Wednesday, December 24, 2014

Hot attach and hot detach network interface to kvm guest

To hot attach a network interface to a kvm guest, please follow below steps. The command we'll be using is virsh:


  1. Get to know the name of the guest, run below command on the kvm host: 
    foo@host:~$ sudo virsh list
    
     Id Name                 State
    ----------------------------------
      1 kvm-guest running
  2. Check whether module acpiphp is loaded on the guest: 
    foo@guest:~$ sudo lsmod | grep -i acpiphp
    
  3. If yes, proceed to step 4. If no, run below command:
    foo@guest:~$ sudo modprobe acpiphp
  4. Hot attach the network interface:
    foo@host:~$ sudo virsh attach-interface kvm-guest network --model virtio --persistent
    Interface attached successfully
  5. Run dmesg on guest to verify that the interface has been attached successfully:
    foo@guest:~$ dmesg | tail 
    [38613567.591261] virtio-pci 0000:00:04.0: using default PCI settings
    [38613567.591283] pci 0000:00:05.0: no hotplug settings from platform
    [38613567.591285] pci 0000:00:05.0: using default PCI settings
    [38613567.591741] virtio-pci 0000:00:05.0: enabling device (0000 -> 0003)
    [38613567.593361] ACPI: PCI Interrupt Link [LNKA] enabled at IRQ 10
    [38613567.601486] virtio-pci 0000:00:05.0: PCI INT A -> Link[LNKA] -> GSI 10 (level, high) -> IRQ 10
    [38613567.601524] virtio-pci 0000:00:05.0: setting latency timer to 64
    [38613567.602328] virtio-pci 0000:00:05.0: irq 43 for MSI/MSI-X
    [38613567.602343] virtio-pci 0000:00:05.0: irq 44 for MSI/MSI-X
    [38613567.602357] virtio-pci 0000:00:05.0: irq 45 for MSI/MSI-X
  6. Set ipaddress for the new interface:
    foo@guest:~$ sudo touch /etc/sysconfig/network-scripts/ifcfg-eth1; sudo echo -e "DEVICE=eth1\nONBOOT=yes\nTYPE=Ethernet\nBOOTPROTO=static\nIPADDR=10.0.0.8\nNETMASK=255.255.255.0" > /etc/sysconfig/ifcfg-eth1
  7. Bring up the interface:
    foo@guest:~$ sudo ifup eth1
  8. Check the interface:
    foo@guest:~$ ifconfig eth1
    eth1      Link encap:Ethernet  HWaddr 52:54:00:D7:10:04
              inet addr:10.0.0.8  Bcast:10.0.0.255  Mask:255.255.255.0
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:178767965 errors:0 dropped:0 overruns:0 frame:0
              TX packets:58477452 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:11949338417 (11.1 GiB)  TX bytes:498944480375 (464.6 GiB)
Done.

For hot detaching, the command in virsh is detach-interface, please follow below steps to detach the newly added interface in the above instruction:

  1. Bring down the interface in the guest:
    foo@guest:~$ sudo ifdown eth1
  2. Delete the interface config file:
    foo@guest:~$ sudo rm /etc/sysconfig/network-scripts/ifcfg-eth1
  3. Detach the network interface in host:
    foo@host:~$ sudo detach-interface kvm-guest type network --mac 52:54:00:D7:10:04
  4. Verify that the network has been removed, by running the dumpxml command, pipe to less, and search for interface:
    foo@host:~$ sudo virsh dumpxml kvm-guest | less
Done.

Hope you all will gain benefit from this post.

Wednesday, December 10, 2014

Creating a persistent live cd (ubuntu or linux mint) using a loopback file

This technique will require the use of the live cd, and a usb stick, as a vessel for the persistent file. Two requirements: the partition of the live cd must be in a format that can be mounted automatically, for example: vfat, ext3 or ext4 and the loopback file must be in the root of the partition

  1. Boot your machine using live cd
  2. Once boot up, insert your usb stick
  3. Check whether your usb stick is already mounted
    $ df -lh
    Filesystem      Size  Used Avail Use% Mounted on
    /cow            3.9G   59M  3.9G   2% /
    udev            3.9G  4.0K  3.9G   1% /dev
    tmpfs           798M  1.4M  796M   1% /run
    /dev/sr0        1.2G  1.2G     0 100% /cdrom
    /dev/loop0      1.2G  1.2G     0 100% /rofs
    none            4.0K     0  4.0K   0% /sys/fs/cgroup
    tmpfs           3.9G   24K  3.9G   1% /tmp
    none            5.0M     0  5.0M   0% /run/lock
    none            3.9G  700K  3.9G   1% /run/shm
    none            100M   12K  100M   1% /run/user
    /dev/sdb1         8G    1G    7G  12% /media/mint/backup 
  4. In this case, your usb stick is already mounted to /media/mint/backup
  5. Create a 1GB loopback file (or whatever size you desire)
    $ dd if=/dev/zero of=/media/mint/backup/casper-rw count=1000 bs=1M
  6. Format the file as ext3:
    $ mkfs.ext3 -L casper-rw /media/mint/backup/casper-rw 
    mke2fs 1.42.9 (4-Feb-2014)
    casper-rw is not a block special device.
    Proceed anyway? (y,n) y
    Discarding device blocks: done                            
    Filesystem label=casper-rw
    OS type: Linux
    Block size=4096 (log=2)
    Fragment size=4096 (log=2)
    Stride=0 blocks, Stripe width=0 blocks
    64000 inodes, 256000 blocks
    12800 blocks (5.00%) reserved for the super user
    First data block=0
    Maximum filesystem blocks=264241152
    8 block groups
    32768 blocks per group, 32768 fragments per group
    8000 inodes per group
    Superblock backups stored on blocks: 
        32768, 98304, 163840, 229376
    
    Allocating group tables: done                            
    Writing inode tables: done                            
    Creating journal (4096 blocks): done
    Writing superblocks and filesystem accounting information: done
  7. The file is done
  8. To set your live cd to use the loopback file, after your live cd booted up, add a space followed by word "persistent" without the quotes, at the end of your kernel parameter. This can be achieved in linux mint by pressing tab in the kernel list menu, add the parameter, and enter to boot from that kernel. 
    For ubuntu, when the Live CD menu gets displayed hit the key to enter “Other Options”. This will display the arguments that the Live CD passes to the kernel. At the end of this argument list just add a space and add the word "persistent". This will instruct the Live CD to maintain and use persistence. 
  9. That's all folks, test your persistent live cd by saving a few files in your home, and restart to see whether the files survived a reboot.

Thursday, November 13, 2014

How to generate ssh rsa keys

Ssh keys are used to login into linux server securely, and it is more secure than using password. To use it, just put the public key in the server that you want to access to, and connect to that server using a machine that has your private key. To increase the security even more, you can even set passphrase for the private key during the generation process. To generate the keys:

To generate the rsa key in the client machine (usually it is your own machine), run below command:

 
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/foo/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/foo/.ssh/id_rsa.
Your public key has been saved in /home/foo/.ssh/id_rsa.pub.
The key fingerprint is:
4a:dd:0a:c6:35:4e:3f:ed:27:38:8c:74:44:4d:93:67 foo@bar
The key's randomart image is:
+--[ RSA 2048]----+
|          .oo.   |
|         .  o.E  |
|        + .  o   |
|     . = = .     |
|      = S = .    |
|     o + = +     |
|      . o + o .  |
|           . o   |
|                 |
+-----------------+

 For the location to save key, you can press Enter to save to the default location, which is /home/foo/.ssh where foo is the user we use to generate the key. id_rsa is your private key, and id_rsa.pub is your public key

$ ls .ssh/
id_rsa  id_rsa.pub

For the passphrase, you can opt to omit it, but it will reduce the security level of the key pair, since anyone who get your private key can use it to access all the servers that contain your private key. The advantage is, you can do passwordless access.

The final thing to do is to copy the public key to the servers that you want to access, and you are done.

Friday, October 31, 2014

Use apt-get through http proxy

This issue happened when one day, my lovely company decided that they want to implement a proxy server, and without me realizing, not just browser will be affected, apt-get also will be affected.

How do you know that you apt-get command encounter proxy issue, when ypu received "401 authenticationrequired" error after running your apt-get command, like below:

$ sudo apt-get update
...
W: Failed to fetch http://my.archive.ubuntu.com/ubuntu/dists/raring-updates/universe/binary-i386/Packages  401  authenticationrequired
...

How to encounter this?

Method 1 (if you have GUI)

  1. Simply open your browser, and the proxy will ask for authentication
  2. Fill up your authentication.
  3. Rerun your apt-get command

Method 2 (if you have GUI)
  1. Go to System -> preferences -> Network Proxy
  2. Under Proxy Configuration, put in you proxy details
  3. Rerun apt-get

Method 3 (without GUI) - temporary proxy session
  1. export the http_proxy environment variable using this command:
    $ sudo export http_proxy='http://myusername:mypassword@myproxyaddress:myproxyport'
  2. Rerun apt-get

Method 4 (without GUI) - temporary proxy session

  1. run the apt-get command with proxy in one line:
    $ sudo bash -c 'http_proxy="http://myusername:mypassword@myproxyaddress:myproxyport/" apt-get update'

Method 5 (without GUI) - permanent proxy setting on .bashrc
  1. Put the settings into .bashrc:
    $ echo "http_proxy='http://myusername:mypassword@myproxyaddress:myproxyport'" >> .bashrc
  2. Activate the change:
    $ source .bashrc
  3. Rerun apt-get

Method 6 (without GUI) - permanent settings on apt.conf ~ need sudo
  1. Append your proxy settings to /etc/apt/apt.conf (choose your proxy, either http, https, ftp, or socks:
    $ sudo echo -e 'Acquire::http::proxy "http://myusername:mypassword@myproxyaddress:myproxyport/";\nAcquire::https::proxy "https://myusername:mypassword@myproxyaddress:myproxyport/";\nAcquire::ftp::proxy "ftp://myusername:mypassword@myproxyaddress:myproxyport/";\nAcquire::socks::proxy "socks://myusername:mypassword@myproxyaddress:myproxyport/";' >> /etc/apt/apt.conf
  2. Rerun apt

You can refer to here, on how to determine your proxy ip address and port using curl.

Friday, October 10, 2014

Using tar on the fly to efficiently transfer file over ssh (wondertar)

Have you been in the situation where you want to transfer a big file, and decided to tar it before transferring but being limited by the disk space available on the machine?

Well, worry no more as I will show you how you can do a tar on the fly while ssh'ing, to overcome that limitation.

Method 1:

ssh foo@machine-to-keep-the-data "tar czpf - /data/to/be/transferred" | tar xzpf - -C /the/data/new/place

What this command will do is to create a tar file (tar czpf), and untar it at the other side of the ssh (tar xvpf) command, where c is for create tar, z is to use gzip, p is for preserving permission, f is for file which is to be zipped, - is for stdin or stdout and x is for extract


Method 2:

tar cpf - /data/to/be/transferred | ssh foo@machine-to-keep-the-data tar xpf - -C /the/data/new/place" 

This command will tar the file, and untar it at the other end, same as above, but just different command arrangement


Method 3 (this is useful if you want to tar it. and keep it that way on the other end, without untarring it):

tar czf - -C /data/to/be/transferred | ssh foo@machine-to-keep-the-data "cat - > /the/data/new/place/backup.tar.gz"


Method 4 (add pv to the middle of the pipes to monitor the transfer speed):

sudo apt-get install pv; ssh foo@machine-to-keep-the-data "tar czpf - /data/to/be/transferred" | pv | tar xzpf - -C /the/data/new/place



That's all, hope you will find these useful.


