Featured »

April 17, 2019 – 4:51 pm

Just a quick collection of notes on – rather than a definitive guide to – setting up an SSH chroot jail on RHEL 6. The same should work on RHEL 7 and unrelated flavors. For …

Read the full story »
Networking

Unix and Linux network configuration. Multiple network interfaces. Bridged NICs. High-availability network configurations.

Applications

Reviews of latest Unix and Linux software. Helpful tips for application support admins. Automating application support.

Data

Disk partitioning, filesystems, directories, and files. Volume management, logical volumes, HA filesystems. Backups and disaster recovery.

Monitoring

Distributed server monitoring. Server performance and capacity planning. Monitoring applications, network status and user activity.

Commands & Shells

Cool Unix shell commands and options. Command-line tools and application. Things every Unix sysadmin needs to know.

Home » Archive by Category

Articles in Data

Creating a Chroot Jail for SSH Access

April 17, 2019 – 4:51 pm
Photo-2019-03-25-16-55-55_2462

Just a quick collection of notes on – rather than a definitive guide to – setting up an SSH chroot jail on RHEL 6. The same should work on RHEL 7 and unrelated flavors. For …

The Unix Oriental

April 14, 2019 – 4:16 pm
17516F9C-988D-4D42-A460-6E4D9C9F5A27s

Placed quite appropriately in the “Security” category – my favorite Oriental cocktail recipe. Distinguishing it from the classic preparation, are absence of sweet vermouth and lime juice, as well as addition of just a couple …

Encrypting Log Data During Log Rotation

April 9, 2019 – 4:12 pm
zbndpnm52bwk2uvwwyu9uomvglc

Most log files do not contain personally-identifiable information or other sensitive data. And even if they do, encryption of all personal data is not mandatory under GDPR. Still, on occasion, for testing and troubleshooting purposes …

Late Night Rant: Facebook

March 25, 2019 – 4:15 pm
Photo-2019-03-23-01-15-56_2459

According to media reports, since 2012, millions of Facebook and Instagram logins and plaintext passwords have been sitting on some internal Facebook system, accessible by  thousands of the company’s employees.

File Compression Testing

January 27, 2019 – 5:29 pm
IMG_2308

For some reason I haven’t used zip much on Linux, sticking to the standard tar/gzip combo. But zip seems to be a viable alternative. While not as space-efficient, it is definitely faster; syntax is simple; …

Killing Process Network Access

January 27, 2019 – 4:45 pm
IMG_1941[1]

Imagine this scenario: a particular process on your server is connecting to a host outside your internal network and you don’t like that. On the other hand, you can’t just kill that process because you need it.

Keeping Abreast with Filesystem Changes

January 17, 2019 – 4:39 pm
4bh5tzr851pq7wca4n9e6zus2fn[1]

The inotify is a Linux kernel sybsystem for notifying user-space applications of filesystem changes. I always thought this exceptionally handy utility was under-appreciated or at least underutilized.

The Facebook Fracas

January 9, 2019 – 4:48 pm
gaabtjyr7kjlsqt1dsziphakwvj[1]

The Facebook privacy saga is getting ridiculous. You’re using a free service that you signed up for – nobody was holding a gun to your giant head. And it’s not Gulag either: just delete your profile, uninstall the damned app, and forget Facebook ever existed.

Find Large Folders

January 9, 2019 – 4:37 pm
7ddwbuyj227hyhwysjt7kn7zm27

When you get a filesystem space alert (and they tend to arrive at 3:37 on Saturday morning), deleting various supersized log files is one option I already covered in adequate detail. That is if you get so lucky as to find such a file to delete…

The Future of Spaghetti Code

August 18, 2018 – 4:20 pm
1e20vsjj1f8fdkoabte0pgza4sb

In his new book “The Future of Work: Robotics, AI, and Automation”1, Darrell West of the Brookings Institution makes some very extravagant predictions. Here’s a short but entirely sufficient summary from the book’s presentation by …

Document Conversion with Unoconv

August 4, 2018 – 4:08 pm
ygtzk148sim2j4mgau6mkc2uur7

The other day I ran into the “Flexible Import/Export” article by Bruce Byfield in the March 2018 issue of Linux Pro Magazine and thought it could use some more detail. So here’s some more detail.

Obfuscating Shell Scripts

August 1, 2018 – 4:04 pm
dd1gh0yb7yzbkvf8cyjpd4j2adq

Unix shell scripting language is run by the command-line interpreter and, as such, can be read and understood by anyone with sufficient access and experience. Sometimes this is not a good thing. Sometimes you want …

Raspbian ‘partitions on different devices’ Error

July 30, 2018 – 3:59 pm
oiuwoiuoiunoiune

After downloading a Raspbian image and writing it to an SD card, you get the following error when trying to boot the Pi: “Could not expand filesystem, please try raspi-config or rc_gui. Boot and root …

Encrypted Volumes and Portable Apps

February 25, 2018 – 3:08 pm
vault safe

This is a description of an uncomplicated setup for an encrypted volume and portable applications for a Windows laptop consisting of a USB3 storage device, VeraCrypt OSS OTFE, a hardware password wallet, and portableapps.com software.

Detect SSL Certificate Injection

February 21, 2018 – 3:05 pm
spy

When the SSL Digital Certificate is intercepted and replaced by a device between your browser and the Web site, we call it certificate injection. This method is more commonly used not by hackers, but by …

Find Large Files

February 17, 2018 – 3:21 pm
elephant

Every time a filesystem is running out of space and I need to find something to delete, I end up googling the syntax for the find command to make sure it stays off NFS and …

SSL For Self-Hosted WordPress

February 17, 2018 – 3:05 pm
encryption

Just some notes for setting up SSL with your self-hosted WordPress installation. Just got around to doing this the other day. Yeah, I know, about time…

Show Logged In Users During a Time Window

February 17, 2018 – 2:59 pm
clock

Let’s say you want to see who was logged in on the server during last weekend. This includes users who, say, logged in on Thursday and haven’t logged out until Saturday afternoon.

Install and Configure Etckeeper

June 23, 2017 – 8:05 am
shell_0006

Etckeeper is a handy tool that uses git to keep track of changes to anything in /etc (or any other folder you choose). It’s very simple to use and can help you quickly identify and undo stupid …

Migrating Filesystems with Active Processes

May 2, 2017 – 1:47 pm
poiwiioiw

I’ve run into an interesting challenge: I needed to migrate application data from a local filesystem to NFS without stopping the processes running in the original mountpoint. Here’s a basic overview of the process. This …

Rsync Time Backup

December 22, 2016 – 3:46 pm
dlt tape backup

This is a simple wrapper for the awesome rsync-time-backup script by Laurent Cozic. Through clever use of hard links rsync-time-backup greatly speeds up incremental backups and saves disk space.

Agedu – Finding Old Files

November 7, 2016 – 3:35 pm
filing cabinet files

I almost never delete anything (not on purpose anyway). Having said that, sometimes I do need to find old data on a server and offload it to a NAS. Agedu has been around for ages. …