Latest Entries »

Redirecting Output from a sudo Command

Filed Under: bash, linux by Hamish — Leave a comment
January 11, 2012

sudo is important in order to prevent the need to log on to linux servers as root, or to elevate with su -. However, sudo is run as the current user, so when using angle brackets to redirect output to a file, this will fail unless the elevating user has appropriate access to that file.

Test it:
1. Create a file, owned by yourself in your own home directory
echo hello > ~/hello.test

2. Change the owner of that file to be root
sudo chown root.root ~/hello.test

3. Now try and write to it again as yourself
echo hello > ~/hello.test
permission denied!

4. You now need to be root in order to write to that file
sudo echo hello > ~/hello.test
permission denied!

5. This failed because sudo runs as you, not root. The workaround is:
sudo sh -c "echo hello > ~/hello.test"

6. GREAT! So now you know how to redirect output from a sudo command to a protected file! Fix the ownership of your file and delete if you like
sudo chown you.you ~/hello.test
rm ~/hello.test

This, as convoluted as it seems, appears to be the documented method, according to the sudo man page. If anyone knows of a nicer way, please let me know!

Comment

Free and Cheap DynDNS

Filed Under: bash, geek, linux by Hamish — Leave a comment
November 11, 2011

So, you have a home machine running a particular service that you’d like to access, but don’t wish to install any third party utilities or pay for dynamic DNS. As long as you have access to another server elsewhere that does have a static IP, this should be a relatively easy problem for you to solve. There are many possible solutions, but here is how I have managed it in the past. Option 2 below is my preferred option, but option 1 is probably easiest and doesn’t require DNS. Option 3 is an extra, which I’ve also tested and used myself in the past. Both options 1 and 3 have a certain advantage in that they don’t require an external DNS record to be present for your home location, or for you to run the DNS service. Anyway, enough rabbiting on, here’s the meat:

Option 1: Static Text File

Set your home server with dynamic IP to do a regular wget on a site running on your remote server. It should access a secret URL that only you know about. This doesn’t even have to be a real page on the site, it can simply 404 if you wish, as long as it shows up in your access logs. All you then need to do is schedule a script on your remote web server to grep the access logs for that secret URL, awk out the IP and dump it to a text file that you can access on the site. Boom! That text file will always contain the latest known IP address for your home server.

To summarise (text file option):

  1. On your home server have cron call this as often as you see fit: wget http://remote.website.location/secret_url
  2. And on your remote server, have cron call this as often as you need: grep secret_url /var/log/httpd/site-access.log | tail -n 1 | awk '{print $1}' > /var/www/site_name/remoteip.txt
  3. Then hit http://remote.website.location/remoteip.txt and you will find the information you require. You can put this file behind basic auth using your apache configuration or .htaccess if you wish.

Option 2: DNS

Assuming that you can run a DNS server such as bind on your remote machine, the process is even smoother. Set your home server with dynamic IP to do a wget on a site running on your remote server. Again, this doesn’t need to be a real page and can simply 404 if you wish, as long as it is recorded in a log file. Next, configure your remote server to get the ip from the access logs again. You can then set it to run a sed for the old IP in the DNS zone file, replace with the new IP and reload bind. If you set a low enough TTL on the record, then this operation will be pretty much seamless.

To summarise (DNS option):

  1. On your home server have cron call this as often as you see fit: wget http://remote.website.location/secret_url
  2. And on your remote server, have cron call this as often as you need (assuming your home DNS name is “home.domainname.com”): newip=`grep secret_url /var/log/httpd/site-access.log | tail -n 1 | awk '{print $1}'`; oldip=`grep home /var/named/domainname.com.external.hosts | awk '{print $5}'; sed -i "s/\b$oldip\b/$newip/" /var/named/domainname.com.external.hosts; /etc/init.d/named reload

The above is obviously making certain assumptions about your DNS configuration, file locations etc. that you will want to test before actually running. And you can also add something like if [ $oldip = $newip ]; then .....; fi in order to only actually make the DNS change if your IP has changed.

Option 3: Web Proxy

OK, this assumes that you simply want to access an http indexed folder, or some other web service on your home system.

  1. Configure the http service on your home system to serve the content that you want access to. We’ll use http://home.domainname.com/directory/ as an example
  2. Set your home system to do a wget as described in the two examples above
  3. Set your remote system to get your home IP from the access logs as above and dump it this time into it’s hosts file, creating an entry like so: new.ip.add.ress home.domainname.com
  4. Configure your remote web server to proxy a specific location to your home DNS name like so: ProxyPass /home_things/ http://home.domainname.com/directory/ and ProxyPassReverse /home_things/ http://home.domainname.com/directory/

Again, place as much of this behind auth and SSL as you see fit. You will need to enable mod_proxy and mod_proxy_http in your remote site apache config.

Bonus option 4: What Is My IP?

If you can find a web service such as http://www.whatismyip.org/ that will give you your IP in response to a wget, you can simply use that and then have your home system update the remote system with your home address via an ssh or scp command. You could also setup your own web service to return the IP address if you don’t wish to rely on a third party tool.

Comment

Centos 6 Desktop

Filed Under: linux by Hamish — Leave a comment
November 10, 2011

Ubuntu broke my heart. Several upgrades in a row broke grub and required a grub reinstall. This is obviously a pain in the nuts when you need to use another machine or even a mobile device to google the commands.

Then on my last upgrade attempt, the system completely froze half way through. I left it overnight and still no joy in the morning. I fired up another console and checked all the usual logs for errors relating to the problem and nothing was helpful. I tried killing various processes that may have been blocking the upgrade and still nothing. So my only choice was to reboot. /sbin/reboot failed. init 6 failed. I tried running sync a few times and still rebooting failed. My only choice was to hold down the dreaded power button.

Unsurprisingly the system would not boot. That was when I decided enough was enough. No more Screwbuntu for me, thank you very much. I chose Centos 6 for my new distro as I use Centos on a daily basis in my job and have become well used to running it. Yes I may become less diverse over time by exclusively using a redhat-esque OS rather than switching between that and a debian based OS. But when it comes to my home system, I just want it to work. And Ubuntu wasn’t doing that for me any more.

Best decision I’ve made in ages! It’s hassle free and just works. I heartily recommend it. I mounted the old file system and fired up the various required services, ran the serviio scripts for DLNA streaming etc. and it all just worked.

B-E-A-utiful.

 

Comment

32 Print Bit Drivers Through Group Policy from 64 Bit Server 2008

Filed Under: windows by Hamish — Leave a comment
August 24, 2011

OK, so this is quite a specific issue to resolve, but it caused me a fair amount of headache. Getting 32 bit drivers on to a 64bit windows print server is not necessarily a straightforward task, especially if the vendor provided drivers are poorly configured. Trying to install the 32 bit drivers from CD, you can end up with your OS asking you for access to an i386 directory for an ntprint.ini system file, or other such delights.

Unfortunately, I had to resort to running the print manager console from a 32 bit system, as a user with relevant permissions on the print server, then add the print server to the print manager console. Furthermore, I only had a driver download from Dell for the printer in question, so I had to run the .exe and check where the temporary files were being copied to, in this case, %userprofile%\AppData\local\temp\[random_string]

What you can then do is add a new x86 driver to your remote 64bit print sever from your 32bit machine, and when it asks for the driver location point it to one of the drivers in the temporary location you found in the above step.

I’ve not produced a step by step how to for this, as the circumstances are likely to be different depending on your driver. What you fundamentally need is an inf file for a 32 bit driver, and access to your print server from a 32 bit system. With those main ingredients, you should be able to add the required drivers.

Comment

Chat Thing

Filed Under: geek by Hamish — Leave a comment
July 10, 2011

I’ve installed ircd and am running widget on this site for my #tech channel. You can find it here.

Just choose your username and dive in to talk about tech and stuff. You never know, there might be someone else in there to talk back at you :-)

Comment

EU Cookie Legislation

Filed Under: Notice by Hamish — Leave a comment
July 5, 2011

Dear persons behind the EU cookie legislation,

You are utterly retarded.

Kind regards,

Persons who understand the Internet

Comment

WinSXS Woes Finally Cured

Filed Under: windows by Hamish — 2 Comments
June 24, 2011

…or at least improved significantly.

For years, the winsxs folder within the windows folder on vista, 7 and server 2008 machines has been completely unmanageable. It grows outrageously large (6GB on my windows 7 PC, and 12.5GB on several server 2008 machines). Microsoft’s response to this has always been “Hard disk space is cheap, just suck it up” (sic). That might be true for SATA or SAS storage in the professional setting, but if you use SSD drives on your home system, then storage is anything but cheap. And if you partition your hard disk according to Microsoft’s recommended size for the OS, then you’re going to run very close to the limit.

The good news is, after all our complaining, they’ve finally gone and done something about it. From service pack 1 in Windows 7 and Server 2008 R2 onwards you have access to a too called dism. You can get access to this tool on vista or server 2008 (not R2) by downloading and installing the Windows Automated Installation Kit, but only offline space recovery is supported. Good luck with that.

So, here is a screenshot of my system with disk space usage of the winsxs directory before running the command, with the command dism /online /cleanup-image /spsuperseded ready to run in the command prompt window (cmd needs to be run as administrator):

before dism command

Click image to enlarge

And here is the size of the directory after running the command, with the output of the command included in the cmd window:

after dism command

Click image to enlarge

As you can see, this freed up just over 2GB of space on my windows 7 system. On a server 2008 R2 system, it managed to clear up just over 4GB of space. If anyone finds an easy way to do this online for server 2008 or vista, I would love to hear about it.

Comment

Google Music Invite

Filed Under: cloud, geek by Hamish — Leave a comment
June 17, 2011

My Google Music invitation finally came through. The signup process doesn’t seem to care whether or not you are in the US, so I’m going ahead.

After all the terms and conditions etc. the first cool thing is, they seem to offer you a good selection of free music when signing up. You tick the boxes to say what genres you like, and they give you free music!

Next they offer to let you download and install “Music Manager”, which can be used for uploading music from your library into their cloud. The initial file is tiny to download, but then proceeds to download further files for installation.

You are then presented with the option to add music folders. After doing so, it proceeds to upload your music into your google music storage, and will immediately let you start playing them (as they’re local anyway) through the Music Player app (actually just opens your browser to music.google.com).

So, first impressions? Awesome! The only thing is, I have an iPhone and there isn’t currently an iPhone app, so no local storage or syncing with the cloud.

Is this going to replace my spotify account? Not yet I don’t think. If they introduce an iPhone app or if I go Android, and they also allow sharing of playlists, then that would be very cool. But the ability of spotify to search out and instantly play any (almost) song is going to be hard to beat.

What I can see it being useful for is once I acquire new music, through legal means of course, I can upload it to whichever machine I happen to be using at the time, and be able to listen to it wherever I happen to be from that point onwards. That beats the crap out of iTunes. Will it beat iCloud? Dunno.

Comment

Spotify Could Not Access Soundcard

Filed Under: linux by Hamish — Leave a comment
June 6, 2011

If you see a message like the one in the title when running spotify for Linux on ubuntu 11.04, one possible cause could be that you have two versions of spotify installed.

If you previously had spotify running under wine, that seems to be the version pinned to the new launcher bar in ubuntu 11.04. Try doing a unity search for spotify and see if you have two results for spotify. The one with the penguin is the one that you want. Simply pin this to your launcher in place of the wine version to avoid future confusion. Or better still, uninstall the wine version.

Now if I could just figure out how to make spotify die gracefully without requiring a kill -9, perhaps that will stop it from serving up the licence agreement every time it runs.

Upgrading your ubuntu install should not be done unless you have time to spend fixing problems during and after the upgrade. I don’t have time right now so this (together with the grub nonsense) comes as an unwelcome surprise.

Sort it out, people!

Comment

More Ubuntu Upgrade Fail

Filed Under: linux by Hamish — Leave a comment
June 5, 2011

This time, upgrading from 10.10 to 11.04, and more grub fun. The error was the same as last time, only on this occaison after reinstalling grub, I’m greeted with this at bootup:

Minimal BASH-like line editing is supported. For the first word, TAB lists possible command completions. Anywhere else TAB lists the possible completions of a device/filename.

Fail.

The solution in the end was to download an ISO of the latest ubuntu, in this case 11.04, boot into the live CD of that and run the previous posts solution. Fun, fun, fun!!!

On another note, Ubuntu seems to fail to pickup the DNS server option via DHCP, where all other devices on my network succeed. I have to manually edit the resolv.conf to put in the DNS server IP address.

Apart from all this, I’m still very happy with Ubuntu as a replacement for windows. We all know that running Windows comes with problems of it’s own. I just feel sorry for less techie individuals that have to try and sort out problems like this. I suspect many of them will give up and go back to MS.

Comment
Performance Optimization WordPress Plugins by W3 EDGE