Tag: Linux

Day Three on the New Job

· Leave a comment ·

So today was interesting. They’re getting me more and more exposure. Or I should say I’m getting me more and more exposure to VP’s etc.

Also recommended putting in Squid proxy. We tested it out on a spare linux box in our office and it ran flawlessly. Now running a proxy gives you two things. First it gives you control over traffic leaving the local network. So when you have over 200 Windows 7 machines going out to get updates it doesn’t swamp your connection. Second, it gives you a track of who went where.

Funny story I related – told them about a certain chief of staff who loved his big, black beautiful women and hookup sites. And then who was shopping for shoes, playing games etc. That got a reaction out of them.

Also learned how to tell if someone is a hardcore Unix/Linux and BASH shell person. Had to teach their former guru who is taking a lesser role how Ctrl-R is a way to search BASH history.

Also showed the office mate how to use ps as in ps -ef|grep apache and have it show all the spawned Apache web server PIDs or Process ID’s.

Also found an anti-virus solution for the Macintoshes in the office. It’s called ClamXAv. Now I’ve  used an older version of Clam AV on my Linux box at home. Freshclam was a bit of a bear but it seems they’ve improved the product.

So yeah – I think they’re glad I’m there.

A burning hatred for Microsoft Windows

· 2 Comments ·

So I get home, open my ‘new’ Dell E6420 and I get dunned about Windows updates. I postpone for four hours. But then the machine decides to reboot into the updates some 20 minutes later.  But phase 1 of 3 took, in my opinion too long. So I shut the machine down via holding down the power button.

It booted and went right to phase 3 of 3. Even that was fucking klunky. I had to shut down again, the third try was the charm.

When I finally get to logon I get the reminder there are 24 updates available. This time of course it showed me what they were. Bunch of security updates.

But Linux and in particular Ubuntu – when it has updates you have to approve in essence. And it tells you PRECISELY what’s being installed. And in fact updates to software is pretty frequent on Linux. Windows is every few weeks. But not all updates require rebooting.

It’d be pretty easy for me to make the switch. I have an SSD with Ubuntu 14.04 on it. I should just snap it in and say fuck Windows forever.

The ‘newish’ job

· Leave a comment ·

So I’ve now been here by calendar 34 working days. I’m getting a little more responsibility as time goes on. Now that they know I have the chops. 

For example – I was asked to identify what ports applications are using on the servers. 

Now if you’ve been around networking you know about a utility called netstat. 

You just do a :

sudo netstat -A inet -n -p

Ok, lets take it apart piece by piece. 

sudo is a way of allowing people to run things at elevated privilege but without having to know the root password for the system. Pretty convenient and you can also tightly control WHO can sudo too but managing group membership. 

The part ‘netstat’ is the application discussed above. 

The ‘-A inet’ says look for Internet TCP/IP protocol only. 

The ‘-n’ shows addresses as numerical and not hostnames. 

The ‘-p’ is to show the process id and program name. 

 

It’s really simple. And what you end up with is something like this:
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:39064 127.0.0.1:5672 ESTABLISHED 2901/python
tcp 0 0 127.0.0.1:47017 127.0.0.1:11211 TIME_WAIT –
tcp 0 0 127.0.0.1:41314 127.0.0.1:5672 ESTABLISHED 2897/python
tcp 0 0 127.0.0.1:41311 127.0.0.1:5672 ESTABLISHED 2829/python
tcp 0 0 127.0.0.1:47015 127.0.0.1:11211 TIME_WAIT –
tcp 0 0 127.0.0.1:41309 127.0.0.1:5672 ESTABLISHED 2861/python
tcp 0 0 127.0.0.1:41310 127.0.0.1:5672 ESTABLISHED 2816/python
tcp 0 0 127.0.1.1:10000 127.0.1.1:59830 TIME_WAIT –
tcp 0 0 127.0.0.1:54514 127.0.0.1:5672 ESTABLISHED 2906/python
tcp 0 0 127.0.0.1:41313 127.0.0.1:5672 ESTABLISHED 2365/python
tcp 0 0 192.168.201.1:21 192.168.201.10:38196 TIME_WAIT –
tcp 0 0 127.0.1.1:33940 127.0.1.1:6444 ESTABLISHED 2906/python
tcp 0 0 127.0.1.1:33954 127.0.1.1:6444 ESTABLISHED 2220/python
tcp 0 0 127.0.0.1:41312 127.0.0.1:5672 ESTABLISHED 2878/python
tcp 0 52 10.1.20.70:22 10.1.20.110:57441 ESTABLISHED 23781/sshd: anthony
tcp 0 0 127.0.0.1:4369 127.0.0.1:58920 ESTABLISHED 2167/epmd
tcp 0 0 127.0.0.1:47016 127.0.0.1:11211 TIME_WAIT –

So what the above shows is Python. All those ports – it’s how Python handles intra-process communication. And you never know what port is what. So that would be a Dynamic assignment of ports. 

But then we see my SSH connection at port 22. That’s a fixed port or as fixed as you can get without major reconfiguration. 

So there you go – a use for netstat. It lives on WIndows boxes too except it is considerably crippled on Windows platforms. For example, -A doesn’t exist. A netstat -p TCP -n does the similar thing. 

 

 

 

Two more things to do on mail01.girouxforgovernor2014.com

· Leave a comment ·

1) Setup a postmaster account. Always pretty good practice though I do have port 25 inbound blocked to the server. I’ll set it up on Bluehost instead as everything is associated with the TLD there.

2) Setup SSH keys from my machine to the server. That way no passwords get used on the system just keys. If anyone gets in they don’t get the keys to the kingdom. I also need to remember to put myself in group wheel and to grant wheel the right to sudo without password.

And I really do want to make an image of the server – just in case it suffers catastrophic failure then all we have to do is build a base image and roll the image on external back to it.

 

Linux and Old Gear

· Leave a comment ·

The server I just built – it date to 2006. Which makes it at this writing eight years old. It’s had some upgrades etc. probably as late as 2009. So it’s of mixed age. But still perfectly functional. 

That’s the thing – try installing Windows Server 2008 on this and it’ll puke. But put Ubutu Server 12.04-4 on it and miraculously it works. All that’s needed from this box is one year. I fully expect it will work because the until has sat for near three years un-powered. So this brings it down to only five years of actual operational time. 

You get new life out of old hardware. This is sort of why I proposed recycling state I.T. gear – machines still usable wipe the disks and put Ubuntu on them. Older machines strip down and send for metal extraction as there’s quite a lot of gold in them. State would get residual value out of all of it and then not have to pay to warehouse it. Win-win. 

My comparison of Windows versus Linux

· 1 Comment ·

My preference for Linux on my personal machine grows each day. I said it during a job interview – how with Linux updating a software package was as simple as:

In RedHat or CentOS

yum install httpd

Or if you’re running Debian

apt-get install httpd

And it doesn’t require rebooting the kernel. The service just gets invoked by typing

/etc/init.d/httpd start

or if you prefer

service httpd start

Just that simple.

But in Windows almost every software install requires a complete reboot of the OS. It’s stupid.

 

The accomplishment for the week (Tech!)

· Leave a comment ·

So where I work – instead of doing standard mysqldump SQL dumps – they copy the INNODB files into a backup. These backups an be  6GB or more per week. So it was killing the VM the MySQL server runs on.

Now my predecessor had started writing a prune-mysql-backups.sh script. All he’d done was do a list files (ls -At) in time order and then create a text file called filelist.

But the thing was, the dated files went in ascending order. I didn’t want them that way. And apparently he didn’t know enough about sort and sed to complete the script. Sort or sort does exactly what it says, sorts a list of items. The term sed means Stream Editor.

So I had to fire sort -r which means in reverse chronological order then I ran sed to strip out the three newer items in the list, and then pass that file in to a section that walked through the list and rm -rf’d the directories.

That last part ‘rm -rf’ is a goodie. In Unix parlance rm means REMOVE and the -r means recursive the f being all files. You never, ever, ever want to do this on the root partition which would be ‘rm -rf /’. A fast and hard rule to live by is something has to live in FRONT of the slash, e.g. ‘rm -rf 2013-09-30_21-00-34/ ‘would be ok since it’s going to try to walk in that directory and then delete the content and directory.

Another trick is to alias rm -rf and have it make a confirmation of “Do you really want to do this?” before proceeding. That’s the power of Unix/Linux. You can write scripts and aliases to do pretty much anything.