Wednesday, September 17, 2014

How to install teamviewer 9 on ubuntu 14.04

Below are the steps:

  1. Download the installer (please download the 32 bit / 64 bit multiarch version):
    $ wget http://www.teamviewer.com/download/teamviewer_linux.deb
  2. Add i386 architecture, if you are on 64 bit ubuntu:
    $ sudo dpkg --add-architecture i386; sudo apt-get update
  3. Install teamviewer, but it will failed, because of unmet dependencies:
    $ sudo dpkg -i teamviewer_linux.deb

    Reading package lists... Done
    ...
    The following packages have unmet dependencies:
     libc6 : Breaks: libc6:i386 (!= 2.19-0ubuntu6) but 2.19-0ubuntu6.3 is to be installed
     libc6:i386 : Breaks: libc6 (!= 2.19-0ubuntu6.3) but 2.19-0ubuntu6 is to be installed
     libc6-dbg : Depends: libc6 (= 2.19-0ubuntu6.3) but 2.19-0ubuntu6 is to be installed
     libc6-dev : Depends: libc6 (= 2.19-0ubuntu6.3) but 2.19-0ubuntu6 is to be installed
     teamviewer9:i386 : Depends: libasound2:i386 but it is not going to be installed
                        Depends: libfreetype6:i386 but it is not going to be installed
                        Depends: zlib1g:i386 but it is not going to be installed
                        Depends: libsm6:i386 but it is not going to be installed
                        Depends: libxdamage1:i386 but it is not going to be installed
                        Depends: libxext6:i386 but it is not going to be installed
                        Depends: libxfixes3:i386 but it is not going to be installed
                        Depends: libxrandr2:i386 but it is not going to be installed
                        Depends: libxrender1:i386 but it is not going to be installed
                        Depends: libxtst6:i386 but it is not going to be installed
    E: Unmet dependencies. Try 'apt-get -f install' with no packages (or specify a solution).

  4. Run "apt-get install -f" to fix the dependencies:
    $ sudo apt-get install -f
    Reading package lists... Done
    Building dependency tree      
    Reading state information... Done
    Correcting dependencies... Done
    The following extra packages will be installed:
      libasound2:i386 libc6 libfreetype6:i386 libice6:i386 libpng12-0:i386
      libsm6:i386 libuuid1 libuuid1:i386 libx11-6:i386 libxau6:i386 libxcb1:i386
      libxdamage1:i386 libxdmcp6:i386 libxext6:i386 libxfixes3:i386
      libxrandr2:i386 libxrender1:i386 libxtst6:i386 zlib1g:i386
    ... 
    Setting up libc6-dbg:amd64 (2.19-0ubuntu6.3) ... 
    Processing triggers for libc-bin (2.19-0ubuntu6) ...
  5. Install teamviewer:
    $ sudo dpkg -i teamviewer_linux.deb 
    (Reading database ... 170140 files and directories currently installed.)
    Preparing to unpack teamviewer_linux.deb ...
    Unpacking teamviewer9 (9.0.32150) over (9.0.32150) ...
    Setting up teamviewer9 (9.0.32150) ...
  6. Done, now you can find teamviewer in your list of application

Wednesday, August 13, 2014

Checking installed python modules

To check the installed python modules, there are 2 ways:

  1. run help('modules') command in the python shell, as below:
    • $ python
      Python 2.6.6 (r266:84292, Sep 11 2012, 08:28:27)
      [GCC 4.4.6 20120305 (Red Hat 4.4.6-4)] on linux2
      Type "help", "copyright", "credits" or "license" for more information.
      >>> help ('modules')
      
      Please wait a moment while I gather a list of all available modules...
      
      BaseHTTPServer      cProfile            imghdr              robotparser
      Bastion             cStringIO           imp                 rpm
      CDROM               cairo               imputil             rpmUtils
  2. and if you need to filter your search, running it directly from linux shell is the best, where you can use grep as below to filter your search, where -c is the flag for running a python command
    • $ python -c "help('modules')" | grep token
      _socket             future_builtins     pipes               token
      _sqlite3            gc                  pkg_resources       tokenize
      

Thursday, July 10, 2014

How to refresh your ldap name database in an ldap client

This is useful when, you have a server that is authenticated by ldap. After you have edited something in your ldap server, let's say you have edited a gid for a user, you would find out that it won't be reflected immediately on the client side. So in this case, how would you force your client to accept your newly changed settings? The answer is you need to restart nscd (name service cache daemon):

$ getent passwd pauld

pauld:x:1987:1987:Paul Daniels:/home/pauld:/bin/bash
So after you have made your changes in the server, let's say you want to change pauld's gid to 4000, run the above command again:

$ getent passwd pauld

pauld:x:1987:1987:Paul Daniels:/home/pauld:/bin/bash

Still the changes are not being reflected there. To solve this, simply restart nscd:

$ sudo /etc/init.d/nscd restart

Stopping nscd:                                             [  OK  ]

Starting nscd:                                             [  OK  ]

You should be seeing your change is now updated in the user database:

$ getent passwd pauld

pauld:x:1987:4000:Paul Daniels:/home/pauld:/bin/bash


PS: If for some reason you are still not seeing the new data, you can invalidate the nscd database by:
$ sudo nscd --invalidate=passwd 

where passwd is the name of the table name in nscd database. You can see all available table name in /var/db/nscd 

To look into what is the content of each table, please use strings command:
$ sudo strings /var/db/nscd/passwd




Tuesday, July 1, 2014

How to install custom upstart script

To install custom upstart script, please follow below steps (in this example, I'll be using a service call cat):

  1. Copy the script into /etc/init 
  2. To make upstart distinguish the new service, run: 
    • $ initctl reload-configuration 
  3. Check whether your script is already in upstart by running:
    • $ initctl list | grep cat 
      cat stop/waiting
  4. And you are done, you can check the status of your service by running:
    • $ service cat status 
      cat stop/waiting
  5. You can also do the same with start, stop and restart
    • $ service cat start
      * Starting cat .... [OK]
    • $ service cat stop
      * Stopping cat .... [OK]
    • $ service cat restart * Restarting cat .... [OK]

Thursday, June 5, 2014

How to check which package a file belongs to in Redhat or Centos

If the package is not installed, run below commands (in this example, i use mkpasswd as an example):
$ yum whatprovides "*/mkpasswd" 
OR
$ repoquery -q --file */mkpasswd


If the package is installed:
$ rpm -qf /usr/bin/mkpaswd 

Wednesday, May 28, 2014

How to install HP PSC 1410 printer on Precise Puppy Linux 5.7.1

After some hair pulling, I managed to get this printer installed. Below are the steps that I have taken:
  1. Turn on and connect the printer to the puppy machine
  2. Install hplip using puppy package manager. Run command "ppm" on terminal, and search for hplip.
  3. Make sure all dependencies are installed
  4. Launch cups by going to http://localhost:631
  5. Go to "Administration -> Printer -> Add printer" OR "Administration -> Printer -> Find new printer"
  6. Choose the printer with connection like "usb://HP/PSC%201400%20series?serial=CN5CDC60T004BM" with hplip in the name
  7. For Driver, choose "HP PSC 1400 Series, hpcups 3.12.9 (color, 2-sided printing)"
  8. Set default settings for the newly added printer by going to "Printer -> HP PSC 1410 -> Administration -> set default option". Print settings in application does not work.
  9. You are done..... Congratulation :)

Tuesday, May 13, 2014

The definition of ls column headers in long listing mode

Thanks to http://www.unix.com/unix-dummies-questions-answers/41832-ls-l-column-headings.html, I have managed to find out what is the meaning of all the column header in ls -l command. Below are the details:

# ls -l
total 52
drwxrwxrwx   2 root root    41 Jan 14  2013 archive
drwxr-xr-x   2 root root  3072 Aug  3  2013 bin
-rw-r--r--   1 root root   578 Jan 14  2013 README-archive.txt 
lrwxrwxrwx   1 root root     3 Feb 17  2013 run -> tmp


1st column is file type(d for DIR, - for Files, l for links) and access details for UGO (User Group Others aka file permission).

2nd column is Number of links (2,1), the number of names there are for the file. Generally an ordinary file will only have one link, but a directory will have more, because you can refer to it as ``dirname'', ``dirname/.'' where the dot means ``current directory'', and if it has a subdirectory named ``subdir'', ``dirname/subdir/..'' (the ``..'' means ``parent directory'').

3rd Column is File/directory owner (root)

4th Column is File/directory group (root)

5th Column is Size of the file and Dir (41, 3072)

6th Column is Date the file / DIR created. ( Jan 14  2013)

7th Column is File Directory name (archive, bin)