Weblogs for Utumno
Over there, I discovered a phenomenon I didn't know exist: a lot of people, upon a successful installation, don't (know they have / bother) to edit their sources.list and go on for YEARS with just the CDROM in there ( and they don't even know they should have that inserted if they want to upgrade anything )
Every day I see a couple of lost souls claiming that 'apt doesn't work', and now my standard reply is 'show your sources.list'.
This is real. Debian Installer really needs to stress the need to edit one's sources.list !!
]
Some bastards from domain 'kimsufi.com' run bots that keep hammering my forum. They keep trying to register and post their pornspam. So couple of days ago I added the whole domain to /etc/hosts.deny like this:
ALL: .kimsufi.com
/etc/hosts.allow is empty.
Now, I thought that would do it, but today I looked at the logs and the hammering is still there! Do I have to restart something before hosts.deny starts working?
(locale: us_US.UTF-8; system is fully UTF-8)
I am a Pole living in Taiwan, so frequently I need to view Chinese characters or data with Polish diacritic marks ( I dont need to input them, just view ). This mostly works in graphical environment but fails miserably in the console. Also, I cannot seem to be able to correctly serve files encoded with ISO-8859-2 with Apache ( Polish-specific letters are garbled ). More specifically, when I set charset in Apache to ISO-8859-2, then file contents are displayed correctly, but file NAMES are not ( take a look for yourself: www.koltunski.pl/test ) . I suspect this and garbled Polish data when viewed from the console is really one and the same problem.
[RANT]
Shouldn't all this just work transparently?? Isn't fully-UTF-8 system all about being able to view whatever you want, whenever you want?? Why is it so complicated?? We have to have kernel support for various codepages, we probably have to mount filesystems with correct 'charset' and 'codepage' options, we have to set all those "LANGs" "LC_ALLs" and whatnot, we have to install appropriate fonts and God knows what else...
[/RANT]
Yesterday in my job I faced a standard assignment in system administration which essentially boiled down to the following:
Create two directories, say, /var/www/dirA and var/www/dirB with the following properties:
1) whenever anything is written to dirA, it has to immediately appear in dirB
2) whenever something is deleted from dirA, it has to stay in dirB.
I came up with this, I wonder if anyone has a better solution:
1) install incron:
aptitude install incron
It is an "inotify cron" system. It works like the regular cron but is driven by filesystem events instead of time events.
2) configure it to watch /var/www/dirA and whenever anything changes, call script /usr/local/bin/incron_script with the first argument being the watched directory and the second - file or directory created there:
incrontab -e /var/www/dirA IN_CLOSE_WRITE /usr/local/bin/incron_script $@ $#
3) write a simple /usr/local/bin/incron_script:
#!/bin/sh cp -a $@/$# /var/www/dirB/
Done!
***************************************************************************
Incron suffers from one trap, though: the 'mask' ( IN_CLOSE_WRITE in the above example ) and 'command' ( /usr/local/bin/incron_script $@ $#) stanzas in its configuration file have to be separated with exactly ONE SPACE. Two spaces or one tab make it fail silently (the second space becomes the first character of the command to be executed and the command fails). This is documented in bug 456821
I host a small phpbb2-powered forum. It is modified by myself (I remember 2 years ago I spent some 2 days applying various source-based patches so that for instance one can send files to the forum, modifying the theme and translating various icons, replacing phpbb's default MSN with Gadu-Gadu which is a instant messanging system popular in Poland ). So I have put the 3 phpbb2-* packages on hold and apt-get has always honored that. Today however I decided to finally switch to aptitude:
aptitude update aptitude safe-upgrade
and... turns out aptitude does not honor apt-get's 'hold' status. It merrily went on and upgraded my phpbb2 and all my changes are gone.
Blindly trying 'aptitude rollback phpbb2' resulted in
This aptitude does not have Super Cow Powers
Now what? Any advice?
We sometimes forget that those shiny graphical apps like firefox can be controlled from the commandline, too!
