Latest Posts

SELinux

Submitted by bobbitt on Tue, 08/27/2013 - 13:43

Getting SELinux working can be tough. Here are some commands I found useful.

Is SELinux enabled?

sestatus

Disable SELinux without reboot (and only until the next reboot):

setenforce Permissive

Disable SELinux persistent:

vi /etc/sysconfig/selinux SELinux=disabled

Show the security context of a file:

ls -lZ

Copy the context from one file to another:

chcon --reference=<source> <destination>

Tags:

SQL Command Reference

Submitted by bobbitt on Tue, 08/27/2013 - 13:50

Deactivate all inactive users in the last year:

UPDATE `smf_members` SET `is_activated` = 0, `validation_code` = `dateRegistered` WHERE (UNIX_TIMESTAMP() - `lastLogin`) / 86400 >= 365 AND (UNIX_TIMESTAMP() - `dateRegistered`) / 86400 >= 365;

Search and replace text in the "body" field (note that it must be updated in 2 places):

UPDATE smf_messages SET body = replace(body,'OLD','NEW');

Append a value to a field, if it's not already present:

Tags:

sql

Linux Package Management Commands

Submitted by bobbitt on Tue, 08/27/2013 - 13:40

Yes, some distros still use rpm.

Extract files from an RPM:

rpm2cpio filename.rpm | cpio -idv

Unpack an RPM into /tmp/deleteme without installing it:

rpm -ivh -root /tmp/deleteme --nodeps --noscripts package.rpm

Install

rpm -ivh

Upgrade (use this except for kernels)

rpm -Uvh

Find out what's installed

rpm -qa

See which package a file belongs to

rpm -qf

List files provided by a package

Tags:

Read more about Linux Package Management Commands
bobbitt's blog
Log in to post comments

The Joy of OpenSSL

Submitted by bobbitt on Tue, 08/27/2013 - 14:35

Get into the correct directory:
cd /etc/pki/tls/certs

Generate key
openssl genrsa -des3 -out mike.key 4096 chmod 600 mike.key

Generate signing request
openssl req -new -key mike.key -out mike.csr chmod 600 mike.csr

Get the CA to sign the request
openssl x509 -req -days 10000 -in mike.csr -out mike.cert \ -CA /etc/pki/tls/certs/army.ca/Army.ca_CA.cer \ -CAkey /etc/pki/tls/certs/army.ca/Army.ca_CA.key -CAcreateserial

Tags:

Wireshark and tcpdump

Submitted by bobbitt on Tue, 08/27/2013 - 14:49

Wireshark and tcpdump are extremely powerful network troubleshooting tools. Here are some command examples that may be useful.

Tags:

network

Kids Quotes

Submitted by bobbitt on Tue, 08/27/2013 - 14:54

...because sometimes kids say the darndest things.

Sarah

Age 1-2

"Look at all the STUFF!" (Said to Annette, while she was getting in the shower.)
- 1998

"Holy Jesus, it's beautiful!" (Said about a newly added Christmas decoration.)
- December 1999

Age 3

"Daddy knows all about cheese in my hand." (Said to DJ when I went to get Sarah a cheese slice.)
- July 2000

Tags:

humour

How to check for an open relay

Submitted by bobbitt on Tue, 08/27/2013 - 14:51

To see if yourserver.com is an open relay, you can run through the following sequence on any box that has a telnet client:

telnet yourserver.com 25 HELO myserver.ca MAIL FROM: RCPT TO: DATA From: "Relay Test" To: Mike Subject: Open Relay Test This is a relay test. A properly configured mail server should decline to relay this message. . QUIT

Tags:

mail

Read more about How to check for an open relay
bobbitt's blog
Log in to post comments

Using a Linux Webcam

Submitted by bobbitt on Tue, 08/27/2013 - 14:46

It's actually surprisingly easy. Install fswebcam (preferably via RPM) and then run this command:

/usr/bin/fswebcam --quiet --background --loop 120 --skip 40 \ --timestamp "%d-%m-%Y %H:%M:%S (%Z)" --png --palette png \ --font /usr/share/fonts/liberation/LiberationMono-Regular.ttf \ --resolution 640x480 --info "The Bobbitt Family" --top-banner \ --save /var/www/webcam/webcam.png

Tags: