OpenSUSE Linux Rants

I had a smooth, easy experience with a fresh install of openSUSE 11.2 on my desktop this weekend. Man, that was nice.

With the excellent openSUSE Build Service available, I find myself there often. Many times I am looking for more recent versions of packages than what are available from the repositories I have loaded into my machine. Once the packages are found, I usually just grab the repository that they are in and load that into YAST.

For example, let’s say we’re looking for pidgin. Using YaST or zypper, we do a search, and find that we have version 2.6.2 available to us. However, with the openSUSE Build Service, we see that 2.6.3 is available. We’ll just grab the repo for it, which is located directly above the 1-click install button. Right-click on it, select “Copy Link Location.” You have the repo in your clipboard.

Then, we can use zypper to load our repository into YaST, set it to autorefresh, and then refresh it. Then, when we search for pidgin again, 2.6.3 shows up rather than 2.6.2. It’s a quick, easy way to collect and save reliable repositories that have newer packages in them.

To add a repo, then set it to autorefresh, then refresh it takes three, semi-lengthy commands, for example:

[1049][root@laptop:~]$ zypper addrepo "http://download.opensuse.org/repositories/GNOME:/Apps/openSUSE_11.2" "Gnome Apps"

Then:

[1049][root@laptop:~]$ zypper modifyrepo -r "Gnome Apps"

Then:

[1049][root@laptop:~]$ zypper refresh "Gnome Apps"

Rather than type all that out every time, I threw a quick script together that I call ‘repoadd’ (don’t forget to run chmod +x on it to make it executable) to save me all the agony:

#!/bin/sh
# $1 is the repo, i.e. http://download.opensuse.org/repositories/GNOME:/Apps/openSUSE_11.2
# $2 is the name you wish to give it, i.e. "Gnome Apps"
zypper addrepo "$1" "$2"
zypper modifyrepo -r "$2"
zypper refresh "$2"

Now, instead of having to type that all out every time, you can just run:

[1049][root@laptop:~]$ repoadd "http://download.opensuse.org/repositories/GNOME:/Apps/openSUSE_11.2" "Gnome Apps"

Of course, 1-Click Install does essentially the same thing. I just thought I’d explore and share this different way of going through that process. You never know when those alternative ways of doing things can save your hide.

Linux is built to be inherently secure, and has a great track record of having superior security to its proprietary counterpart.

However, in the world of server administration, paranoia is an asset. How else could someone get in? How can I prevent that? How can I be notified?

One magnificent contribution to the security of Linux servers the world over is called fail2ban. Why should you care?

From the Fail2ban main page:

Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address.

So basically, it gives the finger to those mean people who are trying to brute-force your ssh server. And it blocks them at the packet level with iptables. No iptables knowledge necessary. (Though if you want a quickie, take a look at this short “Iptables for Linux” intro).

For openSUSE users, check to see if you have it available using zypper:

[1049][root@laptop:~]$ zypper search fail2ban

If you find it, use zypper install fail2ban to get it on your box.

If you have trouble getting it installed, follow the seriously excellent advice on the fail2ban download page.

When you get it installed, as root, edit your /etc/fail2ban/jail.conf file.

Put your ip addresses in the ignoreip list so you don’t lock yourself out.

bantime is in seconds. 1 hour is 3,600 seconds. 24 hours is 86400. I put in at least 24 hours. Do what works for you.

maxretry is how many tries a user gets before they’re blocked for bantime seconds. 3 to 5 chances seems more than generous.

Now to set up the notification.

In the same file, look for the section called [ssh-iptables]. Change this section so it looks like this:

[ssh-iptables]

enabled  = true
filter   = sshd
action   = iptables[name=SSH, port=ssh, protocol=tcp]
           sendmail-whois[name=SSH, dest=notrealemail@suseblog.com, sender=fail2ban@suseblog.com]
logpath  = /var/log/messages
maxretry = 3

If you don’t want the ‘whois’ info, take out the ‘-whois’ from the sendmail part. Change the dest email to your own, and set the sender to whatever you want. Maxretry will override the default that you set further up. In logpath, put in the system log, or wherever your sshd logs stuff. Mine happens to be what you see there.

When it’s set up as you like, save and quit.

Now, fire that bad fool up:

[1607][root@mail:/etc/fail2ban]$ fail2ban-client start
2009-11-27 16:07:46,554 fail2ban.server : INFO   Starting Fail2ban v0.8.4
2009-11-27 16:07:46,555 fail2ban.server : INFO   Starting in daemon mode
[1607][root@mail:/etc/fail2ban]$

To make it run when the machine restarts, use chkconfig:

[1607][root@mail:/etc/fail2ban]$ chkconfig -a fail2ban
fail2ban                  0:off  1:off  2:off  3:on   4:off  5:on   6:off
[1610][root@mail:/etc/fail2ban]$ 

Within at least a few hours, you should get notifications. Or, you can have someone try and brute force your box and see if their IP gets banned.

If you read through jail.conf, you’ll see that fail2ban can do loads more than I’ve covered here. But if you want a little more armor on ssh, your biggest target, slap fail2ban on your box.

OpenSUSE Linux provides a command-line method of managing repositories and packages. This tool is called zypper. The following is a basic tutorial by example of how to use zypper.

Repository Management

To list repositories:

[1342][root@dev:/home/scott]$ zypper repos
#  | Alias             | Name                  | Enabled | Refresh
---+-------------------+-----------------------+---------+--------
1  | Enlightenment CVS | Enlightenment CVS     | Yes     | Yes
2  | OpenSUSE_11.1_ISO | OpenSUSE 11.1 ISO     | Yes     | No
3  | Packman           | Packman               | Yes     | Yes
4  | Window_Managers   | Window Managers       | Yes     | Yes
5  | XFCE4             | XFCE4                 | Yes     | Yes
6  | aterm             | aterm                 | Yes     | Yes
7  | home:danci1973    | home:danci1973        | Yes     | Yes
8  | home:dauphin      | home:dauphin          | Yes     | Yes
9  | home:jnelson-suse | home:jnelson-suse     | Yes     | Yes
10 | mozilla           | mozilla               | Yes     | Yes
11 | openSUSE 11.1-0   | openSUSE 11.1-0       | Yes     | Yes
12 | repo-debug        | openSUSE-11.1-Debug   | No      | Yes
13 | repo-non-oss      | openSUSE-11.1-Non-Oss | Yes     | Yes
14 | repo-source       | openSUSE-11.1-Source  | No      | Yes
15 | repo-update       | openSUSE-11.1-Update  | Yes     | Yes
[1402][root@dev:/home/scott]$

To add a repository (we’re going to use Packman as an example):

[1341][root@dev:/home/scott]$ zypper addrepo "http://packman.unixheads.com/suse/11.1/" Packman
Adding repository 'Packman' [done]
Repository 'Packman' successfully added
Enabled: Yes
Autorefresh: No
URI: http://packman.unixheads.com/suse/11.1/

[1341][root@dev:/home/scott]$ 

To turn on autorefresh, because it’s disabled by default (again, with Packman):

[1341][root@dev:/home/scott]$ zypper modifyrepo -r Packman
Autorefresh has been enabled for repository 'Packman'.
[1342][root@dev:/home/scott]$

To refresh a repo manually:

[1342][root@dev:/home/scott]$ zypper refresh -r Packman
Retrieving repository 'Packman' metadata [done]
Building repository 'Packman' cache [done]
Specified repositories have been refreshed.
[1342][root@dev:/home/scott]$

Leave out the “-r” and leave off the name of the repo if you want to refresh all of them.

To remove a repository:

[1337][root@dev:/home/scott]$ zypper rr Packman
Removing repository 'Packman' [done]
Repository 'Packman' has been removed.
[1337][root@dev:/home/scott]$ 

Package Management

To search for a package (id3v2, in this example):

[1224][root@dev:/home/scott]$ zypper search id3v2
Loading repository data...
Reading installed packages...

S | Name  | Summary                              | Type
--+-------+--------------------------------------+--------
  | id3v2 | A Command Line Editor for ID3V2 Tags | package
[1229][root@dev:/home/scott]$

To get information on a package (again, id3v2):

[1229][root@dev:/home/scott]$ zypper info id3v2
Loading repository data...
Reading installed packages...

Information for package id3v2:

Repository: openSUSE 11.1-0
Name: id3v2
Version: 0.1.11-77.60
Arch: x86_64
Vendor: openSUSE
Installed: No
Status: not installed
Installed Size: 79.0 K
Summary: A Command Line Editor for ID3V2 Tags
Description:
ID3 tags are found in MP3 files. They canstore information about what band recorded the song, the song name, and more.

ID3V1 tags are seriously deficient as to the kind of and length ofinformation that they can store. This is a tool for editing ID3V2tags in Linux.

[1333][root@dev:/home/scott]$ 

To install a package:

[1333][root@dev:/home/scott]$ zypper install id3v2
Loading repository data...
Reading installed packages...
Resolving package dependencies...

The following NEW package is going to be installed:
  id3v2 

Overall download size: 30.0 K. After the operation, additional 79.0 K will be used.
Continue? [YES/no]:
Retrieving package id3v2-0.1.11-77.60.x86_64 (1/1), 30.0 K (79.0 K unpacked)
Retrieving: id3v2-0.1.11-77.60.x86_64.rpm [done]
Installing: id3v2-0.1.11-77.60 [done]
[1334][root@dev:/home/scott]$

To remove a package:

[1334][root@dev:/home/scott]$ zypper remove id3v2
Loading repository data...
Reading installed packages...
Resolving package dependencies...

The following package is going to be REMOVED:
  id3v2 

After the operation, 79.0 K will be freed.
Continue? [YES/no]:
Removing id3v2-0.1.11-77.60 [done]
[1336][root@dev:/home/scott]$

These are some common zypper commands that will help you manage your repositories and packages from the command-line.

When you are forwarding ports through a tunnel, either locally or remotely (i.e., with the -L or -R switches), you can modify the session real-time. The way that you do this is after you start the session, you press SHIFT + ` + c (The ` key also has a ~ in it, which is the actual keypress sent to the session). If it doesn’t work the first time, press ENTER a couple of times and try it again. Once you get the “ssh>” prompt, type “?” for the commands you can put in. Here’s an example session:

[0908][scott@dev:~]$ ssh -R 8080:suseblog.com:8080 scott@suseblog.com
Password:
Last login: Thu Oct 15 11:59:43 2009 from 67.214.232.162
Have a lot of fun...
[1109][scott@mail:~]$ [PRESS SHIFT + ` + c HERE]
ssh> ?
Commands:
      -L[bind_address:]port:host:hostport    Request local forward
      -R[bind_address:]port:host:hostport    Request remote forward
      -KR[bind_address:]port                 Cancel remote forward
[PRESS ENTER HERE]
[1110][scott@mail:~]$ [PRESS SHIFT + ` + c HERE]
ssh> -R8080:letslearnlinux.com:1080
Forwarding port.

[1110][scott@mail:~]$

OpenSSH has got to be one of the freakin’ sweetest tools *EVAR*. Anyway, enjoy!

When you have the level of paranoia that I do, being able to generate ultra-secure passwords is a very nice thing.

My bash prompt is also something I take great pride in. Not only that, I really like it.

Well guess what, folks… you can do both with the same file. This would be your .bashrc file. Here’s a basic look at my prompt:

[1850][scott@laptop:~]$

It shows me the time, the account with which I am logged in, the hostname of the local machine, and the present working directory. All handy things to know.

Now, for the password generation thing, check this out:

[1855][scott@laptop:~]$ genpasswd 64
(#b-p>yi>ojSw@oS6PN,uo_A`;.}DuyfG{levk[Q$UgfrmAkE^t|&)dZb!Nry;
[1855][scott@laptop:~]$

You can make rainbow tables ’til the end of time, and let John the Ripper go on the /etc/shadow file with that password in it, and you ain’t gonna be cracking that password.

If this is interesting to you, or you have other suggestions of a similar nature, please, let’s have ‘em.

That all said, here’s the .bashrc file that makes this prompt and password generator possible:

# /etc/skel/.bashrc:
# This file is sourced by all *interactive* bash shells on startup.  This
# file *should generate no output* or it will break the scp and rcp commands.

# colors for ls, etc.
eval `dircolors -b /etc/DIR_COLORS`
alias d="ls --color"
alias ls="ls --color=auto"
alias ll="ls -al --color"

# Change the window title of X terminals
case $TERM in
        xterm*|rxvt|Eterm|eterm)
                PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME%%.*}:${PWD/$HOME/~}\007"'
                ;;
        screen)
                PROMPT_COMMAND='echo -ne "\033_${USER}@${HOSTNAME%%.*}:${PWD/$HOME/~}\033\\"'
                ;;
esac

##uncomment the following to activate bash-completion:
#[ -f /etc/profile.d/bash-completion ] && source /etc/profile.d/bash-completion

function proml {
local       BLUE="\[\033[0;34m\]"
local        RED="\[\033[0;31m\]"
local  LIGHT_RED="\[\033[1;31m\]"
local      WHITE="\[\033[1;37m\]"
local LIGHT_GRAY="\[\033[0;37m\]"
case $TERM in
    xterm*)
        TITLEBAR='\[\033]0;\u@\h:\w\007\]'
        ;;
    *)
        TITLEBAR=""
        ;;
esac

PS1="${TITLEBAR}\
$BLUE[$RED\$(date +%H%M)$BLUE]\
$BLUE[$LIGHT_RED\u@\h:\w$BLUE]\
$WHITE\$$LIGHT_GRAY "
PS2='> '
PS4='+ '
}

proml

alias ifconfig="/sbin/ifconfig"

genpasswd() {
        local l=$1
        [ "$l" == "" ] && l=20
        tr -dc A-Za-z0-9\-_~\!@#$%^\&*\(\)\\\`\+\[\{\]\}\|\;:\",\<.\>/?\= < /dev/urandom | head -c ${l} | xargs
}

Hope that's as useful for you as it has been for me.

Linux has so many marvelous tools. The great part about this is that you can combine the tools to make new tools. As you may know, there have been previous postings about a tool called ’sup’ which tells you some useful information about the linux box into which you are logged. Having so many terminal windows open, and screen sessions going, it’s easy to get lost in the labyrinth of connections and sessions. This tool clears all that up for you really quick.

Since the last version, the most significant change is the ability to determine which version of which Linux distribution you are using.

Here is some sample output:

<=== SYSTEM ===>
  Distro info:  Welcome to openSUSE 11.1 - Kernel \r (\l).
  Kernel:       Linux laptop 2.6.27.19-3.2-pae #1 SMP 2009-02-25 15:40:44 +0100 i686 i686 i386 GNU/Linux
  Uptime:        9:20am  up   0:47,  1 user,  load average: 0.64, 0.54, 0.38
  Memory:       Total: 1986Mb   Used: 730Mb     Free: 1256Mb
  Swap:         Total: 4180Mb   Used: 0Mb       Free: 4180Mb
  Architecture: i686
  Processor:    0 : Intel(R) Core(TM) Duo CPU T2250 @ 1.73GHz
  Processor:    1 : Intel(R) Core(TM) Duo CPU T2250 @ 1.73GHz
  Date:         Tue Jul 21 09:20:09 MDT 2009

<=== USER ===>
  User:         scott (uid:1000)
  Groups:       users www
  Working dir:  /home/scott
  Home dir:     /home/scott

<=== NETWORK ===>
  Hostname:     laptop
  IP (lo):      127.0.0.1/8
  IP (lo):      127.0.0.2/8
  IP (eth0):    10.245.106.6/24
  Gateway:      10.245.106.1
  Name Server:  10.45.106.10

I don’t like it when people try and hack my web servers. To make myself aware of people trying to access my ssh daemon, I wrote me a little script. Yup, I’m certainly aware of DenyHosts. Notwithstanding, in the hopes that this script may find use elsewhere, I post it here. Behold, enjoy, and chuckle a bit at how much better you could write it. Then, let me know how you’d improve it:

#!/bin/sh
LOGFILE=/root/hack_attempts
IFS=$'\n'
PATTERN="^"`date --date="1 minute ago" "+%b %e %H:%M:"`""
tail -n 1000 /var/log/messages | grep ""$PATTERN"" | grep sshd | grep -i "invalid user" | grep " from " > "$LOGFILE"
if [ $(stat -c%s "$LOGFILE") -gt 0 ] ; then
	echo "See the attached log for details" | mailx -a "$LOGFILE" -s "Possible hack attempt" YOUREMAIL@YOURDOMAIN.COM
fi
rm "$LOGFILE"

Copy it to your /root folder. Name it something cool like ’ssh_foghorn’, and chmod +x it to make it executable. Put it in your /etc/crontab file to run once every minute. Make sure you set the system log to whatever your distro uses. And change the email address to your own. Doesn’t cure cancer, but for 8 lines of code, it does what it needs to.

Again, I’m sure there are better ways to do this, so let’s hear ‘em!

First, the stick should be in, but not mounted. If it is mounted, find the partition represented by your usb stick, as such:

[0959][scott@laptop:~]$ mount
/dev/sda2 on / type ext3 (rw,acl,user_xattr)
/proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
debugfs on /sys/kernel/debug type debugfs (rw)
udev on /dev type tmpfs (rw)
devpts on /dev/pts type devpts (rw,mode=0620,gid=5)
/dev/sda1 on /windows/C type fuseblk (rw,allow_other,blksize=4096)
fusectl on /sys/fs/fuse/connections type fusectl (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
gvfs-fuse-daemon on /home/scott/.gvfs type fuse.gvfs-fuse-daemon (rw,nosuid,nodev,user=scott)
/dev/sdc1 on /media/disk-1 type vfat (rw,nosuid,nodev,shortname=winnt,uid=1000)
/dev/sdb1 on /media/disk-2 type fuseblk (rw,nosuid,nodev,allow_other,default_permissions,blksize=1024)
[0959][scott@laptop:~]$

It will likely be a /dev/sdxx type device. In this case, the one I’m looking for is sdb1.

We need to unmount it as root (’su’):

laptop:/home/scott # umount /dev/sdb1
laptop:/home/scott #

Now, fdisk the usb stick, and not the partition. In other words, leave off the trailing digit:

laptop:/home/scott # fdisk /dev/sdb

Command (m for help):

Press ‘p’ to view the partitions on the drive. Delete all partitions. Create a new one with ‘n’. It will be a primary partition, and it will be partition 1. Now, we need to set the filesystem type. Press ‘t’, and then if you’d like to see all the filesystem types, press ‘L’, but I’ll just tell you that NTFS is 7. Press ‘7′, and then ‘w’ to write the partition table, and exit:

Command (m for help): p

Disk /dev/sdb: 1027 MB, 1027604480 bytes
64 heads, 32 sectors/track, 980 cylinders
Units = cylinders of 2048 * 512 = 1048576 bytes
Disk identifier: 0x610fbfb2

   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1   *           1         980     1003504    c  W95 FAT32 (LBA)

Command (m for help): d
Selected partition 1

Command (m for help): n
Command action
   e   extended
   p   primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-980, default 1):
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-980, default 980):
Using default value 980

Command (m for help): t
Selected partition 1
Hex code (type L to list codes): 7
Changed system type of partition 1 to 7 (HPFS/NTFS)

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.
laptop:/home/scott #

Now, we need to actually format the new partition. Include the partition number at the end. It should be 1. You will do this as root (’su’), like so:

laptop:/home/scott # mkntfs /dev/sdb1
Cluster size has been automatically set to 1024 bytes.
Initializing device with zeroes: 100% - Done.
Creating NTFS volume structures.
mkntfs completed successfully. Have a nice day.
laptop:/home/scott #

K, well, there you are. Mount it up any way you see fit, and you are all set.

I have updated the ’sup’ bash script so that you can see some useful stats about your Linux box at a glance. Here is some output:

  User:         scott (uid:1000)
  Groups:       users dialout video
  Working dir:  /home/scott
  Home dir:     /home/scott
  Hostname:     suse-linux
  IP (lo):      127.0.0.1/8
  IP (lo):      127.0.0.2/8
  IP (eth0):    192.168.12.144/24
  Gateway:      192.168.12.2
  Name Server:  192.168.12.1
  Date:         Wed Jan 21 09:38:57 MST 2009
  Uptime:        9:38am  up 15 days 23:36,  6 users,  load average: 0.22, 0.22, 0.24
  Kernel:       Linux suse-linux 2.6.25.18-0.2-pae #1 SMP 2008-10-21 16:30:26 +0200 i686 i686 i386 GNU/Linux
  Memory:       Total: 2016Mb   Used: 972Mb     Free: 1044Mb
  Swap:         Total: 4102Mb   Used: 150Mb     Free: 3952Mb
  Architecture: i686
  Processor:    0 : Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz
  Processor:    1 : Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz

I’ve added the processor info and gateway and nameserver info. I’ve commented out some other stuff that will give you your sound card info, video card info, and basically everything you can get with “lspci -v”. That would be why it’s commented out. Anyway, take a look at the new version:

Linux ’sup’ bash script

As Linux tools sometimes do, this little script was born out of frustration from the repetitive. And the meniality of the task is directly proportional to one’s desire to replace it with anything that will automate the process. If I have to do something twice on my Linux box, it gets automated.

So a few days ago I put together a bash script which I named “What’s Up?” The abbreviation for this is ’sup’ which is the command used to invoke the script. I use it to tell me which server I’m on, who I’m logged in as, the memory status of the box, and some other crazy junk.

Originally, this fool was 110 lines of code to display 13 lines of output. Fortunately, an altruistic and knowledgeable Lonnie Olson brought to my attention the fact that there was room for some nice optimizations. Of such coolness were these optimizations that they brought the line count from 110 to a mere 21, not including comments and empty lines.

If you’re just tuning in, the script looks like this:

#!/bin/bash

# ORIGINALLY WRITTEN BY SCOTT MORRIS (http://www.suseblog.com/) on 2008-05-28
# UPDATED AS SUGGESTED BY LONNIE OLSON on 2008-05-30

# COLLECT SOME INFO
IFS=$'\n'
UPTIME=`uptime`
D_UP=${UPTIME:1}
MYGROUPS=`groups`
DATE=`date`
KERNEL=`uname -a`

CPWD=`pwd`

# OUTPUT THE DATA
printf "  user:\t\t"$USER" (uid:"$UID")\n"
printf "  groups:\t"$MYGROUPS"\n"
printf "  working dir:\t"$CPWD"\n"
printf "  home dir:\t"$HOME"\n"
printf "  hostname:\t"$HOSTNAME"\n"
ip -o addr | awk '/inet /{print "  IP (" $2 "):\t" $4}'
printf "  date:\t\t"$DATE"\n"
printf "  uptime:\t"$D_UP"\n"
printf "  kernel:\t"$KERNEL"\n"
printf "  cpu:\t\t"$CPU"\n"
free -mot | awk '
/Mem/{print "  Memory:\tTotal: " $2 "Mb\tUsed: " $3 "Mb\tFree: " $4 "Mb"}
/Swap/{print "  Swap:\t\tTotal: " $2 "Mb\tUsed: " $3 "Mb\tFree: " $4 "Mb"}'

NOTE: If you copy and paste the above code and it does not work, just download it from the link provided above.

And its output looks like this:

[0137][scott@tomahawk:~]$ sup
  user:         scott (uid:1000)
  groups:       users dialout video
  working dir:  /home/scott
  home dir:     /home/scott
  hostname:     tomahawk
  IP (lo):      127.0.0.1/8
  IP (eth0):    192.168.0.110/24
  date:         Sat May 31 01:57:54 MDT 2008
  uptime:        1:57am  up 2 days 21:53,  5 users,  load average: 0.27, 0.23, 0.18
  kernel:       Linux tomahawk 2.6.24-default #1 SMP Sat Jan 26 21:54:20 MST 2008 x86_64 x86_64 x86_64 GNU/Linux
  cpu:          x86_64
  Memory:       Total: 940Mb    Used: 925Mb     Free: 14Mb
  Swap:         Total: 1913Mb   Used: 349Mb     Free: 1564Mb
[0157][scott@tomahawk:~]$

Logging into and out of many Linux servers per day with many different users can cause you to develop aggravated multiple personality disorders unless of course you use a cool script like this to cue the gray matter. I’m thinking about writing another one called ‘whoami’. Oh wait, someone already did that.

A couple of days ago, I put together a .bashrc alias. Well, it won’t work right. The commands in “ marks only execute when the shell opens, and then the variables they’re assigned to stay the same, even when you invoke the alias. Thus, the current working directory and the date and stuff that should change each time you invoke the alias, don’t.

To fix this, I changed it from an alias into a small bash script. To use it, just put it into your ~/bin folder and invoke it like you would any other command.

The contents are thus:

#!/bin/sh

# ORIGINALLY WRITTEN BY SCOTT MORRIS (http://www.suseblog.com/) on 2008-05-28

# DISPLAY THE MEMORY AND SWAP AVAILABLE FOR THE SYSTEM
function memdisp {

IFS=$' '

MEM=`free -mot | head -n 2 | tail -n 1`
COUNT=1

printf "  Memory:"

for ITEM in $MEM
do
        if [ $COUNT -eq 2 ] ; then
                printf "\tTotal: $ITEM Mb"
        fi

        if [ $COUNT -eq 3 ] ; then
                printf "\tUsed: $ITEM Mb"

        fi

        if [ $COUNT -eq 4 ] ; then
                printf "\tFree: $ITEM Mb\n"
        fi

        COUNT=$[COUNT+1]
done

MEM=`free -mot | tail -n 2 | head -n 1`

COUNT=1

printf "  Swap:\t"

for ITEM in $MEM
do
        if [ $COUNT -eq 2 ] ; then
                printf "\tTotal: $ITEM Mb"
        fi

        if [ $COUNT -eq 3 ] ; then
                printf "\tUsed: $ITEM Mb"

        fi

        if [ $COUNT -eq 4 ] ; then
                printf "\tFree: $ITEM Mb\n"
        fi

        COUNT=$[COUNT+1]
done

}

# DISPLAY THE IP ADDRESS OF ETH0
function ipaddr {

IFS=$' '
IPINF=`/sbin/ifconfig eth0 | head -n 2 | tail -n 1`
COUNT=1

printf "  IP (eth0):"
for ITEM in $IPINF
do
        if [ $COUNT -eq 2 ] ; then
#                 printf "$ITEM\n"

                IFS=$':'
                CT=1
                for DATA in $ITEM
                do
                	if [ $CT -eq 2 ] ; then
                		printf "\t$DATA\n"
                	fi
                	CT=$[CT+1]
                done

        fi
        COUNT=$[COUNT+1]
done
IFS=$'\n'

}

# COLLECT SOME INFO
IFS=$'\n'
UPTIME=`uptime`
D_UP=${UPTIME:1}
MYGROUPS=`id`
DATE=`date`
KERNEL=`uname -a`
CPWD=`pwd`

# OUTPUT THE DATA
printf "  user:\t\t"$USER" (uid:"$UID")\n"
printf "  groups:\t"$MYGROUPS"\n"
printf "  working dir:\t"$CPWD"\n"
printf "  home dir:\t"$HOME"\n"
printf "  hostname:\t"$HOSTNAME"\n"
ipaddr
printf "  date:\t\t"$DATE"\n"
printf "  uptime:\t"$D_UP"\n"
printf "  kernel:\t"$KERNEL"\n"
printf "  cpu:\t\t"$CPU"\n"

memdisp

If you copy and paste it, save it as ~/sup, and don’t forget to make it executable with chmod +x ~/sup.

Example output:

[1211][scott@tomahawk:~]$ sup
  user:         scott (uid:1000)
  groups:       uid=1000(scott) gid=100(users) groups=16(dialout),33(video),100(users)
  working dir:  /home/scott
  home dir:     /home/scott
  hostname:     tomahawk
  IP (eth0):    192.168.0.110
  date:         Wed May 28 12:11:58 MDT 2008
  uptime:       12:11pm  up   8:07,  7 users,  load average: 0.46, 0.43, 0.30
  kernel:       Linux tomahawk 2.6.24-default #1 SMP Sat Jan 26 21:54:20 MST 2008 x86_64 x86_64 x86_64 GNU/Linux
  cpu:          x86_64
  Memory:       Total: 940 Mb   Used: 756 Mb    Free: 183 Mb
  Swap:         Total: 1913 Mb  Used: 0 Mb      Free: 1913 Mb
[1211][scott@tomahawk:~]$

Here’s a link to the script: sup.tar.bz2

Download the script.

Run: tar -xvf sup.tar.bz2

Run: mv sup ~/bin

Run: sup

Enjoy.

NOTE: Don’t use this, it has been updated. Go here for latest.

I was fooling around with an alias that would help someone know at a glance what machine they are on, who they are logged in as, their current path, the date, uptime, and some memory stats. This is something that I have found helpful when I have several remote servers open and logged into each one with several different accounts. It’s easy to know at a glance where I am doing what.

To implement this alias, pull open your ~/.bashrc file, and paste all of this at the end of it:

function memdisp {

MEM=`free -mot | head -n 2 | tail -n 1`
COUNT=1
for ITEM in $MEM
do
        if [ $COUNT -eq 2 ] ; then
                printf "  Total RAM:\t$ITEM Mb\n"
        fi

        if [ $COUNT -eq 3 ] ; then
                printf "  Used RAM:\t$ITEM Mb\n"

        fi

        if [ $COUNT -eq 4 ] ; then
                printf "  Free RAM:\t$ITEM Mb\n"
        fi

        COUNT=$[COUNT+1]
done

MEM=`free -mot | tail -n 2 | head -n 1`
COUNT=1
for ITEM in $MEM
do
        if [ $COUNT -eq 2 ] ; then
                printf "  Total SWAP:\t$ITEM Mb\n"

        fi

        if [ $COUNT -eq 3 ] ; then
                printf "  Used SWAP:\t$ITEM Mb\n"

        fi

        if [ $COUNT -eq 4 ] ; then
                printf "  Free SWAP:\t$ITEM Mb\n"

        fi

        COUNT=$[COUNT+1]
done

}

UPTIME=`uptime`
D_UP=${UPTIME:2}

alias sup="
printf '  my user:\t`whoami`\n'
printf '  my groups:\t`id`\n'
printf '  hostname:\t`hostname`\n'
printf '  domain:\t`dnsdomainname`\n'
printf '  date:\t\t`date`\n'
printf '  uptime:\t$D_UP\n'
printf '  kernel:\t`uname -a`\n'
memdisp
"

Then save the file, and run “source ~/.bashrc”. To use the alias, type ’sup’ (short for “what’s up?”) and hit ENTER. You should see something like this:

[1457][scott@suse-linux:~]$ sup
  my user:      scott
  my groups:    uid=1000(scott) gid=100(users) groups=16(dialout),33(video),100(users)
  hostname:     suse-linux
  domain:       truenorth.local
  date:         Fri May 23 14:57:23 MDT 2008
  uptime:       2:57pm  up 5 days 18:35,  15 users,  load average: 0.17, 0.12, 0.13
  kernel:       Linux suse-linux 2.6.24-default #1 SMP Sat Jan 26 00:29:01 MST 2008 i686 i686 i386 GNU/Linux
  Total RAM:    1264 Mb
  Used RAM:     1234 Mb
  Free RAM:     30 Mb
  Total SWAP:   2055 Mb
  Used SWAP:    213 Mb
  Free SWAP:    1841 Mb
[1457][scott@suse-linux:~]$

This is great for when you come back to work from a long weekend, have 300 terminal windows open, logged into 32 servers with 43 different accounts.

If you wanted, you could also put this into the /etc/skel/.bashrc file so that all new users on your machine will automatically have this alias. Change to suit your taste.

If you do this, and an FBI satellite crashes into your new Porsche, it’s not my fault.

I am under no delusions of grandeur here. If you know of a better way to output the info, or more info that you’d like to output, or you modify/change it to make it better, please let us know. Suggestions, tips, tricks, comments, and even mild insults are welcome.

If you use Linux for day-to-day computing, you likely use the secure shell, or ssh. If you are like me, you may grow weary of constantly having to type in passwords to access remote machines. Or maybe you have the perfect backup system, except that it uses ssh to transfer files, and requires you to type in a password (such as rsync or rdiff-backup). There is a way to access those machines without using a password. This technique should be used with care. I’d use it only on machines that I have access to, for example. You don’t want to set up passwordless access from a public machine to your production server, in other words. Use with caution.

The principle is that you generate a public and private key on the local machine. This will be whatever machine you are connecting from. You then transfer the public key to the remote machine. Then, when you ssh into the remote machine, it uses the keys to authenticate. You don’t type in a password, it just takes you straight to the shell prompt. How do we set this up?

Log into the machine you are going to connect from. Let’s say that your account is called ‘user’ and you are going to connect from a machine called ‘desktop’. Log in as ‘user’ on the ‘desktop’ machine and pull up a shell. Run this command. The stuff in red is what you do,not what you type:

[0218][user@desktop:~]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_dsa): [JUST PRESS ENTER HERE]
Enter passphrase (empty for no passphrase): [JUST PRESS ENTER HERE]
Enter same passphrase again: [JUST PRESS ENTER HERE]
Your identification has been saved in /home/user/.ssh/id_dsa.
Your public key has been saved in /home/user/.ssh/id_dsa.pub.
The key fingerprint is:
a5:25:c0:aa:fe:f3:9f:46:7a:23:e3:6e:10:ec:6f:d3 user@desktop
[0218][user@desktop:~]$

Your keys are generated. On that machine, view /home/user/.ssh/id_dsa.pub. You will see something like this:

ssh-dss AAAAA3NzAC1kc3MAAACAANfnr9xkAks2u8Xd5I9nozzsXLKCYA8o9h3cMwL5QMcZGxz84Dyl3IyRwozv3I2xGwJAYyAHvJAS7AQmtFXtfmQts3dt2ZnlAmKj0TkC8pwDgvXJYzARJpCP2Zx7iwD/OCO3sTgT0wGwYtQrAcTeW5Tt6sSmQjEJ2rJj+Q5XA1xvAAAAFQDWcQ+OJRnk+jCYqESWqxHcyw74DwAAAIA9qAQyZrOJkjpzMSWAcliHvvuyCN8RInlgq+IwWynukOX7zYXcE2dJPopgpG3Aiiq/fxAQX5dUzXfSrL3KYftQOd/RNkAzMHAAzAJeQAA0wEt4uAjhGRwCOSg6wKMYJPYfVghnwIKARuSTUS8NjRXVKteHg7frOOHZwRGIm36pxgAAAIA8/CKLLn5QRctsvvvmvpOn2Xhek02z8K0YukYcXJOQ1FMTYWoHujA39sEAFsdx6Nq1t58lI2dsj6fpf7LOOvoYWtKQnTNRUptlOx27LTO9Q6DhKPV/93nLI/xFOFo/8twZ1TmpAgpAI3SQ9YCnX2A8H686OUwUPmY0kA+H8GKnug== user@desktop

What you need to do now, is determine the remote machine you are going to log into. Then, decide what user you are going to log in as on that machine. We are going to log in as a user called ‘admin’ on a server called ’server’. First, we will ssh into ’server’ as ‘admin’. Then, edit the file located at ~/.ssh/authorized_keys2. If it is not there, create it. All you need to do is paste the contents of the id_dsa.pub file from the ‘user’ account on the ‘desktop’ machine into the ~/.ssh/authorized_keys file for ‘admin’ on ’server’.

For example:

I go to my desktop, log in as ‘user’. I run ’ssh-keygen -t dsa’. It generates a ~/.ssh/id_dsa.pub file in my home directory.

I want to connect as ‘admin’ on a box called ’server’. I ssh in normally as ‘admin’ into the ’server’ machine. I edit the ~/.ssh/authorized_keys2 using my favorite text editor. I add the contents of the ~/.ssh/id_dsa.pub file from my desktop machine into the authorized_keys2 file on ’server’. I then save and quit. I then close all connections to ’server’. Then, I type ’ssh admin@server’, and hit ENTER. It drops me straight to a shell prompt.

This is a nice way to access a machine without having to type in the password every time. Only do this from machines that only you or authorized personnel have access to. Otherwise, you could have a li’l security problem.

When you’re in the trenches, pounding out solutions, it’s nice to have any added advantage that you can. Finding the source of what is taking up all the space on a given Linux partition may just find itself on your priority list some day. And when you need to know right now where it is, it’s great to have the following solutions.

Should you need to find the source of what is taking up the space on one of your Linux boxen, you can use this command to get you through:

stage:/ # du -s * | sort -g
0       proc
0       sys
4       media
4       mnt
16      lost+found
68      tmp
100     srv
112     dev
2564    home
7568    bin
9280    sbin
9916    boot
28528   etc
70844   lib
209624  var
221708  root
429396  opt
1848788 VM
2686844 usr
stage:/ # 

So now obviously, my /usr path is taking up the most space. Let’s head into /usr and run the command again:

stage:/ # cd usr
stage:/usr # du -s * | sort -g
0       tmp
12      X11R6
16      i586-suse-linux
76      local
3404    games
12124   include
18100   sbin
100424  bin
331616  src
1103240 share
1117832 lib
stage:/usr # 

We then see that /var/lib and /var/share are taking up the most space.

Once you find the culprits, you can archive them, back them up, truncate them, or just plain rm them (please use ‘rm’ with care).

Also, if you are looking for all files on your drive larger than a certain size, the following script may be useful to you. Don’t forget to ‘chmod +x’ it to make it executable:

#!/bin/sh

# In kilobytes on older machines
MINSIZE=1000

IFS=$'\\n'

# Find the files and put them in a list
FILELIST=`find . -size +"$MINSIZE"k -print`

for FILE in $FILELIST ; do

        FILESIZE=`stat \-\-format=%s "$FILE"`
        FILEM=$(echo "scale=2;$FILESIZE/1048576" | bc -l)
        printf ""$FILE"\\n"
        printf "\\tsize is "$FILEM" Megabytes\\t"
        printf "\\ttype is `file -b "$FILE"`\\n\\n"

done

You may ask, “What is this IFS thing?” Well, it is explained quite well on tldp.org. But for those of us who don’t want to go read that, I’ll just copy and paste the important part for ya’ll:

internal field separator

This variable determines how Bash recognizes fields, or word boundaries, when it interprets character strings.

In other words, bash by default uses spaces to separate things into lists. You are telling it to split the list of files up by the \n or carriage return character rather than by spaces.

Anyway, use the command demonstrated above, and the bash script demonstrated below, to find the files that are taking up all your space.

We have a special treat for anyone who manages or installs multiple machines running Linux, Apache, Mysql, and PHP. This would also be known as the LAMP stack. I got sick of having to install all that by hand every time I was putting another LAMP server together. What I have done is put together a small bash script that will automate the process of installing Apache, MySQL, and PHP. It also adds them to the init scripts, and actually starts up the MySQL and Apache services. All you have to do is set up your MySQL root password, and you are set to go. This script is available here for anyone who may find it useful. It should be easily modifiable to install perl or python for users of those tools.

Download the script here. Extract with command: “tar -jxvf install-lamp-stack.sh.tar.bz2″

Generally, when installing a new machine, I actually use this script I put together to automate the insertion of YAST Installation Sources as well. Run the Installation Sources script first, and then the LAMP stack script, and you’ll be 90% of the way to having yourself a web server.