Just finished first draft for the tool I needed for a longer time: https://github.com/droopy4096/pflog_stats
PF does great job collecting data, it’s a shame harvesting it is always a hussle. Not anymore. Output is all Json for easy downstream consumption.
After a while of having “one the edge” releases of CyanogenMod on both my and my wife’s phones our phones started… acting up. So common suggestion was to bum baseband release as it is most likely not providing functions required by newer OS. So I set out to do so with some stumbling along the way.
Get the modem (extracted from full firmware – waste of bandwidth, but I don’t care for stock OS) for SGS4:
$ sudo heimdall flash --MDM modem.bin --no-reboot
ran above code several times, manually rebooting right back into download mode (VolDown+Home+Pwr) and eventually it stuck with the phone (do it “not enough” times and you’ll get phone in it’s original state).
heimdall print-pit was instrumental in figuring out the
--MDM option as it listed proper partition.
For OnePlus One things were kind of simpler: downloaded flashable zip with modem in it, and flashed it via TWRP. Doing the same from CLI with fastboot for some reason was not doing anything.
Playing with Fedora on AWS I ended up needing HVM image yet all available images were Paravirt so I needed to “create” HVM image.
Thanks to helpful advise from ServerFault it turned out to be relatively simple (however I can’t say it was straightforward) using web console:
- using PV image create EBS-backed instance instanceA
- adjust instance config as necessary
- take a snapshot of instanceA – snapA
- from snapA create image specifying HVM as virt type
I have also found Pyhon-based CLI which has proved somewhat entertaining. One thing not mentioned is that to use it you have to create group for admins (it’ll ask for type of permissions for that group), then create/assign user to that group. Use “aws ec2 configure”.
Building ansible playbooks for freebsd setup I came to a roadblock – pkgng demands to be bootstrapped interactively. However looking at it’s source code I’ve found the backdoor:
ASSUME_ALWAYS_YES=yes pkg bootstrap -f
and I’ve got things rolling. Overall “ASSUME_ALWAYS_YES” seems to go further then some “-y” switches.
While setting up my FreeBSD box – I oopsed a bit and pointed
make build world to wrong directory. While trying to clean up I did:
# rm -rf /mnt/foo.oops
and all I got is a bunch of
Operation not permitted for certain files.
I did some digging and found that
# chflags -R noschg /mnt/foo
was the solution
I have decided to try out UniFi AP for my home WiFi setup and either because of my “consumer-grade” switch etc. or some other reason I just couldn’t get it recognized on my “Controller” … so I had to look. Winning combination was:
- write down MAC of UniFi AP
- on my DHCP server track down UniFi AP’s acquired IP
- SSH into UniFi AP unit (factory defaults creds are ubnt/ubnt)
- Issue command
- Adopt on controller (simple drop on the map is what worked for me)
- Reissue command –
- AP is adopted and workable now
As a side-note controller software that runs on Linux required some iptables mashing as well since I was using remote browser:
# firewall-cmd --zone=home --add-port 8080/tcp
# firewall-cmd --zone=home --add-port 8443/tcp
# firewall-cmd --zone=home --add-port 8880/tcp
# firewall-cmd --zone=home --add-port 8843/tcp
This opens up ports only for the current session (runtime), after reboot those changes will be gone and if we need to retain them “–permanent” should be added and commands re-run.
I’m playing a lot with Ansible those days and one of the topics that does come up all the time is how do I set certain values in config files that are not plain-text or .ini style? Special mention goes to Apache configs that are neither plain-text nor XML (ugh) and tomcat (well at least it’s XML…).
Augeas is a swiss-army-knife for a sysadmin as it “understands” multiple configuration formats (lens’) and can deal with them in it’s own way.
So here’s what I needed to do: Setting up ownCloud VM on Fedora 20 I needed to edit /etc/httpd.d/conf.d/owncloud.conf file to override default restriction for localhost, in other words adding
Require all granted to the end of
<Directory "/usr/share/owncloud"> section. Perl and Python are fun but you practically need to build your own parser. Not me. Not today. So here’s how we handle things with augeas:
create command file /tmp/ocloud_aug, like so:
defvar conf /files/etc/httpd/conf.d/owncloud.conf
# Get <Directory "/usr/share/owncloud"> subtree
defvar ocloud_dir $conf/Directory[arg="/usr/share/owncloud/"]
defvar last_stmt $ocloud_dir/directive[last()]
set $last_stmt Require
set $last_stmt/arg all
set $last_stmt/arg granted
Hint: before going around modifying your live system consider one of two testing methods:
Require all granted
after we run:
# augtool -f /tmp/ocloud_aug
That just about solves our problem of programmatically adding configuration lines. We could also remove offending “Require local”: