Monthly Archives: October 2011

Scientific Linux 6 – Basic Setup

Not allowing root to log in

By default sshd is running on SL6 and you can ssh in with ‘root’.

Probably a good idea to change this in /etc/ssh/sshd_config

permitrootlogin no

But first, create a user that can log in.

useradd mart
passwd mart

Then you can change sshd_config and ‘service sshd reload’.

Then you can ssh in and either hit’ su -‘ to get root access.
Or, if you hit ‘visudo’ and add your user. You can later just type ‘sudo bash’ to get a root bash shell.

Firewall

iptables -L to view the firewall setup, note that there is a ‘virbr0’ interface that has forwarding rules. This is probably for NAT or bridging for potential virtual machines, and was probably created when we chose ‘Virtual Host’ as the role for the system.
iptables-save : another view that may be easier to understand. This you can put in ‘file’ and then hit iptables-restore < file.

Slow before you get the login prompt while ssh-ing?

To see what is happening, ssh in with ‘ssh -v ip’.
In my case I saw

 debug1: An invalid name was supplied
Cannot determine real for numeric host address

A little googling showed me that this is because your machine doesn’t have a name lookup for that IP. So go ahead and add one in /etc/hosts and then it will be fast.

Notice that your ssh stops working after a while? Doesn’t accept input?

If so, add this to your ~/.ssh/config file:

Host *
   ServerAliveInterval 60

Make sure there is at least a space on the second line. I have three :p
You can change the * to a specific domain if you do not want to do this on all your boxes.
If the file doesn’t exist, create it.

Run sshd on a second port.

  1. Edit /etc/ssh/sshd_config
  2. Add a line saying: Port 6666
  3. look in /etc/hosts.allow (any entries? good)
  4. iptables-save > ~/fwrules
  5. vi fwrules
  6. copy the –dport 22 line and paste a new one above the -j REJECT lines (vi commands: yy and P)
  7. change the 22 to 6666 (vi commands: x for delete, R for replace mode. :wq! to save and quit)
  8. iptables-restore < ~/fwrules
  9. /etc/init.d/sshd restart

If you want you can hit: iptables -L or iptables-save.
These will also show the current iptables rules.
See ip6tables for IPv6 rules.

Now the port is running on another non-standard port (you could set it to whatever you want, as long as it’s lower then 65536 and preferably higher than 1024). This might be good for security reasons. You could still have port 22 open for access from your internal network (see adding a -s ip.add.r.ess on the row in the iptables rules) and the other one accessible from the internet or maybe even a specific network / address on the internet for even more security.

Script To Check For an Update on a Web Page

Hey!

This is used for me on my Linux workstation to get a notification if there is a new spotify release whenever I open a new terminal.. It would be applicable for other (probably also simple) pages that aren’t updated frequently.

Reason: http://repository.spotify.com/pool/non-free/s/spotify/

I wanted to see if there was a new spotify release for Linux/QT.

Method: The URL is above – but what if I do not want to go there every day and get disappointed?

Way nicer to have a script do it for me.

This script saves the index.html from the URL above of each day.

Then each day when it downloads the .html it checks if it’s different from yesterday.

This has its limitations, if there is an update in the weekend I will never know.

The script should check the last x amount of days and if any of them are different from today it should tell me. The script checks if any of the files are different from today, if so, it will write something into another file. The script then checks if this file is non-empty, if it has data in it, it will write to this other file that. Tada. :p

If it is, then it will write to a file that is referenced in $HOME/.bashrc.

The layout of the blog doesn’t like really long lines in <pre>, but you can select below and only get the post (and not the stuff on the right side).

spot_check.sh:

#!/bin/sh

dat1=$(date +%Y.%m.%d)
daty=$(perl -MPOSIX=strftime -le 'print strftime "%Y.%m.%d",localtime (time - 86400)')
dat2=$(perl -MPOSIX=strftime -le 'print strftime "%Y.%m.%d",localtime (time - 172800)')
dat3=$(perl -MPOSIX=strftime -le 'print strftime "%Y.%m.%d",localtime (time - 259200)')
dat4=$(perl -MPOSIX=strftime -le 'print strftime "%Y.%m.%d",localtime (time - 345600)')
dat5=$(perl -MPOSIX=strftime -le 'print strftime "%Y.%m.%d",localtime (time - 432000)')

path="$HOME/Downloads/Spotify/saved"
out="$HOME/Downloads/Spotify/diff.log"
bout="$HOME/.spotcheck"
wget -q http://repository.spotify.com/pool/non-free/s/spotify/ -O $path/$dat1.html

diff -q $path/$dat1.html $path/$daty.html > $out
diff -q $path/$dat1.html $path/$dat2.html >> $out
diff -q $path/$dat1.html $path/$dat3.html >> $out
diff -q $path/$dat1.html $path/$dat4.html >> $out
diff -q $path/$dat1.html $path/$dat5.html >> $out

if [[ -s $out ]] ; then
echo $out "is not empty";
echo "#!/bin/sh" > $bout;
echo "echo new spotify release" >> $bout;
chmod +x $bout;
else
echo $out "is empty";
echo "No new spotify release.";
rm $bout;
fi;

Crontab (daily at 0915):

15 09 * * * /bin/bash /home/username/Downloads/Spotify/spot_check.sh 2>&1

.bashrc:

if [ -f ~/.spotcheck ]; then
cd $HOME
./.spotcheck
fi

Ubuntu 11.04 Natty

Time for another ‘do-release-upgrade’!

This took away dwm-tools and suckless-tools (amonger other stuff). This means that META+p does not work anymore. So you cannot start any apps. Just install them again with ‘sudo apt-get install dwm’ and you’re good to go. Don’t even need to restart anything.

Found this cool command to check what release you’re on: lsb_release -d -s -c.

Maybe this only works on Ubuntu?

BCFP 16G Beta – I passed!

In a moment of frustration/impatience I posted on ‘Brocade Certified’ that it was still 3 weeks until the results are posted. Good boss of training Joe Cannata replied that I could e-mail him and get the results before. I did, and I passed! Most excellent and kind of them to do that! So nice to not have to wait the extra three weeks until it’s entered/updated in the Pearson Vue system. What kind of name is that anyway? Pearson Vue? Latin? Turns out no.

VUE stands for: Virtual University Enterprises
Pearson is just from somebody’s name.

Maybe there’s another meaning behind the name Pearson (besides son of pear).

Back to the subject, how nice was it to find out that I passed? The first few days / week after the exam I was really aching to find out. Then I pretty quickly forgot about it. It wasn’t until maybe a month and a half later that I thought, cmooon why is this so slow! All in all it feels pretty awesome to have the certificate! It took a pretty heavy amount of studying. I think maybe now I got the courage to go for the designer one as well!

How-To : Update Spotify on RHEL6 x64 native client

See the post for how to install spotify on a Linux Client (RHEL 6 x64 in my case).

This post is for how to upgrade.

2012-02-01: Updated, added –nodeps to the rpm upgrade.
2013-01-08: This has been confirmed to work with spotify-0.8.8, updated typo in symlink part.

Why? http://repository.spotify.com/pool/non-free/s/spotify/spotify-client-qt_0.6.1.309.gb871a7d-1_amd64.deb is out!

Is available. Maybe right-click works?? =)

  1. Get the .deb into a place where you can run the program ‘alien’. I have ubuntu in a virtual machine so fired that up, downloaded the .deb
  2. sudo alien –to-rpm spotify-client-qt_0.6.1.309.gb871a7d-1_amd64.deb
  3. e-mailed spotify-client-qt-0.6.1.309.gb871a7d-2.x86_64.rpm to myself
  4. save the .rpm, close spotify,  and hit:
  5. sudo rpm -Uvh spotify-client-qt-0.6.1.309.gb871a7d-2.x86_64.rpm
  6. this failed, it needed

error: Failed dependencies:
libcrypto.so.0.9.8()(64bit) is needed by spotify-client-qt-0.6.1.309.gb871a7d-2.x86_64
libcrypto.so.0.9.8(OPENSSL_0.9.8)(64bit) is needed by spotify-client-qt-0.6.1.309.gb871a7d-2.x86_64
libssl.so.0.9.8()(64bit) is needed by spotify-client-qt-0.6.1.309.gb871a7d-2.x86_64
libssl.so.0.9.8(OPENSSL_0.9.8)(64bit) is needed by spotify-client-qt-0.6.1.309.gb871a7d-2.x86_64

A forum post with some more details about this.

whereis spotify ldd /usr/bin/spotify gives me: libssl.so.10 0> /usr/lib64/libssl.so.10 libcrypto.so.10 0> /usr/lib64/libcrypto.so.10


hit:


cd /usr/lib64 
sudo ln -s libcrypto.so.10 libcrypto.so.0.9.8
sudo ln -s libssl.so.10 libssl.so.0.9.8

If still no go, some advise to rename/delete ~/.config/spotify and ~/.cache/spotify

If neither of the above still works, run

 

rpm -Uvh --nodeps spotify-client-qt-0.6.6.10.gbd39032.58-2.x86_64.rpm

It’s now possible to right-click on playlists! Also to click on ‘File’ works! Woop!

Right-click on artist worked a few times. Then after a while it stopped working. AGREGHA!!#45

(still crashes with Spotify 0.6.6.10)

I would guess that the problem lies with qt or webkit.

Sharing works though. It sucks a bit to not be able to add files to playlists. But clicking the star works so you can find the songs you don’t want to forget in there.
Scrobble/last.fm also works. Cannot select top list for another country.

Install Scientific Linux 6 in VMWare Workstation

Time for some more Linux testing.

The reason for this is because I think I will go ahead and try to study for the RHCSA – Red Hat Certified System Administrator. Work might send me to a course in December, probably wise to play around with it before this.

So here we go.

Scientific Linux (SL) is a free clone of Red Hat Enterprise Linux (RHEL). Historically it’s been updated faster than CentOS. It’s same as Enterprise Linux (EL) – it’s re-compiled from source.

New VM, \SL-61-x86_64-2011-07-27-Install-DVD.iso, RHEL6 64-bit. 1 Core, 2G RAM, NAT, LSI Logic, New virtual disk, SCSI, 20G. Then boot the VM.

SL.org has this in pictures.

First thing you see is the Grub menu:

  1. Install or Upgrade
  2. Install with basic video driver
  3. Rescue
  4. Boot from local drive
  5. Memtest (I like that memtest is pretty standard now)

Chose 1. Next screen is a graphical interface where you click and write, so you need keyboard/mouse. Next screen asks if you want local disks or external storage (fc, iSCSI, or zFCP – for system Z). Hostname: SL1.localdomain.

Create disks. Custom/full size. xfs/encryption/lvm cannot be used for boot volumes.

Role: Virtual Host (I want to try KVM). Enabling SL 6.1 and SL 6.1 Security Updates repositories.

Pinging to something on the Intertubes work from the start.

More posts coming with more fun stuff :)