Stupid other tricks - small things for small minds.

home | blog | Terrible people and places | Covid-19 links | Teh Internet | guest blog |rants | placeholder | political | projects | Gwen and Liam | Citadel patched | Tools | Scouts





Match ipv4 address:
grep -oE "([0-9]{1,3}\.){3}[0-9]{1,3}"


Get the header:
lwp-request -U -s -S -e -m HEAD http://www.google.com
Alt bit in Python: - sorry non-PIP...

import urllib2
import socket
import ssl

hostname = 'somesite.somewhere'
url = 'https://' + hostname

response = urllib2.urlopen(url)
print response.geturl()
print response.getcode()
for header in response.info().headers:
  print header

addr = socket.gethostbyname_ex(hostname)[2]
addr = str(addr)
addr = hostname

sock = socket.create_connection((addr,443), timeout=None)
context = ssl.create_default_context()
sslsock = context.wrap_socket(sock, server_hostname=addr)
#print sslsock.getpeercert()
certitems = sslsock.getpeercert()
for item in certitems:
  print item, certitems[item]


Check expire date for cert (rapidly): - Past due date expired certs - now being served daily :-)
for i in {1..10};do echo "Test $i"; echo | openssl s_client -connect sitename.com:443 -servername sitename.com  2>/dev/null | openssl x509 -noout -subject -dates; echo "";done

If you find your certs expire and then not in the alternating lines, you might have not killed off all apache processes! Kill away to fix....

Alt way:
openssl s_client -connect ip.add.re.ss:443
- or if using sni:
openssl s_client -connect site.blah:443 -servername site.blah

Check a pem encoded cert expiration date:
openssl x509 -enddate -noout -in file.pem

Text output interpretation of a cert:
openssl x509 -text -noout -in /home/user/certdir/ssl.cert
openssl x590 -text -noout -in /home/user/certdir/ssl.cert | grep -e Subject -e Issuer -e DNS -e After
(args of -subject and -issuer available to openssl - but I am lazy sometimes and don't want to read the man page :-)
- if Virtualmin is giving you renewal problems, try this:
virtualmin generate-letsencrypt-cert --domain  some.domain
(list domains with virtualmin list-domains)


see what files a process is using:
strace -pPIDNUMBER -e trace=file

- to watch mysql - thanks kenorb on Stack Overflow. 
http://stackoverflow.com/questions/568564/how-can-i-view-live-mysql-queries
 In case this link breaks, here is the skinny:

strace -pMYSQLPID -e trace=read,write -s 2000 -fp $(pgrep -nf mysql)

- Alternatively, try setting up slow log query with 0 (search for slow log query) on my blog....

- strace errors like strace: Could not attach to process - check the /etc/sysctl.d/10-ptrace.conf
  for kernel.yama.ptrace_scope = 1 and set to 0 if debugging in a testing environment - not live!
  follow up with:
    sudo service procps restart
    ( alternatevely - systemctl restart procps )

See what apache is up to:
ps auxw | grep sbin/apache | awk '{print"-p " $2}' | xargs strace

-or-

ps h --ppid $(cat /var/run/apache2.pid) | awk '{print"-p " $1}' | xargs sudo strace -o strace.txt

(Sprinkle in -s4096 (more context to reads on strace), and -r to find slow time between syscalls - might want single process for that)...
or -

watch apachectl fullstatus

- or just status for compact state line.


Linux Force a reboot
echo 1 > /proc/sys/kernel/sysrq
(or more permanently add "kernel.sysrq = 1" to your /etc/sysctl.conf
echo b > /proc/sysrq-trigger

Or halt:
echo 1 > /proc/sys/kernel/sysrq
echo o > /proc/sysrq-trigger

Stolen from here: http://smshaker.wordpress.com/2009/03/02/linux-force-rebootshutdown/
Even more here: http://www.linuxhowtos.org/Tips%20and%20Tricks/sysrq.htm

Find the (probable) install date:
tune2fs -l /dev/sda1 (assuming this is the root partition)
Look for the filesystem created date.  Unless you recreated the root partition, this is probably your install date.


Better traceroute - 'cause I like pretty in the terminal: mtr

Disk space check (disk usage): ohmu (get via pip install)

Better git status: tig (pip install again)

Track current traffic on a server: iftop

List apache sites: apachectl -S

Check up on memcached:
Found here: https://www.percona.com/blog/2008/11/26/a-quick-way-to-get-memcached-status/
watch "echo stats | nc 127.0.0.1 11211"


How many of what type of file? - does not use magic, relies on extension.
find . -type f | sed -n 's/..*\.//p' | sort | uniq -c | sort -n -k 1


Store permissions and re-apply later:
getfacl -R /somedir > somedir.acl
setfacl --restore=somedir.acl


Take back excessive memory / swap use by systemd-logind
systemctl daemon-reexec


Edit systemd config with override -
systemctl edit daemon-name
(should create a /etc/systemd/system/daemon-name.service.d/override.conf
Follow up with:

systemctl daemon-reload
systemctl restart daemon-name


More systemd - get the timers (for backup?)
systemctl list-timers --all
- probably want to grab /etc/systemd/system and /usr/lib/systemd to get the service and timer files.


Even more systemd:
Convert unicode output of systemctl to ascii (sort of):
systemctl status | iconv -f UTF-8 -t ASCII//TRANSLIT


Check smart values on a LSI MegaRAID SAS 9271-4i
DID from output here:
storcli64 /c0 show

smartctl -a -d sat+megaraid,4 /dev/sda
smartctl -a -d sat+megaraid,5 /dev/sda
smartctl -a -d sat+megaraid,6 /dev/sda
smartctl -a -d sat+megaraid,7 /dev/sda


smartd for the HUP!
smartd will continue with the old replaced drive serial and model number after failed replacement is in place.
don't forget to "kill -HUP" the smartd process, so it will re-read and get the correct drive and model.
restart probably would not hurt...


Sum a column of numbers in bash:
Add this to the end of the chain of pipes:

| paste -sd+ - | bc


Replace a line break with a comma from a file list (think email addresses)
tr '\n' ',' < list-of-emails-in-a-column.txt


Thanks goes to Beijing News Express On October 22, students of Wuhan Huangpi Technical School posted a video saying that some students hid hot dishes in the cafeteria during the second extra meal and only gave them pickles. On October 24th, the website of the People’s Government of Huangpi District, Wuhan City published the "Explanation on the Situation of Huangpi Technical School Students’ Reflecting the Problem of Adding Meals in the Canteen". After investigations by the competent authority to the school, the situation is basically true. The school has seriously criticized the education staff on duty , It is recommended that the person in charge of the cafeteria impose financial punishment on him.


http://www.unixcl.com/2009/11/sum-of-numbers-in-file-unix.html



Paste lines together from dpkg listing column output (php installed packages in this case):
dpkg --get-selections | grep php | awk '{print $1}' | paste -sd " " -

To get specifics (better version numbering etc on a specific package), try this:
dpkg -s pkgname



rkhunter saying changes, but you suspect updated packages?
---Give this a go:
debsums -ca
---check for recent installs in:
/var/log/dpkg.log
---If all good, update:
rkhunter --update --propupd
---And recheck:
rkhunter -c --rwo



Loopback mount setup (loop mount)
bigfile.img
losetup /dev/loop0 bigfile.img
kpartx -av /dev/loop0

Now mount up the bit you want (based on partitioning found with kpartx)
mount /dev/mapper/loop0p2 /mnt/sillymount

Get all with losetup --list
- for more fun use nbdkit (can do compressed files):
nbdkit xz bigfile.img.xz
(gives tcp socket...)
nbd-client -b 512 localhost /dev/nbd0
(uncompresses on the fly)
mount /dev/nbd0p2 /mnt/sillymount
add --filter=cow (to write to a layer on top of the base image) - temporary file - gone on kill of nbdkit.



sed replace on config file:
sed -i 's/max_allowed_packet.*/max_allowed_packet = 16M/g' /etc/mysql/mysql.conf.d/mysqld.cnf


Return apache sites in enabled status: (stupid I know!):
ls -1 /etc/apache2/sites-enabled/ | grep -v le-ssl | awk -F'[\.]' '{$NF=""; print $0}' | grep -v ssl



Generate a "random" password using python:
import string
import random

N = 8
psswd = ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(N))

print psswd


Run a cron job at startup? i.e. Is it a stinky user script you would otherwise have run a screen session to run?
Chuck this in the users cron:

@reboot	/home/userdir/script-to-run-at-startup.sh


Truncate a log file - or empty it - when the process does not use logrotate - looking at you supervisord!
echo > logfile
or
truncate -s0 logfile

Have sorted files but don't know what lines are in one and not the other? comm to the rescue.
comm -23 file1 file2
- this gives you lines that appear in the sorted list from file1 not in file2



[æ]