on 2015-10-02 01:53:04

First, while in the live disk (i.e. grml) you just booted, mount everthing to a folder, which will be the chroot root. I.e. ~/asdf.

cd
mkdir asdf
mount /dev/sda1 asdf
cd asdf

After cd'ing into there you have to mount some special folders:

  • /proc
  • /sys
  • /dev
  • /dev/pts
  • /run

Like this:

mount  -t      proc   proc       ./proc
mount  -t      sysfs  sys        ./sys
mount  --bind         /dev       ./dev
mount  -t      devpts devpts     ./dev/pts
mount  --bind         /run       ./run

Possibly you need to mount /boot and /boot/efi, too, if your boot partition is separate and if you have a UEFI setup.

followed by:

chroot .

Should you use a grml live disk and it is complaining about a missing zsh shell:

chroot . /bin/bash

Then reinstall grub:

<!-- grub2-install --recheck --no-floppy /dev/sda -->
<!-- grub2-mkconfig -o /boot/grub2/grub.cfg -->
<!-- mkinitrd -->
grub-install /dev/sda
update-grub

Exit the chroot and reboot.

tcpdump

posted on 2015-10-01 19:00:46

This works for most cases:

tcpdump -vvv -XXX host <ip> and <port>

LDAP: linux ldap test with ldapsearch

posted on 2015-10-01 07:37:23

ldapsearch -vvvv -LLL -H ldap://<domain-or-hostname>:<port> -b '<OU's-and-DC's-to-start-from>' -D '<domain>\<username>' -w '<password>'

-W instead of -w will prompt interactively for password. -y will read the password from a file.

-s will be for limiting scope.

This blog covers .csv, .htaccess, .pfx, .vmx, /etc/crypttab, /etc/network/interfaces, /etc/sudoers, /proc, 10.04, 14.04, AS, ASA, ControlPanel, DS1054Z, GPT, HWR, Hyper-V, IPSEC, KVM, LSI, LVM, LXC, MBR, MTU, MegaCli, PHP, PKI, R, RAID, S.M.A.R.T., SNMP, SSD, SSL, TLS, TRIM, VEEAM, VMware, VServer, VirtualBox, Virtuozzo, XenServer, acpi, adaptec, algorithm, ansible, apache, apachebench, apple, applet, arcconf, arch, architecture, areca, arping, asa, asdm, autoconf, awk, backup, bandit, bar, bash, benchmarking, binding, bitrate, blackarmor, blockdev, blowfish, bochs, bond, bonding, booknotes, bootable, bsd, btrfs, buffer, c-states, cache, caching, ccl, centos, certificate, certtool, cgdisk, cheatsheet, chrome, chroot, cisco, clamav, cli, clp, clush, cluster, coleslaw, colorscheme, common lisp, configuration management, console, container, containers, controller, cron, cryptsetup, csync2, cu, cups, cygwin, d-states, database, date, db2, dcfldd, dcim, dd, debian, debug, debugger, debugging, decimal, desktop, df, dhclient, dhcp, diff, dig, display manager, dm-crypt, dmesg, dmidecode, dns, docker, dos, drivers, dtrace, dtrace4linux, du, dynamictracing, e2fsck, eBPF, ebook, efi, egrep, emacs, encoding, env, error, ess, esx, esxcli, esxi, ethtool, evil, expect, exportfs, factory reset, factory_reset, factoryreset, fail2ban, fbsd, fdisk, fedora, file, filesystem, find, fio, firewall, firmware, fish, flashrom, forensics, free, freebsd, freedos, fritzbox, fsck, fstrim, ftp, ftps, g-states, gentoo, ghostscript, git, git-filter-branch, github, gitolite, global, gnutls, gradle, grep, grml, grub, grub2, guacamole, hardware, haskell, hdd, hdparm, hellowor, hex, hexdump, history, howto, htop, htpasswd, http, httpd, https, i3, icmp, ifenslave, iftop, iis, imagemagick, imap, imaps, init, innoDB, innodb, inodes, intel, ioncube, ios, iostat, ip, iperf, iphone, ipmi, ipmitool, iproute2, ipsec, iptables, ipv6, irc, irssi, iw, iwconfig, iwlist, iwlwifi, jailbreak, jails, java, javascript, javaws, js, juniper, junit, kali, kde, kemp, kernel, keyremap, kill, kpartx, krypton, lacp, lamp, languages, ldap, ldapsearch, less, leviathan, liero, lightning, links, linux, linuxin3months, lisp, list, livedisk, lmctfy, loadbalancing, locale, log, logrotate, looback, loopback, losetup, lsblk, lsi, lsof, lsusb, lsyncd, luks, lvextend, lvm, lvm2, lvreduce, lxc, lxde, macbook, macro, magento, mailclient, mailing, mailq, manpages, markdown, mbr, mdadm, megacli, micro sd, microsoft, minicom, mkfs, mktemp, mod_pagespeed, mod_proxy, modbus, modprobe, mount, mouse, movement, mpstat, multitasking, myISAM, mysql, mysql 5.7, mysql workbench, mysqlcheck, mysqldump, nagios, nas, nat, nc, netfilter, networking, nfs, nginx, nmap, nocaps, nodejs, numberingsystem, numbers, od, onyx, opcode-cache, openVZ, openlierox, openssl, openvpn, openvswitch, openwrt, oracle linux, org-mode, os, oscilloscope, overview, parallel, parameter expansion, parted, partitioning, passwd, patch, pct, pdf, performance, pfsense, php, php7, phpmyadmin, pi, pidgin, pidstat, pins, pkill, plasma, plesk, plugin, posix, postfix, postfixadmin, postgres, postgresql, poudriere, powershell, preview, profiling, prompt, proxmox, ps, puppet, pv, pveam, pvecm, pvesm, pvresize, python, qemu, qemu-img, qm, qmrestore, quicklisp, quickshare, r, racktables, raid, raspberry pi, raspberrypi, raspbian, rbpi, rdp, redhat, redirect, registry, requirements, resize2fs, rewrite, rewrites, rhel, rigol, roccat, routing, rs0485, rs232, rsync, s-states, s_client, samba, sar, sata, sbcl, scite, scp, screen, scripting, seafile, seagate, security, sed, serial, serial port, setup, sftp, sg300, shell, shopware, shortcuts, showmount, signals, slattach, slip, slow-query-log, smbclient, snmpget, snmpwalk, software RAID, software raid, softwareraid, sophos, spacemacs, spam, specification, speedport, spi, sqlite, squid, ssd, ssh, ssh-add, sshd, ssl, stats, storage, strace, stronswan, su, submodules, subzone, sudo, sudoers, sup, swaks, swap, switch, switching, synaptics, synergy, sysfs, systemd, systemtap, tar, tcpdump, tcsh, tee, telnet, terminal, terminator, testdisk, testing, throughput, tmux, todo, tomcat, top, tput, trafficshaping, ttl, tuning, tunnel, tunneling, typo3, uboot, ubuntu, ubuntu 16.04, udev, uefi, ulimit, uname, unetbootin, unit testing, upstart, uptime, usb, usbstick, utf8, utm, utm 220, ux305, vcs, vgchange, vim, vimdiff, virtualbox, virtualization, visual studio code, vlan, vmstat, vmware, vnc, vncviewer, voltage, vpn, vsphere, vzdump, w, w701, wakeonlan, wargames, web, webdav, weechat, wget, whois, wicd, wifi, windowmanager, windows, wine, wireshark, wpa, wpa_passphrase, wpa_supplicant, x11vnc, x2x, xfce, xfreerdp, xmodem, xterm, xxd, yum, zones, zsh


Unless otherwise credited all material Creative Commons License by sjas