rootninja

This doesn’t have to be complicated at all.  This was what I did on my ldap servers:

[user@ldap-primary /etc/openldap/cacerts ]$ sudo openssl req -newkey rsa:1024 -x509 -nodes -out ldap-primary.pem -keyout ldap-primary.pem -days 3650

[user@ldap-slave1 /etc/openldap/cacerts ]$ sudo openssl req -newkey rsa:1024 -x509 -nodes -out ldap-slave1.pem -keyout ldap-slave1.pem -days 3650

That’s it!  No messing with the CA.pl script or running multiple openssl commands for requests, signings, password stripping, and catting keys/crts together.  I tested my LDAP implementation like this and it worked like a charm.  Having a copy of both certificates located at /etc/openldap/cacerts/ on both machines worked for me.  When I set up clients, I put the certs in their cacerts directory and they work just fine with start tls.  If you’re doing this for an openldap implementation, you can make sure it’s working using “ldapsearch -x -ZZ” which requires your encryption to work.

Linux cert, key, ldap, openldap, openssl, pki, self-signed certificate, ssl, tls

This doesn’t look that hard to make!  Pedal powered electricity generator!  Charge your cell phone, laptop, or run a small appliance or two.  This would make a great alternative or supplement to an old gas generator.  When you lose power in a storm you know you’re not going to make it to the gym that week or it’s at the least going to disrupt your routine anyway, so why not stay in shape at home by peddling away!

http://www.scienceshareware.com/bike-generator-using-a-car-alternator.htm

Or you can buy prebuilt generators.  Mount any old bike on the stand and pedal away.

http://www.econvergence.net/cyclech.htm

http://www.econvergence.net/electro.htm

ooo! Shiny... bike, diy, electricity, generator, green, power

I don’t understand why some people think this is a complicated thing to set up, so here goes my approach which I think is the easiest method.  Perhaps you’re behind a very restrictive corporate firewall or you want to conserve bandwidth when you’re setting up several machines.  You can set up your own repositories on one machine in your network and have it download the packages and updates in the off-hours.  Whenever a client machine on your network wants updates, they’ll get them much faster and you’ll save bandwidth too.

Step-by-step:

Install createrepo on the machine you want to be your update server.

[user@hostname ~]$ sudo yum install createrepo

Now you’ll create a few crons to create and maintain your mirror.  Let’s start with the one that does the grunt work of downloading the packages.  I’ll go ahead and set a bandwidth limit and log my mirroring.  I don’t care about debug stuff so i’ll exclude that and any iso’s that may get dumped in there too.

#!/bin/sh
# GET THE LATEST PACKAGES
/usr/bin/rsync -aq –bwlimit=500 –stats –log-file=/var/log/rsync/i386.rsync.1.log rsync://your-favorite-linux-mirror/linux/updates/9/i386.newkey/ –exclude=debug/ –exclude=*.iso /opt/yum/updates/8/i386/
/usr/bin/rsync -aq –bwlimit=500 –stats –log-file=/var/log/rsync/x86_64.rsync.1.log rsync://your-favorite-linux-mirror/linux/updates/9/x86_64.newkey/ –exclude=debug/ –exclude=*.iso /opt/yum/updates/8/x86_64/

Create a cron to update your repo as new rpms get mirrored.

#!/bin/sh
# CREATE/MAINTAIN MY LOCAL REPOSITORY
/usr/bin/createrepo –update /opt/yum/base/8/i386
/usr/bin/createrepo –update /opt/yum/base/8/x86_64

Create another cron to rotate your logs, saving the last week’s worth.

#!/bin/sh
# ROTATE THE LOGS
rm -f /var/log/rsync/yum-rsync-log7.tar.gz
mv -f /var/log/rsync/yum-rsync-log6.tar.gz /var/log/rsync/yum-rsync-log7.tar.gz
mv -f /var/log/rsync/yum-rsync-log5.tar.gz /var/log/rsync/yum-rsync-log6.tar.gz
mv -f /var/log/rsync/yum-rsync-log4.tar.gz /var/log/rsync/yum-rsync-log5.tar.gz
mv -f /var/log/rsync/yum-rsync-log3.tar.gz /var/log/rsync/yum-rsync-log4.tar.gz
mv -f /var/log/rsync/yum-rsync-log2.tar.gz /var/log/rsync/yum-rsync-log3.tar.gz
mv -f /var/log/rsync/yum-rsync-log1.tar.gz /var/log/rsync/yum-rsync-log2.tar.gz
mv -f /var/log/rsync/yum-rsync-log.tar.gz /var/log/rsync/yum-rsync-log1.tar.gz
tar -czf /tmp/yum-rsync-log.tar.gz /var/log/rsync/*.log
rm -rf /var/log/rsync/*.log
mv -f /tmp/yum-rsync-log.tar.gz /var/log/rsync/

On your client machines, move or delete the existing repo definitions and create a new one that points to your local repositories.  Assuming your server machine’s IP address is 192.168.1.2 and you’re using Fedora your new repo definitions would look something like this:

