Linux on ./Sam_Stelfox.sh

Cron Daemon

Thu, 26 Oct 2017 17:35:42 -0400

Cron is a pretty standard utility and there isn't much to it. I generally use cronie as my cron daemon with the associated anacron helper for systems that aren't always on such as laptops and desktops. Cron runs tasks periodically, and anacron helps ensure that a missed task will get run if it was off or power-cycled when it would have otherwise run.

File Format

The configuration format differs slightly between crontabs, regular cron files, and anacron entries. At the beginning of all the files environment variables can be set using key/value pairs to tweak the settings of followed by entries for that file one to a line. The first five portions of the cron and crontab entry format consist of numbers, steps, ranges, lists, or the wildcard (*) character.

Server Naming Convention

Fri, 20 Oct 2017 19:59:02 -0400

Over the years I've found myself using many different naming schemes for servers under my control. I came across a naming convention that finally feels correct. That blog post is quite well written and will let it stand on its own. In the event it ever disappears the important bits (and those where I've personalized it) are included here.

There are ultimately two or three DNS names that each host receives. The first is a permanent unique identifier for the host. The blog post offers the mnemonic encoding project as a way to generate the hostnames. I've built my own generator that accomplishes the same effect with a vastly larger potential space (not that I need it). It has the added bonus of generating interesting names that are easy to talk about. Some samples (none real):

Mutt

Fri, 20 Oct 2017 12:51:00 -0400

I keep a copy of my mutt config here on the site.

Vim

Since I use vim as my editor I also added the following line to my vim configuration file to autowrap my lines at 72 characters, but only for mutt composed messsages.

au BufRead /tmp/mutt-* set tw=72

Time

Fri, 13 Oct 2017 12:30:23 -0400

This is a very basic operation on a Linux system, but I have to interact with it so rarely since I run chrony on all my machines. Occasionally, I find a device that needs a helping hand.

On a device with a known good time (or approximate enough):

`1`	`date +%s`

This will get you the current unix timestamp. On the target system needing updating as root (replacing <unix timestamp> with the results from the last command):

Disk Errors

Mon, 09 Oct 2017 23:05:43 +0000

A collection of disk-related errors and their fixes.

Block Size Mismatch Warning

After writing an ISO to a flash drive, partitioning tools may complain:

`1`	`Warning: The driver descriptor says the physical block size is 2048 bytes, but Linux says it is 512 bytes.`

This happens when a tool like dd writes at the ISO's native 2048-byte block size onto a device that uses 512-byte sectors. Zeroing the first few blocks sometimes helps:

Data Recovery

Tue, 01 Jan 2013 00:00:01 +0000

Recovering Data from Swap

Sometimes useful bits of information can be recovered from swap. Whether it's encryption keys, documents that were being worked on or anything else that might've ended up in RAM. To search through the swap for interesting bits (and depending on the size this might take a while) you can execute the following command as root or sudo to do it:

1

# strings `/bin/swapon -s | tail -1 | awk '{print $1}'` | less

The command above uses the swapon utility to list all of the swap devices in use; look at the last line of the output (most people only have one swap device); extract only the path to the device node. Run the strings utility (which prints only printable strings of text from whatever you run through it) on the swap device. Break the output down by pages.

Gatekeeper Script for SSH

Tue, 01 Jan 2013 00:00:01 +0000

The gatekeeper pattern adds a post-authentication challenge to SSH sessions using ForceCommand. The concept was inspired by a scene in a movie where a system required answering riddles before granting access. While not a substitute for proper multi-factor authentication, it adds a lightweight additional verification step.

If you have already set up SSH key authentication with a passphrase on your key, you have a decent form of multi-factor authentication already. The gatekeeper script layers on one more check by prompting the user with a challenge after they have authenticated.

GPSd

Tue, 01 Jan 2013 00:00:01 +0000

Installation

Install gpsd and optionally the client tools. On a headless server you'll probably want to skip gpsd-clients as they pull in X dependencies for xgps.

1
2
3


$ pacman -S gpsd # Arch
$ apt install gpsd # Debian/Ubuntu
$ dnf install gpsd # Fedora

Configuration

My GPS device is identified by udev as a serial port, which is fairly common as NMEA specifies a serial connection with a baud rate of 4800. There is an issue, however, with a program running in the background called modem-manager.

libvirtd

Tue, 01 Jan 2013 00:00:01 +0000

libvirt is an open source API and management tool for managing platform virtualization. It is used to manage Linux KVM and Xen virtual machines through graphical interfaces such as Virtual Machine Manager and higher level tools such as oVirt. In this case the backend is KVM.

Security Notes

Since libvirtd distributes resources to guest machines a tight control needs to be placed on the guests to prevent the host from becoming unmanageable. Luckily through the use of CGroups this can be accomplished.

LM Sensors

Tue, 01 Jan 2013 00:00:01 +0000

Useful for monitoring system statistics such as CPU core temperatures, fan speeds, and voltages.

Setup

After installing the lm_sensors package, run sensors-detect as root to walk through loading any kernel modules necessary to read sensor data:

1

# sensors-detect

This will probe for hardware monitoring chips and offer to add the detected modules to your system's module loading configuration. Once done, run sensors to see the output:

1

$ sensors

Watching Values

For continuous monitoring, use the -u flag for raw values or watch for changes: