cyber-tec.org ~drscream

cyber-tec.org
Title: ~drscream
Keywords: thomas merkel, frubar, linux, blog, opensource, smartos, creative coding
Description: A blog from Thomas Merkel about OpenSource technology and other stuff.
cyber-tec.org is ranked 3680572 in the world (amongst the 40 million domains). A low-numbered rank means that this website gets lots of visitors. This site is relatively popular among users in the united states. It gets 50% of its traffic from the united states .This site is estimated to be worth $4,959. This site has a low Pagerank(0/10). It has 1 backlinks. cyber-tec.org has 43% seo score.

cyber-tec.org Information

Website / Domain: cyber-tec.org
Website IP Address: 80.190.131.169
Domain DNS Server: ns.coreio.nl,ns.coreio.de,ns.core.io

cyber-tec.org Rank

Alexa Rank: 3680572
Google Page Rank: 0/10 (Google Pagerank Has Been Closed)

cyber-tec.org Traffic & Earnings

Purchase/Sale Value: $4,959
Daily Revenue: $13
Monthly Revenue $407
Yearly Revenue: $4,959
Daily Unique Visitors 1,250
Monthly Unique Visitors: 37,500
Yearly Unique Visitors: 456,250

cyber-tec.org WebSite Httpheader

StatusCode 200
Content-Type text/html; charset=UTF-8
Date Mon, 01 Aug 2016 15:14:20 GMT
Server nginx/1.7.10

cyber-tec.org Keywords accounting

Keyword Count Percentage
thomas merkel 0 0.00%
frubar 0 0.00%
linux 2 0.05%
blog 1 0.02%
opensource 0 0.00%
smartos 2 0.07%
creative coding 0 0.00%

cyber-tec.org Traffic Sources Chart

cyber-tec.org Similar Website

Domain Site Title

cyber-tec.org Alexa Rank History Chart

cyber-tec.org aleax

cyber-tec.org Html To Plain Text

~drscream ~drscream home projects talks about Memory and CPU usage tools on Illumos This is only a small overview of memory and CPU usage tools on Illumos. Mostly I forgot the commands so it's like a personal reference page :-) Total physical memory Show DIMM and hardware overview via prtdiag: prtdiag -v Show max physical memory via prtconf: prtconf | grep Memory Create an overview 10 times every 5 seconds: vmstat 5 10 Memory usage by process Show percentage of memory usage by process, you could use sort to sorting the output: ps -A -o pmem -o pcpu -o args Overall CPU usage Two processor reports with five seconds interval: mpstat 5 2 Important fields are: usr: user time in percent sys: system time in percent idl: idle time in percent CPU usage by process Use prstat which is more or less similar to top on Linux. There are different sorting and command line options available. Sort by cpu usage (default): prstat Sort by memory usage: prstat -s rss Sort by virtual memory usage: prstat -s size Sort by process execution time: prstat -s time Find top five processes: prstat -n 5 Also print process numbers for each user: prstat -a Follow a particular process id: prstat -p Follow threads of a particular process id: prstat -L -p Posted March 03, 2016, 11:26 am Tags illumos, smartos, solaris, tools, memory usage, cpu usage More Permalink Create ISO image from folder in MacOSX You maybe run into an problem that your remote server has no network connection because of some drivers are missing? And the only thing that works is to use IPMI and remote virtual devices which contains your driver? For that I created an folder which contains the drivers, packages and create an ISO image with hdiutil. hdiutil makehybrid -o ~/image.iso ~/your/folder -iso -joliet The tool creates an ISO file in your home, image.iso. You could burn that to an CD or you could use it with your IPMI tool and mount it remotely. Posted March 01, 2016, 9:28 pm Tags macosx, iso, image, hdiutil More Permalink The equal sign in Bash From bash scripts by my co-workers I noticed there is a big misunderstanding of using the equals sign in bash if statements. Should I use one square bracket or two, should I use two equal signs or one? You could use one [ (square bracket) with one = (equal sign). This is valid in bash and sh. if [ "$random" = "$example" ] This is documented for the bash test builtin if you type help test. One square bracket [ is an alias for test. You could also find it in the Bash manual. This will work in most shells since the original version of Unix. The official bash way is to use two [[ (square brackets) and two == (equal signs). It matches the syntax of most other programming languages. if [[ "$random" == "$example" ]] Now the biggest mess starts, because bash also supports one square bracket and two equal signs. if [ "$random" == "$example" ] The bash authors decided to deviate from the traditional behaviour of /bin/sh and support this syntax. Anyway, this feature is not documented and it will not work on sh and it's derivates. For example dash which is default on Ubuntu will through an syntax error. If you consider to use your shell script on different systems you should not use the undocumented function :-) Posted February 26, 2016, 12:21 pm Tags bash, equals, if, posix, sh More Permalink Update X terminal title Your window title of an X terminal and the MacOS X Terminal.app title could be updated with hostname and path automatically. And it could be so simple, add the following line to your ~/.bashrc: # Change the window title of X terminals echo -ne "\033]0;${USER}@${HOSTNAME%%.*}:${PWD/$HOME/~}\007" An additional feature is provided by MacOS X Terminal.app by using right click on the title. It allow you to open the current folder or any above folder. Posted February 25, 2016, 12:12 pm Tags macosx, xterm, terminal, terminal.app More Permalink Migrate ZFS pool to a different server I hope you run your server with ZFS already :-) For some reason you may need to migrate your ZFS pool with all snapshots to a different server. This could be a backup reason or simple a migration scenario. In the example the pool named zones. So first you create a recursive snapshot of your pool: zfs snapshot -r zones@migrate_20160204 You could simple verify that the snapshots exists via: zfs list -t snapshot I use SSH to migrate the data between two servers. It depends on your network, so you could also switch to netcat or something similar. zfs send -R zones@migrate_20160204 | ssh user@host "zfs receive -Fd zones" You may like to add options like -v to show some more detailed output of the transferred data. It could be your data is modified during the migration. For that reason you could easily create a new snapshot after the send and receive command finished. zfs create -r snapshot zones@migrate_20160205 Incremental zfs send is possible with the -i option. So zfs send only the difference between two snapshots to the remote server. zfs send -R -i zones@migrate_20160204 zones@migrate_20160204 | \ ssh user@host "zfs receive -F zones" Posted February 05, 2016, 9:28 am Tags zfs, smartos, illumos, backup More Permalink GPG Feature import-clean You GnuPG keyring got a little bit messy over time? Than you're not alone - I transferred my keyring from computer to computer since I use GnuPG so it contains more than thousands of keys. The trustdb calculation takes minutes to complete so it's time for an housekeeping task. Maybe unknown GnuPG feature is import-clean which allow you to cleanup your keyring and remove unusable signatures. import-clean After import, compact (remove all signatures except the self-signature) any user IDs from the new key that are not usable. Then, remove any signatures from the new key that are not usable. This includes signatures that were issued by keys that are not present on the keyring. You should do it by refreshing all keys from the keyserver: gpg --no-options --keyserver pgp.mit.edu \ --keyserver-options import-clean,export-clean --refresh-keys After I've used the above command my trustdb calculation time is decreased a lot. Posted November 30, 2015, 8:35 pm Tags gpg, pgp, gnupg, cleanup, import-clean More Permalink Build last git tag with Jenkins Sometimes it's required to build the last tag of your software with Jenkins. Mostly I use it to build a last stable release automatically with Jenkins. I use GitHub for my software so I use by default tags for each release. Every tag contains a version number which could be automatically filtered by Jenkins. Use the advanced button for git and specify a refspec in the Jenkins that only selects these tags: +refs/tags/*:refs/remotes/origin/tags/* In the branch specifier specify: */tags/* Posted September 20, 2015, 9:52 pm Tags jenkins, git, tagging More Permalink SSH SOCKS proxy via MacOS X launchctl I use an SOCKS proxy to connect to some services in different networks. For that reason I use a simple SSH SOCKS proxy solution which makes it really easy: ssh -f -N -D7070 gateway.example.com But running this command every time when I switch my location or the laptop hibernated is not really convenient. MacOS X provides launchctl as a service manager, so why not using it? Agents running for the current user are stored in ~/Library/LaunchAgents/ as an XML based plist file. I named my file like the host I'm using to connect to, so it's com.example.gateway.socks-tunnel.plist. My file looks like the following: LimitLoadToSessionType Aqua OnDemand Label com.example.gateway.socks-tunnel ProgramArguments /usr/bin/ssh -D7070 -N -n -C -o ControlMaster=no gateway.example.com StandardErrorPath /tmp/com.example.gateway.socks-tunnel.log If you're using ControlMaster ssh settings you should disable it for the tunnel setup via -o ControlMaster=no. For the first time it requires to load the plist file: launchctl load ~/Library/LaunchAgents/com.example.gateway.socks-tunnel.plist Posted September 16, 2015, 3:18 pm Tags osx, macosx, openssh, ssh, socks, launchctl More Permalink Solaris 11 tricks and hints This page is not a full setup guide for Solaris 11 on SPARC. It’s basically a small tricks and hints list to help you around some issues I had. Most stuff is different to linux so please don’t be confused. Boot from CDROM Sometimes or for an installation it is required to boot from CDROM / DVD. If you have an already installed and configured system, you need to switch to init 0: # In global zone type $ init 0 If you have an uninstalled system, which is the default for freshly received hardware, you need to use the Integrated Lights Out Manager. It provides you with a web interface and ssh connection. # Connect via SSH to the Integrated Lights Out Manager # Default password is provided on the chassie (if not changed: changeme) $ ssh root@ The Integrated Lights Out Manager provides you with lots of commands. For booting from CDROM you don’t need that much. The only reason you need ILOM is because you’re to lazy to connect a monitor to the machine. # Connect to the host serial console via ILOM -> start /HOST/CONSOLE The system isn’t booted (because it isn’t installed), so you see the output of the waiting EEPROM. This allow you to boot via CDROM or other media. # Boot from CDROM and use the text output because we would like # to finish the installation via serial console {0} ok {0} ok boot cdrom - text Setup or modify hostname Normally the hostname is configured during setup, but maybe you mixed FQDN and hostname? In Solaris everything should be the FQDN. svccfg -s system/identity:node setprop config/nodename="fqdn-my-host.example.com" svccfg -s system/identity:node setprop config/loopback="fqdn-my-host.example.com" # Refresh config changes and restart service $ svcadm refresh system/identity:node $ svcadm restart system/identity:node Network setup global zone Static network configuration is done via commands - not via a config files. The command will create all config files for you. # Unplump an network interface to be sure it is working $ ifconfig net0 plumb # Maybe you need to deletate the IP to clear things before you add # the IP stack $ ipadm delete-ip net0 $ ipadm create-ip net0 # Add the IP address to the interface statically (/engine is a suffix # which can be defined by yourself) $ ipadm create-addr -T static -a local=10.43.1.47/24 net0/engine # Assign a default route (also static, -p is persistent) $ route -p add default 10.43.1.1 DNS setup A system isn’t complete if you don’t have it configured to use DNS. In Solaris 11 the DNS client (/etc/resolv.conf) is managed by SMF - the awesome Service Management Facility. # Configure /etc/resolv.conf $ svccfg -s network/dns/client svc:/network/dns/client> setprop config/search = astring: ("srv.example.com") svc:/network/dns/client> setprop config/nameserver = net_address: (8.8.8.8 8.8.4.4) svc:/network/dns/client> exit The /etc/nsswitch.conf is also configured via SMF, we need to modify it to use DNS and not only host files. # Configure /etc/nsswitch.conf $ svccfg -s system/name-service/switch svc:/system/name-service/switch> setprop config/host = astring: "files dns" svc:/system/name-service/switch> exit Your changes will not apply automatically. It requires a refresh and restart of the service. # Refresh (load config changes), Restart (apply config changes) $ svcadm refresh dns/client $ svcadm restart dns/client $ svcadm refresh name-service/switch $ svcadm restart name-service/switch If for some reason the /etc/resolv.conf isn’t written by the service you could force it via nscfg export: $ nscfg export svc:/network/dns/client:default Use NTP in Global Zone You should always use NTP as it makes time problems so much less important. And it’s not that hard. Solaris already provides everything you need. Modify or create /etc/inet/ntp.conf with some defaults you require. $ echo "server ntp.example.com" > /etc/inet/ntp.conf $ echo "driftfile /var/ntp/ntp.drift" >> /etc/inet/ntp.conf $ echo "statsdir /var/ntp/ntpstats/" >> /etc/inet/ntp.conf $ echo "filegen peerstats file peerstats type day enable" >> /etc/inet/ntp.conf $ echo "filegen loopstats file loopstats type day enable" >> /etc/inet/ntp.conf Enable the service and force a ntpdate at beginning. # Force ntpdate $ ntpdate 0.pool.ntp.org # Enable NTP service $ svcadm enable ntp Solaris 11 Zone Creating a Solaris 11 zone is really easy and there is already lots of documentation out there. First you need to create a ZFS filesystem on which you would like to store the zone. Second you will configure the zone via zonecfg and at last you will install it. # Create zone file system via zfs $ zfs create rpool/solaris11-zone # Create zone via zonecfg with the minimal setup required $ zonecfg -z solaris11-zone zonecfg:solaris11-zone> create zonecfg:solaris11-zone> set zonepath=/rpool/solaris11-zone zonecfg:solaris11-zone> set autoboot=true zonecfg:solaris11-zone> set bootargs="-m verbose" zonecfg:solaris11-zone> verify zonecfg:solaris11-zone> commit zonecfg:solaris11-zone> exit Be sure and verify if the zone is listed via zoneadm list -icv. The installation may take a bit of time to download the files from the IPS repository. Depending on your setup it might be faster using the CD/DVD install medium. # Start installation $ zoneadm -z solaris11-zone install Boot the zone and finish the installation with the sysconfig tool. The configuration tool will automatically start after first boot. It will appear on the serial console of the zone. # Boot the zone $ zoneadm -z solaris11-zone boot You should follow the configuration wizard to setup the zone profile. If your keyboard doesn’t provide the F2 key, use ESC+2. # Use zlogin with -C option to use serial console connection $ zlogin -C solaris11-zone Very important, the profile has higher priority as all other zone configuration you make via svccfg or svcadm. So the profile will always overwrite your network, DNS and hostname settings. You can always start sysconfig configure again to make changes. Solaris 10 branded zone It is possible to install Solaris 10 branded zones on Solaris 11. I can recommend the official guide from the oracle blog: Solaris 10 branded zone VM Templates for Solaris 11 on OTN. It requires the download of solaris-10u10-x86.bin from Oracle which is a ca. 2 GB big script / blob image containing the Solaris 10 bits. If you use it to create the Solaris 10 zone, be sure you’re using the CIDR syntax for the network setup. The script somehow get’s confused if you don’t provide that information. # Create solaris 10 branded zone with Oracle script $ ./solaris-10u11-sparc.bin -p /zones -a 10.1.1.2/24 -i net0 -z solaris10-zone Delete Solaris zone If you want to delete the zone, be sure you’re also deleting the virtual NICs the script created. # Shutdown, Uninstall and Delete - Solaris 10 zone $ zoneadm -z solaris10-zone shutdown $ zoneadm -z solaris10-zone uninstall -F $ zonecfg -z solaris10-zone delete -F # Look for the virtual NICs $ dladm show-vnic # Delete the random NICs created by the script $ dladm delete-vnic vnicZBI61549281 Configure LDAP authentication via SSH If you already have an active directory it’s easy to also use that for SSH authentication, groups and user accounts on the Solaris machine. The following setup was done in an Solaris 11 zone, but should also be possible in an global zone. Maybe with some modifications also on Solaris 10. SSL certificates and secure ldap connection You should always use a TLS/SSL connection to the LDAP server. And most companies have their own PKI and ROOT certificate authority. This requires an import of the certificates to the LDAP certificate store. # Create LDAP certificate store $ /usr/sfw/bin/certutil -N -d /var/ldap/ Download the ROOT certificate and maybe the intermediate certificate. This depends on how good the active directory server is configured and if it provides a full certificate chain on request. Most servers are configured wrong, so I import the ROOT and ICA. Download and check the SSL certificates (fingerprint, etc.) Both files are provided in PEM format, the -t option provides the trust levels $ /usr/sfw/bin/certutil -A -n "Primary ROOT CA" -i primary-root-ca.crt -t CT -d /var/ldap $ /usr/sfw/bin/certutil -A -n "ICA SHA1" -i intermediate-ca.crt -t CT -d /var/ldap # Verify if everything is there $ /usr/sfw/bin/certutil -L -d /var/ldap/ Configure LDAP via ldapclient To configure LDAP it requires a valid user to bind to the active directory. It also requires that you’ve already configured the active directory to support unix extensions. You should not just copy & paste the following command, they require modification based on your active directory. First you should always use host names, because otherwise the ssl certificate can not be validated against the IP address in normal circumstances. Because the ldapclient will modify the /etc/nsswitch.conf to not use DNS anymore, things might break during the setup. As a workaround you can modify the /etc/hosts file and add the hostname and ip address of the active directory servers. # Modify /etc/hosts for the setup via ldapclient $ echo -e '10.1.3.3\teddie.ad.example.com\n10.1.3.4\tkrusty.ad.example.com' >> /etc/hosts The next ldapclient is a long command with many arguments, read it carefully and make the modification required for your setup. For the defaultServerList option it is important to always use double quotes " for the complete parameter. ldapclient manual \ -a credentialLevel=proxy \ -a authenticationMethod=tls:simple \ -a domainName=ad.example.com \ -a defaultSearchBase=DC=ad,DC=example,DC=com \ -a proxyDN="CN=SERVICE_ACCOUNT,OU=Service-Accounts,DC=ad,DC=example,DC=com" \ -a proxyPAssword=SERVICE_ACCOUNT_PASSWORD \ -a defaultSearchScope=sub \ -a attributeMap=group:userpassword=userPassword \ -a attributeMap=group:memberuid=memberUid \ -a attributeMap=group:gidnumber=gidNumber \ -a attributeMap=passwd:gecos=cn \ -a attributeMap=passwd:gidnumber=gidNumber \ -a attributeMap=passwd:uidnumber=uidNumber \ -a attributeMap=passwd:homedirectory=unixHomeDirectory \ -a attributeMap=passwd:loginshell=loginShell \ -a attributeMap=shadow:shadowflag=shadowFlag \ -a attributeMap=shadow:userpassword=userPassword \ -a objectClassMap=group:posixGroup=group \ -a objectClassMap=passwd:posixAccount=user \ -a objectClassMap=shadow:shadowAccount=user \ -a serviceSearchDescriptor=passwd:dc=ad,dc=example,dc=com?sub \ -a serviceSearchDescriptor=group:dc=ad,dc=example,dc=com?sub \ -a followReferrals=false \ -a "defaultServerList=eddie.ad.example.com krusty.ad.example.com" The command will take some time to complete. You can check the log files in /var/adm/ if you like to see what is happening. There is also the -v option for verbose output. Fix DNS problem because of ldapclient setup Back to the DNS problem and the /etc/nsswitch.conf change. I’m sure there must be another way around it but I have not found it yet. We need to reconfigure the name-service/switch to use DNS for hosts and not ldap. # Use the svccfg command to modify the hosts setup in nsswitch.conf $ svccfg svc:> select name-service/switch svc:/system/name-service/switch> setprop config/host = "files [SUCCESS=return] dns" svc:/system/name-service/switch> select system/name-service/switch:default svc:/system/name-service/switch:default> refresh svc:/system/name-service/switch:default> validate svc:/system/name-service/switch:default> exit If everything is okay and valid you can use id to verify if your user account is working. $ id firstname.lastname.from.ad Configure PAM / SSH to use LDAP Without SSH authentication LDAP isn’t that helpful for me as system administrator. So we configure PAM to use LDAP for authentication. By default SunSSH uses PAM so everything should be fine. All PAM configuration is stored in /etc/pam.d on Solaris 11. It requires some changes on every configuration file in that folder. I only show the modified and added lines: ==> login other passwd pfexec tpdlogin /tmp/dsk-partition.dump Using fmthard to restore the partition table to the second disk. $ fmthard -s /tmp/dsk-partition.dump /dev/rdsk/c1t1d0s0 fmthard: New volume table of contents now in place. Problem fixed, now I could easily add the device to the zpool. $ zpool attach rpool c1t0d0s0 c1t1d0s0 Posted July 10, 2015, 12:49 pm Tags zpool, zfs, sparc, solaris, illumos, prtvtoc More Permalink ? Prev Next ?

cyber-tec.org Whois

Domain Name: CYBER-TEC.ORG