[fairfield-base]
name=My_Local_Repo - base - Fedora $releasever - $basearch
failovermethod=priority
baseurl=http://192.168.1.2/yum/base/$releasever/$basearch
enabled=1
gpgcheck=1

[fairfield-updates]
name=My_Local_Repo - updates - Fedora $releasever - $basearch
failovermethod=priority
baseurl=http://192.168.1.2/yum/updates/$releasever/$basearch
enabled=1
gpgcheck=1

Wait until your cron fills your repositories or download a few packages and run your createrepo.  From now on your updates will execute much faster.  And if you want to build new machines, you can point your kickstart to get packages from your local mirror instead of just your cdrom so you can build machines that are fully up to date right out of the box.  Try updating on your clients.  You should notice it takes ten times longer to install the updates than it does to download them.

[user@hostname ~]$ sudo yum update

Linux Linux, packages, repo, rpm, rsync, server, updates, yum

You can take several regular pictures or other image files and put them together into one image that looks like they’re all polaroids laid out on a desk using ImageMagick’s montage tool.  If you have a dual monitor setup you can easily fit 8 across your screens at once without even overlapping much.  Or you could lay them out half-covering each other to get a whole album on the screen at once.  Don’t worry about the size of each image either because you’ll take thumbnails of each of them to make the final larger image.

[user@hostname ~]$ /usr/bin/montage -size 3200×1200 ~/Pictures/*.jpg -thumbnail 722×594 -bordercolor Lavender -background black +polaroid -background DarkGray -geometry -30-47 -tile x2 ~/Pictures/montage.gif

You could rotate the pictures in a script and run it in a crontab every hour to rotate your pictures for the next time you make the montage pic.  If you’re not constantly downloading a new image (such as a satelite weather map or something), you could bump each file’s name along, saving the last one in a temporary position before rotating it back to the beginning of your stack.  The simplest way to do this would be just moving the file names one by one.  Think of it as files “new”, “old”, “older”, and “oldest”.   Use “temp” as a placeholder while you bump the names along in the chain.

[user@host ~]$ mv -f oldest.jpg temp.jpg; mv -f older.jpg oldest.jpg; mv -f old.jpg older.jpg; mv -f new.jpg old.jpg; mv -f temp.jpg new.jpg

And if you’re using Gnome you can run gconftool-2 to swap out your background image on the fly everytime the cron runs.

[user@host ~]$ /usr/bin/gconftool-2 –type string –set /desktop/gnome/background/picture_filename “$HOME/Pictures/montage.gif”

Linux, ooo! Shiny... backgrounds, cron, ImageMagick, montage, polaroid

My perfect setup at work is two mrxvt’s side-by-side to handle all my terminal needs.  Here’s the string I use to run ‘em just like I like ‘em.  The 110×75 geometry is for two windows taking up most of the space on one screen of my 3200×1200 display, leaving the other lcd for everything else. (I use two 1600×1200’s in a nvidia bigdesktop setup)

[user@hostname ~]$ mrxvt -rv -sr -sb -g 110×75 -sl 9999

Lots of features must mean it’s bloated right? Wrong.  It’s actually got a very small foot print.

I did a few tests, loading each app one by one and runnng the same commands on it and then looking in proc at it’s memory usage.  It’s only slightly larger than rxvt and much better than other terminal emulators with comparable options.

Mrxvt is what you get when you smash rxvt and aterm together in the LHC.  I like the tabbiness with very little eyecandy.  I don’t use translucency, text shadows, or a custom background, but if you want all that aterm-goodness, it’s there.

From the man page on Fedora:

The mrxvt program is a terminal emulator for X Window System. It provides DEC VT102 compat-ible terminals for programs that cannot use the window system directly. mrxvt is based on rxvt(1) version 2.7.11 CVS, and features most of functionality  of  rxvt, with  a  few  major enhancements (namely multiple tabs, and transparency). Like rxvt, mrxvt aims to be light, fast, flexible and  desktop  independent,  thus  KDE  or  GNOME  are  not required.

Linux emulators, graphs, memory usage, mrxvt, terminal, vt102

I love dd. Why mess with the clutter and bloat of backup software when all you really want is a simple image for those times when you accidentally wipe out something important or a hard drive goes plonk. dd to the rescue! It’s easy to use, very straight forward, and although there’s no pretty interface, that’s actually a major advantage!  Stuck without a pretty gui or forced to connect through a serial cable? no problem!

While still up and running on your regular OS, use a simple ‘mount’ command to figure out which disks and partitions you’re using and write this down.  In my example, sda1 is the boot partition and sdb2 is root.  Disk ‘a’ has my windows system, and then my boot and swap for linux.  Disk ‘b’ is one big partition with my root mount containing the bulk of my os (/home, /var, /usr, … etc.)

[user@hostname]# mount

/dev/sda2 on /boot type ext2 (ro,noatime)

/dev/sdb1 on / type ext3 (rw,noatime)

Find a live image or a gentoo installation disk and use it to boot your computer so you’re not using your regular storage devices.  Just about any live distribution will do since you won’t need a gui or networking (keep it simple for now)  Once you’re booted up, setup the device you’re going to use to store backups.

