disallow pseudo terminal in ssh
Some Oracle documentation wants you to setup ssh with no password and no passphrase. Configuring ssh This is not really something your security admin will like. First, using DSA, which is deprecated and disabled by default in OpenSSH 7.0, is a pretty dump instruction OpenSSH 7.0 and greater similarly disable the ssh-dss (DSA) public key […]
Untrusted X11 forwarding
I wrote a while ago about my security concerns regarding xhost + xterm -display mypc:0 Way back then, I suggested ssh tunnel. SSH is pretty easy to set up, by enabling the X11Forwarding option. In OpenSSH 3.8 release note, 2004, there was a new default . ssh(1) now uses untrusted cookies for X11-Forwarding In the […]
run sudo, ssh, password, su in simulated interactive mode
Some commands do not like non-interactive mode $ passwd <<EOF > oldpassword > newpassword > newpassword > EOF Changing password for user lsc. Current password for lsc@example.com: passwd: Authentication token manipulation error $ echo oraclepassword | su – oracle standard in must be a tty $ echo sudopassword | sudo su – oracle [sudo] password […]
How to *really* send a script to the background
Let’s check this small script – foo.sh #!/bin/sh echo foo.1:`date` | tee $HOME/tmp/foo.txt sleep 3 echo foo.2:`date` | tee -a $HOME/tmp/foo.txt $ $HOME/tmp/foo.sh foo.1:Thu Nov 27 17:34:53 CET 2014 foo.2:Thu Nov 27 17:34:56 CET 2014 Very obvious, I write to the console, wait three seconds, then write to the console. Ok, let’s take another script […]
fun with cron
Today I find out that my scheduler was too busy to execute all jobs in my crontab !? * * * * * (while :;do ssh example.com :; done) 59 23 19 06 * touch /tmp/bang my while loop is going to produce so much hangs on the cron deamon that it may not be […]
Testing for (non-)empty string in shell
One way to test for (non-)empty string is to use test and -z (-n) $ x=foo $ test -z "$x" $ echo $? 1 This is mostly seen with an if and [ -z … ] syntax $ y=bar $ if [ -n "$y" ]; then echo non-empty; fi non-empty Instead of a variable, it […]
hot to bypass requiretty in sudo
You can execute it a command without password from the commande line $ sudo -l User lsc may run the following commands on this host: (root) NOPASSWD: /usr/local/bin/helloworld $ sudo /usr/local/bin/helloworld Hello World! Now you try to run it via cron and you get sudo: sorry, you must have a tty to run sudo The […]
use cron to schedule a job only once
I wrote about not using DAY OF MONTH and DAY OF WEEK simultanously in how to cron The correct method is to use 15 14 15 05 * /tmp/run-my-job But… I wrote this five years ago. Hmmm ! Not that correct then since it would run every year 😉 Ok, periodically I check for jobs […]
remove the current directory
Can I remove the current directory? I used to believe you cannot. Solaris: $ uname -s SunOS $ mkdir /tmp/bla $ cd /tmp/bla $ rm -r /tmp/bla rm: Cannot remove any directory in the path of the current working directory /tmp/bla $ AIX: $ uname -s AIX $ mkdir /tmp/bla $ cd /tmp/bla $ rm […]
How to quit crontab -e without overwritting cron
Imagine my crontab * * * * * /usr/bin/date > /tmp/foo I am writing the date to /tmp/foo every minute $ cat /tmp/foo Thu Jul 5 08:45:01 CEST 2012 Now I want to view my crontab in my EDITOR (vi). $ crontab -e I do not quit yet. In the meantime, my colleague modify the crontab. * […]
Check mount option in linux
I did not find a clean way to check the mount option in Linux. For instance wsize=32768 On AIX, I simply type “mount” and see the mount option… For some reasons, my Linux does not show me the complete mount options ! $ mount precision:/nfsserver on /nfsclient type nfs (rw,bg,addr=127.0.0.2) $ grep nfsclient /proc/mounts precision:/nfsserver […]
Check if it a program is already running in Unix
There is more than one way to do it, the safe is probably to check if /home/lsc/OH_YES_I_AM_RUNNING exists and believe it. This is called the file.PID method and is widely used (Apache used to use it since a long long time). It needs file. It needs cleanup if you reboot your server in the middle […]
shell and list of files
How do you loop thru a list of files? For instance you want to archive than delete all pdf documents in the current directory : Bad practice : tar cvf f.tar *.pdf rm *.pdf There are multiple issue with the command above 1) new files could come during the tar, so the rm will delete […]
Generate network graph from command line
I recently wrote on gnuplot, today I tried another command line utility to generate graphs, graphviz, version 2.24.0 on AIX5L. Pretty straightforward syntax : ( echo "digraph Emp {" sqlplus -s -L scott/tiger << EOF set pages 0 lin 120 hea off feed off select ename ||'->'|| (select ename from emp where empno=e.mgr) || ';' […]
send graph per mail from sqlplus
How to send a graph with a single command from your database to your mail in Unix? I tried this (gnuplot is available for Solaris, AIX and most Unix derivates) : echo ' set hea off pages 0 feed off prom set title "salaries of EMP" prom unset key prom unset xtics prom unset xlabel […]
scp tuning
I twitted yesterday : laurentsch copying 1TB over ssh sucks. How do you fastcopy in Unix without installing Software and without root privilege? I got plenty of expert answers. I have not gone to far in recompile ssh and I did not try plain ftp. Ok, let’s try first to transfer 10 files of 100M […]
What is the current setting of NLS_LANG in sqlplus?
