 | Lars Fosdal on Security alarm provider Woonve… |
 | Thomas Mueller on Question got closed in May 202… |
 | Thaddy de Koning on Formulier voor bewindvoerders… |
| Thaddy de Koning on Formulier voor bewindvoerders… |
| Thaddy de Koning on Formulier voor bewindvoerders… |
Posted by jpluimers on 2017/02/17
Getting monit to run on opensuse isn’t a feat.
I might try again one day with these links:
–jeroen
Posted in *nix, Linux, openSuSE, Power User, SuSE Linux, Tumbleweed | Leave a Comment »
Posted by jpluimers on 2017/01/31
pi-hole – A black hole for Internet advertisements (designed for Raspberry Pi)
Works on most Debian distributions as well. Hopefully on opensuse one day as well.
Source: pi-hole/pi-hole: A black hole for Internet advertisements (designed for Raspberry Pi)
Not exactly the nicest way of installing though:
curl -L install.pi-hole.net | bash
Source: Pi-Hole: A Black Hole For Internet Advertisements
Source: In the past year, a similar threat has begun to emerge on mobile devices:…
Note that any ad-block mechanism needs curation to white/black list some stuff. But: who does that and who watches the curators?
via:
Some more links for when you get this going:
As all raspbian hosts advertise their hostname as raspberrypi it is confusing to set them apart, so I changed the hostname in these files:
/etc/hostname
/etc/hosts
/etc/wicd/wired-settings.conf
/etc/wicd/wireless-settings.conf
Then rebooted (probably could have done sudo /etc/init.d/hostname.sh) to force the new hostname to be used everywhere.
Note that pi-hole by default converts the DHCP assigned address on eth0 to a static one. This makes it harder to use pi-hole in these situations:
To get going I:
wlan0 in the ifconfig listwicd-curses to work: it would only detect half of the WiFi networks that iwlist wlan0 scan detects.sudo iwlist wlan0 scan | grep ESSID scan to get a list of networks and their (E)SSID names/etc/wpa_supplicant/wpa_supplicant.conf and correct the value for ssid to the ESSID (keep the double quotes around it) and psk to the password for that ESSID (also keep the double quotes around it)sudo ifdown wlan0 and sudo fup wlan0 to force a WiFi connection refreshifconfig for wlan0
network={
ssid="The_ESSID_from_earlier"
psk="Your_wifi_password"
}
–jeroen
Posted in *nix, bash, Development, Linux, openSuSE, Power User, Scripting, Software Development, SuSE Linux, Tumbleweed | 1 Comment »
Posted by jpluimers on 2017/01/27
Am I the only one who thinks Apache logging configuration is a mess? Especially when you look at the templates shipping with various *nix distros?
Files like vhost-ssl.template and vhost.template using different ways of logging for the same thing make me cringe. This apart from ordering of configuration between the files being different, some lines doing tab-indent and others doing space-indent and non-matching spaces-per-tab settings between the files.
The apache wiki examples have different issues.
How can you expect mere mortals getting vhost configuration right when the provided templates are so bad?
Given the move towards SSL/TLS, mortals like me won’t easily get it right either.
A few things I think that should be done:
–jeroen
Posted in *nix, Apache2, Linux, openSuSE, Power User, SuSE Linux | Leave a Comment »
Posted by jpluimers on 2017/01/24
The Let’s Encrypt certbot (formerly letsencrypt) had some trouble on my machinery.
When trying to test if Apache default default · Issue #3307 · certbot/certbot and opensuse Tumbleweed: Each time I run certbot, a line with Listen 443 gets added to /etc/apache2/httpd.conf · Issue #3364 · certbot/certbot were fixed, I had to run certbot directly using specific github branches.
Normally certbot queries https://pypi.python.org/pypi/certbot/json to install the latest sanctioned version of itself. Which means this won’t work to run the version from github:
git clone https://github.com/certbot/certbot.git cd certbot ./cerbot-auto <<command-line-parameters>>
But the below does:
git clone https://github.com/certbot/certbot.git cd certbot git checkout -b <<branch-name>> ./letsencrypt-auto-source/letsencrypt-auto --os-packages-only ./tools/venv.sh source venv/bin/activate cerbot <<command-line-parameters>>
The last statement will run ./venv/bin/certbot but you can also hard-code that (or perform which certbot to verify the directory is on the pat).
I used it to test with this branch:
git checkout -b origin/osrelease_like
The above are basically steps to setup a virtualenv as mentioned in Developer Guide — Certbot 0.9.0.dev0 documentation.
To undo, just run this from the certbot directory:
deactivate rm -rf venv
The first statement will adjust your path and the second get rid of the virtual environment including all packages that were downloaded in it.
If you forgot to remove the venv directory, there might be old versions hanging around named like venv.1470590779.bak where the number in the middle is the number of seconds since unix epoch (1970-01-01 00:00:00 UTC) which you might want to remove as well.
Inside the venv environment you can use all kinds of Python tools, for instance:
pip install ipdb after which you can add import ipdb;ipdb.set_trace() to any source line to break right into the Python debugger. There, it will drop you into debug console, which is pretty much fully fledged Python interpreter.pip freeze to show all installed Python packages.While testing, you can use the --test-cert or --staging command-line-options to use the Let’s Encrypt staging-environment this prevent running into the live environment rate limits (the main ones at time of writing are a Duplicate Certificate limit of 5 certificates per week and a Certificates per Registered Domain limit of 20 per week, whichever limit is lower).
–jeroen
Posted in *nix, Encryption, Let's Encrypt (letsencrypt/certbot), Linux, openSuSE, Power User, Security, SuSE Linux | Leave a Comment »
Posted by jpluimers on 2017/01/20
For my Link Archive via linux port forwarding to external ip – Google Search:
Need to look at this more closely, but it looks like you need PREROUTING, FORWARD and POSTROUTING and two NATs (DNAT and SNAT), as this graph from Port Forwarding Using iptables – SysTutorials shows:
PACKET IN
|
PREROUTING--[routing]-->--FORWARD-->--POSTROUTING-->--OUT
- nat (dst) | - filter - nat (src)
| |
| |
INPUT OUTPUT
- filter - nat (dst)
| - filter
| |
`----->-----[app]----->------'
–jeroen
Posted in *nix, *nix-tools, Internet, Internet protocol suite, iptables, Linux, openSuSE, Power User, routers, SuSE Linux, TCP | Leave a Comment »
Posted by jpluimers on 2017/01/16
journalctl is a systemd utility that allows the journal to be queried. journalctl command examples for displaying system log files on a systemd Linux system. How to enable persistent journal entries.
Source: Displaying Linux Log files with journalctl
Which reminds me I’ve quite some journald research to do, so here are some links for my link archive:
–jeroen
via:
Posted in *nix, *nix-tools, journalctl and journald, Linux, openSuSE, Power User, SuSE Linux | Leave a Comment »
Posted by jpluimers on 2017/01/10
Getting the local IP (actually IPs, but most hosts only have a single IP):
# OS X:
alias whatismylocalip='ifconfig | sed -En '\''s/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p'\'''
# Linux:
alias whatismylocalip='ip a | sed -En '\''s/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p'\'''
I got them via bash – How to I get the primary IP address of the local machine on Linux and OS X? – Stack Overflow
Mac OS X and BSD have ifconfig, but most Linux distributions don’t use ifconfig any more in favour of iproute2, so you use ip a (which is shorthand for ip address show) there.
Their output is similar enough for the sed to work, though. Which surprised be because I didn’t know about the -E option (it lacks in the manual Linux page but it is in the Mac OS X one) which enables POSIX extended regular expressions. In Linux this is documented as -r, but -E also works.
I learned this through the Sed – An Introduction and Tutorial which compares the various versions of sed which also explains about the -n doing no printing.
–jeroen
Posted in *nix, *nix-tools, Apple, bash, bash, Development, Linux, Mac, Mac OS X / OS X / MacOS, Mac OS X 10.4 Tiger, Mac OS X 10.5 Leopard, Mac OS X 10.6 Snow Leopard, Mac OS X 10.7 Lion, MacBook, MacBook Retina, MacBook-Air, MacBook-Pro, MacMini, openSuSE, OS X 10.10 Yosemite, OS X 10.8 Mountain Lion, OS X 10.9 Mavericks, Power User, Scripting, Software Development, SuSE Linux, Tumbleweed | Leave a Comment »
Posted by jpluimers on 2016/12/13
Reminder to self: Fix #220 feature SKIP_FIRMWARE by jpluimers · Pull Request #221 · Hexxeh/rpi-update
It’s bash. How hard can it be.
(no that was a rhetorical question).
–jeroen
Posted in *nix, *nix-tools, Debian, Development, Hardware Development, Linux, openSuSE, Power User, Raspberry Pi, Raspbian, SuSE Linux, Tumbleweed | Leave a Comment »
Posted by jpluimers on 2016/12/05
Quick look at commands that can be used to gather hardware information such as cpu, disks, memory, partition, peripherals etc on Linux OS based systems
Source: 18 Useful Commands to Get Hardware Information on Linux – Linuxslaves
Covered commands (the article has no index and the headings in it don’t have an id tag, so I linked them to other relevant URLs if I could find them):
via:
–jeroen
Posted in *nix, *nix-tools, Linux, openSuSE, Power User, RedHat, SuSE Linux, Tumbleweed, Ubuntu | 2 Comments »
Posted by jpluimers on 2016/11/25
I got a bit lost in the woods of implicit URLs between various places.
All I wanted is to install software.opensuse.org: Install package server:monitoring / lnav preferably from the link http://software.opensuse.org/ymp/server:monitoring/openSUSE_Tumbleweed/lnav.ymp
It’s the OpenSuSE package for The Log File Navigator which I found based on the recommendation “The Log File Navigator – Joe C. Hecht – Google+“.
The package was in a non-standard repository “server:monitoring”, but shortening the package link doesn’t get you there:
These do however (thanks tacit):
From both, it’s just a couple of clicks away to the lnav packages:
Zypper doesn’t allow you to install one-click install ymp links like http://software.opensuse.org/ymp/server:monitoring/openSUSE_Tumbleweed/lnav.ymp
But OCICLI (one-click install CLI) does. And yes, unlike most console commands IT’S IN UPPERCASE. You can use it like this (note the warning):
OCICLI http://software.opensuse.org/ymp/server:monitoring/openSUSE_Tumbleweed/lnav.ymp
OCICLI is fully compatible with zypper as OCICLI uses YaST and libzypp as underlying technology and zypper uses libzypp.
The yml files are metadata offering to add one or more repositories and install one or more packets or patterns. OCICLI automates that process.
Another option is to manually add the repository using zypper, then install lnav from zypper. There is no URL to this (again; are these the virtues of Web 2.0?) you have to click a few times:
openSUSEAdd repository and install manuallyopenSUSE Tumbleweed, look for this code
zypper addrepo http://download.opensuse.org/repositories/server:monitoring/openSUSE_Tumbleweed/server:monitoring.repo
zypper refresh
zypper install lnav
As currently there is a bug in OCICLI, it will show a warning: Warning: unable to close filehandle properly: Bad file descriptor, <STDIN> line 7 during global destruction (#1) which I reported:
Posted in *nix, Linux, openSuSE, Power User, SuSE Linux, Tumbleweed | Leave a Comment »
The Wiert Corner - irregular stream of stuff 