nyxi

Notepad about Linux stuff mostly.

Compiling Mpv in Wheezy 2014

Today I noticed that the guys over at mpv have changed the build process a bit, so here are updated instructions on how to compile mpv in Debian Wheezy.

Encrypted Laptop

A quick walkthrough on how to set up a laptop with a encrypted root filesystem.

Disk: /dev/sdc
/dev/sdc1 - Boot partition
/dev/sdc2 - Root filesystem

The rsync part is just me cloning my current root filesystem, feel free to skip it :)

1
2
3
4
5
6
7
8
mkfs.ext3 /dev/sdc1
cryptsetup -c aes-xts-plain64 -s 512 -h sha512 luksFormat /dev/sdc2
cryptsetup luksOpen /dev/sdc2 usbroot
mkfs.ext4 /dev/mapper/usbroot
mount /dev/mapper/usbroot /mnt/crypt
rsync -aAXv /* /mnt/crypt --exclude={/dev/*,/boot/*,/proc/*,/sys/*,/tmp/*,/run/*,/mnt/*,/media/*,/lost+found}
mount /dev/sdc1 /mnt/crypt/boot
cp -a /boot/* /mnt/boot/

Next we need to chroot into the system, update /etc/fstab, /etc/crypttab, reconfigure grub and rebuild the initrd image.

1
2
3
4
5
6
7
8
9
10
11
12
13
mount --bind /proc/ /mnt/crypt/proc
mount --bind /sys/ /mnt/crypt/sys
mount --bind /dev/ /mnt/crypt/dev
mount /dev/sdc1 /mnt/crypt/boot
chroot /mnt/crypt
echo "usbroot UUID=<the_UUID_of_/dev/sdc2> none luks" >> etc/crypttab
# Add the mounts to etc/fstab, use the UUID for the boot partition
# and /dev/mapper/usbroot for the encrypted root file system
update-initramfs -u
dpkg-reconfigure grub-pc # No need to change anything except installing to /dev/sdc
exit # Get out of chroot
umount /mnt/crypt/{proc,sys,dev,boot}
umount /mnt/crypt

Script to Remove Large Dirs

A simple bash script looking for large subdirectories in a given directory and removes them:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
#!/bin/bash

DIRTOCLEAN="/sas_temp/saswork"
LISTFILE="$(mktemp)"
MAXSIZE="150" #In gigabytes

cd $DIRTOCLEAN
du -s * > "$LISTFILE"
while read LINE; do
        SIZE="$(echo $LINE | sed 's/ .*//g')"
        if [ "$SIZE" -gt "$((MAXSIZE*1048576))" ]; then
                rm -Rf "$(echo $LINE | sed 's/^.* //g')"
        fi
done < "$LISTFILE"

Nginx uWSGI Puppetmaster

In this post I will show how to serve your Puppetmaster with nginx through uWSGI which will give you a Puppetmaster capable of handling many more nodes than when running on Ruby’s builtin webserver. This guide assumes you already have a Puppetmaster to work with.

Alternative to Parallel-ssh

If you found the previous article about using parallel-ssh without keys a bit messy or just want an alternative, have a look at Ansible.

While Ansible is a complete configuration management tool it can also be used for smaller tasks:

1
ansible all -i hosts -k -a "grep SSHD_OPTS /etc/default/ssh"
  • all means we don’t do any particular matching for hosts in the hosts file
  • -i specifies in what file we have the list of hosts to connect to
  • -k tells ansible we want to enter our SSH password (not use keys)
  • -a what command to execute

Which will return for instance:

1
2
3
4
5
6
SSH password: 
server1 | success | rc=0 >>
SSHD_OPTS=

server2 | success | rc=0 >>
SSHD_OPTS=

And if you need to sudo to do something as root just add the -K flag.

Scripts to Delete Log Files

Here are two shell scripts to run as cronjobs to clean out old log files or other files/directories.

  • First script keep the X most recent logs and deletes the rest
  • Second script deletes all logs older than X days

Parallel-ssh and Sudo Without Keys

So for some reason you have multiple machines to manage but don’t have SSH-keys on them. It’s still possible to use parallel-ssh and sudo without having to enter any passwords. Create a file with your password in it (suggest you remove the file as soon as you are done). Then install parallel-ssh and sshpass:

1
apt-get install sshpass pssh

Use the programs like this:

1
sshpass -f ~/tmppass parallel-ssh -I -A -h hostsfile "sudo -S yum upgrade -y" < ~/tmppass

tmppass is your password file. For parallel-ssh, -I reads from input and -A asks for password. And for sudo, -S reads the password from stdin.

You might also want to disable StrictHostKeyChecking:

1
sshpass -f ~/tmppass parallel-ssh -x "StrictHostKeyChecking=no" -I -A -h hostsfile "sudo -S yum upgrade -y" < ~/tmppass

Creating .deb Packages From Source

Debian is pretty awesome, but sometimes you want newer versions of software than available in the official repositories. It’s often fairly simple compiling and installing from source code, but what if you want to install the new version on multiple machines? Or just like having a proper .deb package available?