(   )
                          (    )
                           (    )
                          (    )
                            )  )
                           (  (                  /\
                            (_)                 /  \  /\
                    ________[_]________      /\/    \/  \
           /\      /\        ______    \    /   /\/\  /\/\
          /  \    //_\       \    /\    \  /\/\/    \/    \
   /\    / /\/\  //___\       \__/  \    \/
  /  \  /\/    \//_____\       \ |[]|     \
 /\/\/\/       //_______\       \|__|      \
/      \      /XXXXXXXXXX\                  \
        \    /_I_II  I__I_\__________________\
               I_I|  I__I_____[]_|_[]_____I
               I_II  I__I_____[]_|_[]_____I
               I II__I  I     XXXXXXX     I
            ~~~~~"   "~~~~~~~~~~~~~~~~~~~~~~~~

Fri, 29 Nov 2013

Trisquel GNU/Linux 6.0 Meets an Old Laptop

I recently acquired an old laptop (A Dell Latitude) from a friend that was throwing it out. I love old laptops, they tend to be built more solidly and have much nicer-feeling keyboards than 'modern' ones. The lack of horsepower doesn't bother me, as my mostly non-GUI needs don't require lots of memory, disk or CPU.

Anyway, one catch with the old Dell laptops is that they all have the Broadcom wireless chipsets that require installing a proprietary firmware blob under Linux. I first did a Debian CD install, and was able to get the wireless to work by using a network cable and the non-free Debian repo. I did a minimal install and left it for a week or so. Today I had a bit more time to finish setting it up to my liking, and on a whim decided to boot into my FSF associate member USB card - it has the latest version of Trisquel GNU/Linux (6.0 LTS) [0] on it. It gave me a nice live environment that defaulted to Gnome classic (I guess this is Gnome3 but with settings dialogs and an app menu), and to my surprise supported the Broadcom wireless out-of-the-box. This is even more surprising when you consider that Trisquel's main selling point is that it has no non-free (as in speech) software in it - including the hardware drivers. So I decided to install it. So far, it is working quite well and feels very snappy as I type up this post, even on this old hardware. Although it is based on Debian, it reminds me of the older Ubuntu releases, when Gnome2 was the default but with newer (and completely free) software.

Trisquel GNU/Linux 6.0 LTS

posted at: 18:16 | path: / | permalink | GNU, Laptop, Legacy, Linux

Tue, 29 Dec 2009

Viewing the Top-Ten Worst SSH Attackers

If you must maintain an 'open' SSH server, this might come in handy. This is a quick way to view the top ten worst offending SSH attackers in your secure log. It works on Red Hat-based Linux boxen (e.g., CentOS, Fedora), but it can easily be modified for other OS's by just changing the pattern or logfile.

[root@mail ~]# grep 'Failed password for invalid user' /var/log/secure* \ | perl -nle 'print $1 if /from.+?(\d+\.\d+\.\d+\.\d+)/' \ | sort -n | uniq -c | sort -nr | head -n 10 1888 1058 1010 372 330 250 250 146 140 140 [root@mail ~]#

posted at: 16:44 | path: / | permalink | Linux, Logs, SSH, Security, Sysadmin, Tips

Sat, 26 Sep 2009

Observations on Teaching Newbies to Use a Shell

I've been teaching Linux/Unix Fundamentals courses recently, and thought I'd share some observations about students - some that surprised me. The course I teach is very command line intensive; while the individual student workstations are setup with graphical environments (KDE), the course can be taught and the concepts learned from a console.

Some of the students I teach are absolute beginners to Linux or Unix, so they have never typed a command into a shell environment before. A lot of the other students' last experience with a command line was some exposure to MS-DOS that is now a faint memory.

read more after the break...

posted at: 01:34 | path: / | permalink | Learning, Linux, Shell, Unix

Sun, 13 Sep 2009

Using Rlwrap to Keep Your Commandline Sanity

After many years of commandline use, I've gotten spoiled by the pervasiveness of GNU readline in shells and other shell-like apps, like the MySQL shell. When I do sit down and try to use an app without such support, the result is a fairly painful mix of cursing and visible control characters (Oracle's sqlplus interface is probably the poster child for miserable CLI experiences, with no convenience facilities whatsoever).

An easy way around this is to use rlwrap, a nifty little program that gives any badly-designed CLI interface full readline capabilities, including command history, searching and editing. Most Linux distros have packages for it, but if not, just download and install the source yourself. It's not very large, and can be installed in a local bin directory if needed. Then you do something like rlwrap sqlplus FOO/password@db1 @sql/settings.sql or rlwrap mailx. Enjoy!

posted at: 14:36 | path: / | permalink | Linux, Rlwrap, Sysadmin, Tips, Unix

Mon, 03 Aug 2009

No, It's Not the Onion

Via the Linux Gazette [0] - a series of command line tutorials in video format [1]. Yes, that's right, video format. I hesitate to even link to them. I can only imagine that this is some vain attempt to grab new subscribers to a dying format by appealing to the Youtube generation.

posted at: 08:42 | path: / | permalink | CLI, Linux, Video, WTF

Thu, 18 Jun 2009

WTF, Ubuntu

Um, seriously WTF, Ubuntu? I must be getting old and intolerant, or something. Ubuntu (and the current crop of Linux distros) all seem to be trying to out-Windoze one another. The bloat and propensity to hide everything from supposedly clueless users has gotten really irritating. More after the jump...

read more after the break...

posted at: 14:33 | path: / | permalink | Bloat, Linux, Ubuntu, WTF

Sat, 23 May 2009

A Sysadmin's Lament, or why cPanel Sucks

I've been wrestling with cPanel [0] on and off for years - more lately, and it always reminds me just how much it sucks. It can be convenient if you don't know how to maintain Linux servers and the various associated Internet services (Apache, BIND, etc.), but there really is no playing nicely with it from a command line sense. Once installed, it takes over your system, rendering it impervious to standard sysadmin tricks. What's more, its convenience is really it's downfall, because when something goes wrong with it, two things are true:

  1. The person using it has no idea what is wrong, OR
  2. The person using it knows what is wrong and how to fix it, just not from within cPanel

The end result of this is when cPanel fails, and it will fail at some point, fixing it is near impossible without calling on cPanel for support (I suppose they like it that way).

It's also one example of a software system that if it were open source, it wouldn't change this situation at all. It's basically a giant mass of Perl code that somehow manages to work (mostly), while aggravating the experienced sysadmin. Its automated upgrades are one example of an epic fail waiting to happen. On several occasions I've had clients call me to fix broken email, only to find a cPanel upgrade has b0rked some key part of the Exim config file. Umm...first, upgrading key system software is not to be taken lightly, and let's not even discuss why the fuck Exim is being upgraded automatically. Second, upgrades should never, and I mean never touch config files without asking. Debian has it right on this one [1]. Do yourself a favor - turn off cPanel upgrades immediately after installation (or better yet, don't install it).

Finally, I can't possibly let this post go without whining about how cPanel and all the other web-based hosting/sysadmin control panels have created an entire generation of so-called 'system administrators' in need of a giant clue bat.

There, I feel better now.

posted at: 09:09 | path: / | permalink | Linux, Sucks, Sysadmin, cPanel

Tue, 12 May 2009

Clueless Admins

Some people have no business maintaining Linux servers. I recently had someone ask me to fix his non-working LAMP web app. He gave me the contact details of the web host admin. So you can be spared the pain I went through, here are six warning signs you might be dealing with a novice Linux admin:

  1. You notice the "X-Mailer: Microsoft Windows Mail..." in your email correspondence with said admin.
  2. You ask for SSH shell access and are told to use puddy [sic].
  3. You ask again for SSH access details and are told to "just select the host from the dropdown menu".
  4. You are finally able to log in to the hosted account. Of course most everything under the web root has permissions 666 and 777, because "nothing worked unless we did that".
  5. There are a multitude or random iframe and pr0n infestations [see the previous item].
  6. When you ask for root access to fix the egregious permissions issues, are told no, because that would change permissions "system-wide". And besides, he adds for good measure, "You could really screw things up".

posted at: 11:45 | path: / | permalink | Linux, Sysadmin, WTF