For example, here's a way to automatically open up all articles that are currently on this site's main page, each one in its own tab:
#!/bin/sh TMPFILE=`mktemp` URL="http://www.debian-administration.org"; wget -q $URL -O - | sed -n "s#.*<h2 class=\"title\"><a href=\"\(\/articles.*\)\".*#$URL\1#p" > $TMPFILE I=0 while read line do firefox -new-tab $line & if [ $I -eq 0 ]; then sleep 5 let "I+=1" fi done < $TMPFILE rm -f $TMPFILE
( after opening up the first article we better sleep for 5 seconds, otherwise we end up with many firefoxes)
With help of this script, you can prevent your site from appearing in the server logs of referred pages as referrer. More:
]
I dont need incremental backups, I use a simple script to rsync everything but the /home partition to a different HDD. Then I periodically create a DVD image from the backup with
#mount /dev/hdc1 /mnt # the partition containing the mirror of everything but /home
#mount /dev/hdc2 /media/data # the partition where DVD isos go
#genisoimage -o /media/data/root-image-2007-08-11.iso -R -A "Root Image 2007-08-11" /mnt
On February, when was last time I created such backup DVD, everything went well. Now it seems Debian has been intruducing deeper and deeper directory structures all over the place and this is what I get
#genisoimage -o /media/data/root-image-2007-08-11.iso -R -A "Root Image 2007-08-11" /mnt
genisoimage: Directories too deep for '/mnt/usr/include/c++/4.2/ext/pb_ds/detail/trie_policy' (7) max is 6.
and there are many more places like this. How can I overcome this - I assume - silly limitation of the Joliet FS ?
I thought I'd share with you how the latest iwl4965 wireless drivers are doing w/ respect to kismet, monitor mode, packet injection etc.
1) Stock Debian 2.6.25-2-486 kernel, kismet 2008-05-R1 ( from Debian unstable ) , ThinkPad X61 with
utumno# lspci | grep 4965
03:00.0 Network controller: Intel Corporation PRO/Wireless 4965 AG or AGN Network Connection (rev 61)
Results: managed, ad-hoc mode - works, monitor mode - works, kismet is able to see management packets but no data packets. No matter what I do, it will not see clients nor data packets.
Coming out from monitor mode is kinda problematic: I press 'Q' in kismet, then it either segfaults leaving my card in an unknown state ( rmmod iwl4965; modprobe iwl4965 fixes that ) or sometimes exits cleanly but warns me that resetting the card failed. I still have to rmmod+modprobe to use the card in Managed mode.
Packet injection does not work. Trying out the latest compat-wireless-2008-07-19 + packet injection patches ( tutorial: http://aircrack-ng.org/doku.php?id=iwl4965&DokuWiki=b0f74a175e2ec1e58a11d7d3bfdb5650 ) does not work either: such compiled driver does not even work in managed mode, and rmmoding it results in a hard freeze ( there's nothing I can do apart from pushing the reset button )
2) Stock 2.6.26 kernel from kernel.org, latest ( 2008-07-19 ) compat-wireless with packet injection patches for iwl4965 and mac80211 , the same kismet 2008-05-R1 and ThinkPad X61:
Managed, ad-hoc mode fully work. Kismet is now able to see data packets and clients. Exiting it sucks even worse now, though: I press 'Q', it will always hang. The only way to recover is press 'Ctrl-Z' to put it in the background, kill -9 it and rmmod+modprobe the drivers.
Packet injection with AirCrack-ng works, at least the injection test passes. I haven't tried any more sophisticated attacks yet.
Side note: with 2.6.26 also the LED in my laptop (signifying that wireless is being used) started working. So progress in all fronts, except exiting kismet :)
We have a server here ( CentOS 5.1, so this is maybe not the best place to ask this ) that has the following problem:
every few days, one simply cannot log in to the system. Neither through ssh, ftp, from the console, nothing. Most of the times when I enter my username in the login prompt and press enter, even the "Password:" prompt does not get displayed. Other times the "Password:" prompt gets displayed, but after typing the password, the comp simply hangs. I've tried waiting for 30 minutes for it, and nothing.
There is absolutely nothing in any of the /var/log/* files that would shed any light on this.
Could this be the lack of entropy? It's a little server with a monitor, mouse and keyboard attached, but we rarely use those. Normally we only log in through the network.
The server is not very security-critical. It's kept locked in the intranet with no direct access to the wwweb. Would it be a good idea to simply
rm -f /dev/random
ln -s /dev/urandom /dev/random
to find out if it's really a problem with entropy ??
Could I leave some command running on the screen ( like 'top' ) that would hopefully shed some light on this the next time this problem happens?
Right now I am stuck - there's nothing in the logs, and when it happens, the only thing I can do is reboot it...
This:
http://www.centos.org/modules/newbb/viewtopic.php?forum=6&topic_id=4312&viewmode=flat
suggests the problem might be with auditd shutting off logins when HDD is almost full, but our partitions are not ( all below 20% full )