Figure out which disk it is by looking at dmesg or by looking at the end of your log file.  In my example lets assume it gets connected as /dev/sdc.

[root@LiveCD]# tail -n 30 /var/log/messages

Create a partition and file system on the backup disk to get it ready to hold your backups. Lets just delete the old partitions and create a new one.  Once you’re in fdisk, ‘p’ prints the current layout, ‘d’ lets your delete, ‘n’ creates a new partition, … easy stuff.  Make a primary partition and select the default beginning and ending.  You’ll end up with 1 big partition that’s the size of the whole disk.

[root@LiveCD]# fdisk /dev/sdc  

Create a file system on the disk so you can store regular files on it.  I usually choose ext2 or vfat if i’m using a usb stick.

[root@LiveCD]# mkfs.ext2 /dev/sdc1

Create a directory on your live cd system then mount your backup disk.

[root@LiveCD]# mkdir /z

[root@LiveCD]# mount /dev/sdc1 /z

Now you have your backup disk mounted at /z and your normal system not mounted at all.  This is how you want it.  You don’t want to modify anything you’re backing up while you’re in the middle of backing it up!

Now run dd and use the devices as your input and write out files as your backups.

First i’ll backup my boot partition, but since i’m just getting the partition, i’ll also backup the master boot record (MBR) from the beginning of the disk.  You’ll want that so you can tell what else was on the disk, and know how big the swap partition was.  Plus I just wanted to do it here instead of making a whole new article!

[root@LiveCD]# dd if=/dev/sda2 of=/z/mybackup.boot.sda2.dd

[root@LiveCD]# dd if=/dev/sda of=/z/mybackup.boot.sda.mbr.dd bs=512 count=1

Now i’ll backup the second disk as a whole, grabbing everything in one swoop.

[root@LiveCD]# dd if=/dev/sdb of=/z/mybackup.root.sdb.dd

At this point everything is backed up on my sdc disk.  I can unmount it, disconnect it, and reboot my system.  I’ll be back to my original OS with a nice snapshot of my system ready to write back to disk.  Writing the image back to disk is pretty much the same thing in reverse.  I could write it to a new set of disks, say sdd and sde already connected to this system or I could mount my portable device on another machine.

I’ll write out just the partition table without overwriting the unique disk signatures.  So just bytes 446 to 509 of the first disk sector will be overwritten with these bytes from my 512 byte MBR backup.

[root@LiveCD]# dd if=/z/mybackup.sda.mbr.dd of=/dev/sdd skip=446 seek=446 bs=1 count=64

Now that the old partition table is on the new disk, I can write out the boot partition.

[root@LiveCD]# dd if=/z/mybackup.boot.sda1.dd of=/dev/sdd1

And i’ll write out the whole disk for the other backup.  As long as the output disk is the same size or larger than the backup, I won’t have a problem.

[root@LiveCD]# dd if=/z/mybackup.root.sdb.dd of=/dev/sde

Linux dd linux backups partitions mbr boot root mkfs

Click here or on one of the photos to see the whole Hurricane_IKE album.

The weather man on the news said the hurricane was causing people to see unusual colors in the sky. So I went out to see for myself.

It didn’t take long for us to lose power. After a few wind gusts, and well before Ike even made landfall 50 miles away in Galveston, the power popped.

Trivial Pursuit with candles and flashlights…

The back of the storm was still blowing through around dawn.

Later in the morning we walked around the house checking out the damage.

Trees were down all over the place. Otherehouses in the neighborhood lost whole trees, only a few had hit houses and garages. Most were in the streets, backyards, golf course, or on drive ways.

Driving around, we found tons of commercial signs, road signs, traffic lights, and all kinds of debris laying around.

Uncategorized, ooo! Shiny... hurricane ike

I just got Wordpress installed and completely forgot to change the random password it started me off with to something I might have a chance of remembering.  So to change it, I opened a terminal and changed the password field for the account I just created in mysql.  Here’s how:

First you’ll need to get your password encrypted using openssl.

$ # openssl passwd -1 my_super_secret_password

$1$AIO1MlAJ$nTI.HbEKpuYRbtCpn.5Vu/

Copy this hash so you can paste it into your sql statement later.  Now connect to mysql.

$ mysql -u root -p

Welcome to the MySQL monitor.  Commands end with ; or \g.

Your MySQL connection id is 976

Server version: 9.7.6evil Source distribution

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.

mysql>

If you know the database name you can just connect to it, if your forgot, which I did, just list them all.

mysql> show databases;

Connect to your wordpress database.

mysql> connect my_wordpress_database_name;

And change the password.

mysql> update wp_users

-> set user_pass=’$1$AIO1MlAJ$nTI.HbEKpuYRbtCpn.5Vu/’

-> where user_login=’admin’;

And that’s it; all done.  Now you can get back to editing…

Linux forgotten passwords, mysql, openssl, wordpress