I just learnt a neat trick from Oracle Support. How do you see the current value of NLS_LANG in SQLPLUS ? HOST is not the right answer. E.g.: Unix: SQL> host echo $NLS_LANG AMERICAN_SWITZERLAND Windows: SQL> HOST ECHO %NLS_LANG% %NLS_LANG% The correct setting is revealed by @.[%NLS_LANG%] E.g.: Unix: SQL> @.[$NLS_LANG] SP2-0310: unable to open […]
Time offset in Unix
What is the time offset of the current date in Unix? perl -e ' $t=time; @l=localtime($t); @g=gmtime($t); $d=$l[2]-$g[2]+($l[1]-$g[1])/60; $gd=$g[3]+$g[4]*31+$g[5]*365; $ld=$l[3]+$l[4]*31+$l[5]*365; if($gd<$ld){$d+=24}; if($gd>$ld){$d-=24} print ($d."\n")' 2 Am I in summer (DST)? perl -e 'if((localtime)[8]){print"yes"}else{print "no"}' yes
last access time of a file
I was reading http://blogs.oracle.com/myoraclediary and there was a command about printing the modification details of a file. In Linux / Cygwin “stat” exists as a command $ stat /etc/hosts Access: 2010-08-25 15:20:49.782522200 +0200 Modify: 2010-08-18 14:04:25.868114200 +0200 Change: 2010-08-18 14:04:26.072413100 +0200 Or use the one-liner perl below ### st_atime; /* Time of last access */ […]
to cvs or to subversion
First surprise, after migration, the size of my subversion folder is double the size of my cvs folder. With a bunch of 2Gb disks shared amoung dozens of unix persons, and regular reminders the current usage reached 100%, you will feel the pain of having each developers doublesizing its home directory… The reason is a […]
extract xml from the command line
I just discovered this morning this cool utility in my /bin directory : xmllint You can use it to extract values from your xml files within your shell scripts $ cat foo.xml <emplist> <emp no="1"> <ename>John</ename> </emp> <emp no="2"> <ename>Jack</ename> </emp> </emplist> $ echo 'cat //emplist/emp[@no="1"]/ename/text()'| xmllint –shell foo.xml | sed -n 3p John I […]
read without Enter
A small unix tip today. Do you want to continue ? If you are expecting “y” or “n” but do not want to enforce the user to type y[Enter] but simply y, you can use the -n option in bash. Within a ksh script: yorn=$(bash -c 'read -p "Do you want to continue ? " […]
cd
Do you know cd ? I thought I did until this afternoon … OK, let’s start some basic. I create two directories $ echo $SHELL /bin/ksh $ mkdir /tmp/foo $ mkdir /tmp/bar create a symlink /tmp/bar/baz pointing to /tmp/foo $ ln -s /tmp/foo /tmp/bar/baz create a file foo1 in foo $ touch /tmp/foo/foo1 change to […]
cd OLD NEW
Something I like in ksh is to change from /my/old/directory/path to /my/new/directory/path by typing cd old new. This does not work in bash So I had to find a workaround 😉 $ ksh $ cd /app/oracle/product/11.1.0.6/database/rdbms/admin $ cd 6 7 $ pwd /app/oracle/product/11.1.0.7/database/rdbms/admin $ bash $ cd 7 6 bash: cd: 7: No such file […]
chmod -R 777 .
This is one of the thing I hate to see, recursively changing everything to 777 👿 If you want to give read access to all, then 644 is enough for files and 755 for directories. If you want to give execution permission too, you could give 755 to executable files. Also sometimes you have files […]
to ftp or to sftp
Ftp is seen as an old-time unsecure protocol. Many shops nowadays have switched or are switching to sftp. I will try to point out some differences : Compatibility: none. the protocol is completly different. Multiple graphical clients however do support both mode. But the basic “ftp” client will not work with sftp. Ascii mode: only […]
return code before grep
In my previous post hide-password-from-ps-output-sql-loader I mentioned a way to pass the password to the loader thru a parameter file. As correctly suggested by Brian Tkatch, the password could be passed as standard input sqlldr control=x.ctl silent=header,feedback <<EOF scott/tiger EOF Username: The Username: prompt is displayed 🙁 🙁 How do we get rid of […]
To bash or not to bash
I have been inspired by Chen to talk about bash… I have been using ksh for many years, and I mean ksh88 not ksh93. The main reason is, I want my script to run the same way in any Unix flavor. ksh93 has never been too much popular. I used it a few time to […]
echo does not accept end of arguments operator
Let’s start with an example : $ cat AI #!/usr/bin/bash while : do echo "What's your name ?" read a if [ ! $a ] then break fi echo "Your name is :" echo $a echo done echo "Bye" $ ./AI What's your name ? Jo Your name is : Jo What's your name ? […]
updatedb does not work with samba drives and cygwin
updatedb and locate are parts of the findutils package, which exists since a long time on most unix / linux flavors. Something I never get worked is to search for files on network drives with Cygwin, I always got : find: /cygdrive/y/Favorites/Links/del changed during execution of find (old inode number -474324984, new inode number -44545478 […]
How to cron?
RTFM is not the best answer … man crontab SunOS 5.10 Last change: 10 Nov 2005 User Commands crontab(1) A crontab file consists of lines of six fields each. The fields are separated by spaces or tabs. The first five are integer patterns that specify the following: minute (0-59), hour (0-23), day of the month (1-31), […]