Restart service on no linux logs output

Sometimes I have apps that suddenly stop working, however they don’t have PID output or I can’t start them via systemd or upstart due to convoluted requirements. Other times the app is on but it stops processing incoming queues due to various reasons. I need to make sure i have a mechanism in place to Restart service as needed. I’m going to describe how you can check for Linux logs output and if there is no log for X seconds then we restart the app! we check the log every X seconds and if in the past X seconds there is no movement we perform X function. Restart service script #!/bin/bash # simple script to check logs, if no entries have been made in 45 seconds restart set -x PATH=$PATH:/usr/sbin TS=$(date +%s) timer1=$(expr $TS – $(date +%s -r /path/to/some/file.log)) # make sure to set the log path here if [ “$timer1” -gt 45 ] then echo $timer1 echo “restarting service due to no activity for 45 seconds” sudo service mycoolservice restart # you can change this for something else such as sending email or even rebooting the machine. fi

Nginx ProxMox Proxy using Letsencrypt SSL cert

Why use a nginx proxmox proxy using letsencrypt ssl? 1st: why not? 2nd: Load balancing! Nginx is built to handle many concurrent connections at the same time from multitude of clients. This makes it ideal for being the point-of-contact for said clients. The server can pass requests to any number of backend servers to handle the bulk of the work, which spreads the load across your infrastructure. This design also provides you with flexibility in easily adding backend servers or taking them down as needed for maintenance. 3rd: Security! Many times Nginx can be secured to not allow access to certain parts of the underlying application so life doesnt throw you a curveball at 3AM on December 24th 2006(dont ask 🙁 ). 4th: Port firewall constraints! Sometimes you need to access an application on port 34563 but firewall doesn’t allow access on random ports. You can allow incoming connections on port 80 via nginx but proxy them to the app on 34563. 5th: seriously… why not….. Now you know why we may want nginx as  a frontend proxy for our underlying app. so let’s get to setting it up for our use case which is to protect proxmox from bad actors! and to provide reliable access to our proxmox for ourselves. We are going to setup nginx to forward all traffic from port 80 to port 443 where letsencrypt will provide us with ssl encrypted access! Install nginx light instead of full, so you have a smaller set of utilities but also a lighter install. you can install […]

Mooooo linux Dirty cow vulnerbility cve-2016-5195

What is Dirty Cow CVE-2016-5195 is a bug in the Copy On Write mechanism of the Kernel. Any user or user owned process can gain write access to memory mappings which should be read only for the end user. This allows them to interact with otherwise root only files. Should you worry about it? YES. you should jpatch your system(s) right away! Who found CVE-2016-5195? Who cares? ITS BAD PATCH NOW!! ok just kidding, security researcher Phil Oester was the first one to publically release info about this exploit. He found it via a http packet capture setup. Is this related to SSL / OpenSSL? No, unlike heartbleed, poodle etc this is not related to SSL. Where can I get some official info about this exploit? Not sure what you mean by official but check at mitre and Redhat How to find out if I am affected? Ubuntu / Debian type as root  or with sudo uname -rv sample outputs : 4.4.13-1-pve #1 SMP Tue Jun 28 10:16:33 CEST 2016 2.6.32-openvz-042stab104.1-amd64 #1 SMP Thu Jan 29 13:06:16 MSK 2015 4.4.0-42-generic #62-Ubuntu SMP Fri Oct 7 23:11:45 UTC 2016 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u2 (2016-10-19) List of kernel numbers which need to be updated. 4.8.0-26.28 for Ubuntu 16.10 4.4.0-45.66 for Ubuntu 16.04 LTS 3.13.0-100.147 for Ubuntu 14.04 LTS 3.2.0-113.155 for Ubuntu 12.04 LTS 3.16.36-1+deb8u2 for Debian 8 3.2.82-1 for Debian 7 4.7.8-1 for Debian unstable Redhat / Centos / Fedora wget the test file directly from redhat access : wget https://access.redhat.com/sites/default/files/rh-cve-2016-5195_1.sh CHmod +x rh-cve-2016-5195_1.sh bash rh-cve-2016-5195_1.sh If you are […]

Enable WebGL on Chrome or Firefox

WebGL on Chrome Enable hardware acceleration : browse to chrome://settings/advanced scroll to the bottom and look for Use hardware acceleration when available make sure Use hardware acceleration when available is checked ✓ if it tells you to then click the relaunch button Check if webGL is enabled in Chrome Copy paste the following in your browser’s address bar chrome://gpu  Look for the WebGL item in the Graphics Feature Status list The status will be one of the following: Hardware accelerated — WebGL is enabled and hardware-accelerated (running on the graphics card). Software only, hardware acceleration unavailable — WebGL is enabled, but running in software. Unavailable — WebGL is not available in hardware or software. You are looking for the status to be #1 from the above list i.e. Hardware accelerated   WebGL on FireFox Enable WebGL Copy paste the following in your browser’s address bar about:config you will be asked to accept a scary warning, I am positive this will be ok unless you start going godzilla or the hulk on unrelated settings 🙂 so.. dont do that. Search for webgl.disabled make sure that its value is set to false Check WebGL status on FireFox browser Copy paste the following in your browser’s address bar about:support Inspect the WebGL Renderer row in the Graphics table The status can be either of two things the name of a  graphics card manufacturer, model and driver i.e. Google Inc. — ANGLE (NVIDIA GeForce GTX 980 Ti Direct3D11 vs_5_0 ps_5_0) Something along the lines of BLocked due to version or Blocked due to unresolved issues. Obviously you want #1 […]

Ubuntu & Bash tutorial & basic utilities

An introduction to the CLI (Command Line Interface) and Bash on Ubuntu Linux aka a bash tutorial The default shell that is installed on Ubuntu Linux is bash. Alternatives exist, but they’re beyond the scope of this tutorial (check our post here for more info on how to isntall a better alternative to bash called Zshell or zsh). Bash is available on almost all Linux distributions, so this tutorial will work on most Linux distributions as well. What is a shell? Simply put, the shell is a program that takes your commands from the keyboard and gives them to the operating system to perform. In the old days, it was the only user interface available on a Unix computer. Nowadays, we have graphical user interfaces (GUIs) in addition to command line interfaces (CLIs) such as the shell. Bash is the most popular shell application for Linux, and is the default on Ubuntu and hundreds of other Linux distributions, Mac OS X, and soon Windows 10. The basics are: You type one or more command(s), hit enter, and it runs the command(s). Use the up/down arrows to go through your bash history. Ctrl+P also works Use Ctrl+R to search the history of commands used previously. Hitting tab will autocomplete commands. Instead of typing cd ~/myfolder1/ you can just type cd ~/my<tab> and it’ll either autocomplete fully or if there are still more folders (like my234 and myfolder1), it’ll show you your options. You can enter multiple commands by separating them with “;” or “&&”. ; allows commands […]

Why you should switch to ZShell ( zsh )

Why use ZShell It has some amazing features, but right out of the gate in no particular order: Context based tab completion that puts most others out there to shame. Shared history among tabs. Dynamic Load modules Spelling correction that out performs most others out there. Globbing that works on magic. I am positive of this. Themes that work wonders, there are tons of them out there and they fit everyone’s needs or just write your own! Global aliases I’m going to be an elitist and say bash is for the cavemen 😐 any machine you have a personal user account on: install zsh. life just became pretty… and pretty awesome. why zsh? well its powerful and configurable…. its awesome! and you can change a LOT about it and extend it via plugins. sudo apt-get install zsh curl git-core ruby wget –no-check-certificate https://github.com/robbyrussell/oh-my-zsh/raw/master/tools/install.sh -O – | sh this should switch you to zsh and install an awesome script for zsh. if not then do the next two steps. They can be repeated at will. Note where your zsh is, most likely /bin/zsh. which zsh chsh After that comes customization time! yay… etc. (pick a theme, I prefer dallas so) edit ~/.zshrc ZSH_THEME=”dallas” Heres my plugins, you can remove the ones you dont need plugins=(git ant cpanm debian github mercurial node npm svn) Install rvm : user$ bash -s stable < <(curl -s https://raw.github.com/wayneeseguin/rvm/master/binscripts/rvm-installer ) add the following to your ~/.zshrc [[ -s $HOME/.rvm/scripts/rvm ]] && source $HOME/.rvm/scripts/rvm more to come later.[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section]