The Event of the Week at Work

· 2 Comments ·

Happened around lunchtime on Friday.

First one of the platforms we use crashed HARD, requiring a cold reboot of the system that housed a whole lot of virtual machines. And of course my inbox was filled up with about 500 new messages alerting us to the fact.

But the other one was more intriguing – it was on the Linux based side. A provisioning script kept crashing at line 120 when it tried to launch Apache Ant. It would do a test and just puke and exit the script at that point. I said, and it was my first inlking – it was like Ant wasn’t in the path for the user we were running the script as at that point. Now we had to sudo su – in to do this and then change to another user using su – {username} which spawns a login session. But the PATH variable wasn’t being set with the Ant info.

So then I did the following looking for terms like “PATH”, etc. by popping up to the home directory and issuing the command

cat */.bash_history |grep PATH|su|sudo

What that does is goes through every user directory in the /home top level and search through every .bash_history file for those terms.

But oddly nothing turned up. I suspect someone made a change to the path on this system – but no evidence of it so it looks like someone edited their .bash_history. Which lead me to suggest something. Why not scrape the .bash_history files every minute looking for those terms and then log it into a database. Pretty easy to write the script to do this and just schedule a cron job to kick it off once every minute or two. So next time someone does something stupid – it’ll get caught and committed to a database.

The other thing I recommended is doing the following every now and then:

date >> ~/.bash_history

Which puts a time and date stamp into the .bash_history file. That way you can see WHEN something happened.

 

Fixing ancient laptops

· Leave a comment ·

I’ve had this laptop for a long time. I’ve done preventative maintenance on it and repairs where necessary.

One of the things that drove my nuts about it was the screen hinges. The things were just worn down, the screen would flop any which way.

Searched the web and found a new set of hinges for $10. It took the removal of 12 screws to do this, the ones on the screen surround, and the screws holding the hinges to the rear of the display cover and those that secure the screen to the chassis of the machine.

And as I’ve said – I understand the limitation of XP and 32 bit architecture. But it still does what I need it to do without any major issues. And I was of the firm impression that Vista was a piece of crap, Windows 7 was acceptable but unnecessary to upgrade to that as it was a bit bloated, and Windows 8 looks like it was designed by a crack addled ADHD sufferer. And that’s me being nice about it. In my opinion XP was the pinnacle for Microsoft. And it’s been down hill every since.

What Microsoft doesn’t realize is this:

1) An operating system has a very LONG life span. And just shoveling new OS’s out there that in essence were half baked pissed a lot of people off.

2) The cycle for I.T. infrastructure isn’t two years, it’s more like 4-7 years.

It is entirely likely that my next computer will not run Windows. Or at least not as the default operating system. Instead I’ll probably get use Debian Linux and VirtualBox on it. VirtualBox is a virtualization package that lets you run another OS image underneath the main OS. So I’ll just clone my current XP box into an image and use that when I need to get access to MS Office, etc.

And I will kiss goodbye forever Microsoft’s craptastic operating systems. Yes I said it, I’ve dealt with Windows for over 20 years now and all I can say is that it’s been one pain in the ass after another. From print drivers that no longer work with the latest versions of Windows, to bad file system structure, etc.

Linux at the very least is flexible as hell. The ext4 file system can have drives up to one exbibyte (EiB). That’s that EiB is 1 exbibyte = 260 bytes = 1152921504606846976bytes = 1,024 pebibytes. A pebibyte is is 250 bytes. And right now we’re only seeing terabytes and gigabytes. So there won’t be any problem with big files in the ext4 file system.

Plus ext partitions have journaling capabilities, error correction, etc. Compare that to the Windows File System.

I can just use Macrium Reflect to create the boot image of this machine – and BAM! Virtualized in style.

So I’ll be leaving Microsoft for greener fields. And in fact once I image this machine I’ll probably put Ubuntu or Debian on it. It’s still usable.

 

 

 

So it’s now official

· 2 Comments ·

I’m a Unix guy. It has been boiling around in my resume for awhile now. At this juncture I’ve now dealt with more Unix and Linux systems than Windows systems.

Granted I still know the hell out of Windows too. For example, I know how to get Windows to route packets destined for certain devices over a certain interface.

But the majority of my experience has now been with Unix and open source tools. And I know how to use Corkscrew to tunnel http connections on Unix too.