das krähen_nest

#!/bin/bash
# Author: Karsten Brusch
# change to fit you needs
USER=mysql
PASS=mypass
BACKUPDIR=/nfs/mysql/
BACKUPS LOGFILE=/nfs/mysql/daily-backup.log
#no changes needed below
DATE=`date +%F_%H-%M-%S`
FILENAME=mysqldump.$DATE.sql
echo "##########################################" >> $LOGFILE
echo "Starting DB backup on `hostname` on `date +%F` `date +%T`" >> $LOGFILE
/opt/postman/mysql/bin/mysqldump -u$USER -p$PASS --all-databases 2>> $LOGFILE | gzip > $BACKUPDIR/$FILENAME.gz
if [ ${PIPESTATUS[0]} -eq 0 ] ; then
 echo `date +%F_%H-%M-%S` >> $LOGFILE
 echo "Backup to $FILENAME was successful" >> $LOGFILE
else
 echo `date +%F_%H-%M-%S` >> $LOGFILE
 echo "Backup to $FILENAME was NOT successful" >> $LOGFILE
fi

Sometimes you need to modify the content of a zip file in the command line because the server doesn't have a X server and you have no access to the file system remotely.

What this script does:

• modify text files inside a zip file with vi (or any other editor you like)

• modify the content of zip file which is stored inside your zip file (nice example to explain recursion)

What this script is missing at this point:

• handle tar files inside your zip

• some more real life testing

Here's the script

I tested this successfully on Ubuntu Linux (10.10) and Solaris 5.10.
Please comment if you find bugs or improvements.

Tags: linux

You can easily move files of a certain age to a different location (for example backup tape or network share)

In this example you will search for files only (-type f) which are older than 30 days (-mtime +30) and execute the move command for each file returned. This list of files is represented by the {} brackets.

find /path/to/source/ -mtime +30 -type f -exec mv {} /path/to/destination \;

Another example shows that you can use the {} brackets in every command you like.

This example below returns all files which name ends with .sql and which are bigger than 5MB and adds/updates them to a specific tar file

find /path/to/src/ -size +5M -name "*.sql" -exec tar -uvf /backup/my-archive.tar {} \;

You can combine several filters in ‘find’ (check the man page) and use every command so this is really powerful.

Tags: linux

objective

Create a sftp-only user to have rw-access a specific folder only on a system with disabled ssh shell, port forwarding and X11-forwarding.

This is achieved by setting the sftp shell in /etc/passwd

required

openssh version 4.8p1 or newer (this supports chrootdirectory) –> refer this page

you can check your version with:sshd -v

If you have an older version, here’s how you install openssh from source:

yum install gcc openssl-devel pam-devel rpm-build
wget http://ftp.spline.de/pub/OpenBSD/OpenSSH/portable/openssh-5.6p1.tar.gz
-- or similar from http://www.openssh.org/portable.html#mirrors
tar zxvf openssh-5.6p1.tar.gz
cp openssh-5.6p1/contrib/redhat/openssh.spec /usr/src/redhat/SPECS/
cp openssh-5.6p1.tar.gz /usr/src/redhat/SOURCES/
cd /usr/src/redhat/SPECS
perl -i.bak -pe 's/^(%define no_(gnome|x11)_askpass)\s+0$/$1 1/' openssh.spec
rpmbuild -bb openssh.spec
cd /usr/src/redhat/RPMS/`uname -i`
rpm -Uvh openssh*rpm

commands

useradd <username> passwd <username> usermod -s /usr/libexec/openssh/sftp-server <username> echo '/usr/libexec/openssh/sftp-server' >> /etc/shells groupadd sftp-only usermod -g sftp-only <username> vim /etc/ssh/sshd_config -------------- #add sftp subsystem Subsystem sftp internal-sftp Match group sftp-only # chroot members into this directory # %u gets substituted with the user name: ChrootDirectory /home/%u X11Forwarding no AllowTcpForwarding no # Force the internal SFTP engine upon them: ForceCommand internal-sftp ------------- 

result

sftp login should be fine and look like this:

[root@test-box ~]# sftp sftp-test@localhost sftp-test@localhost's password: ****** Connected to localhost. sftp> put /tmp/touched.txt Uploading /tmp/touched.txt to /home/sftp-test/touched.txt /tmp/touched.txt         100% 0 0.0KB/s 00:00 sftp> mkdir test1 sftp> ls test1 touched.txt sftp> quit [root@test-box ~]# ls -lh /home/sftp-test/ total 20K drwxr-xr-x 2 sftp-test sftp-only 4.0K Oct 20 06:20 test1 -rw-r--r-- 1 sftp-test sftp-only 0 Oct 20 06:19 touched.txt 

While ssh login attempt should fail like this (output depends on the openssh version) :

[root@test-box ~]# ssh sftp-test@localhost sftp-test@localhost's password: ****** This service allows sftp connections only. Connection to localhost closed. [root@test-box ~]#  

Tags: linux

Tags: videos

Tags: photos

Tags: photos

Ich habe heute folgenden offenen Brief per Mail an alle 612 Bundestagsabgeordnete geschickt.

Wenn du ebenfalls dein Recht auf freie Meinungsäußerungen nutzen möchtest und unseren Volksvertretern deinen Standpunkt zum Thema Vorratsdatenspeicherung und Internetsperren darlegen möchtest hast du hier http://briefe.gegen.daten.speicherung.eu/
die Möglichkeit eine Mail automatisiert an alle Bundestagsabgeordneten zu schicken. Außerdem kannst du das erzeugte pdf File nutzen um dies auch schriftlich per Post zu tun.

Vielen Dank an den AK Daten für diesen zeitsparenden Weg der Bürger-Kommunikation.

Sehr geehrte Damen und Herren,

Ich habe mit großer Sorge die Diskussionen und Argumentationen aller Seiten
bzgl. verdachtsunabhängiger Vorratsdatenspeicherung sowie der Sperrung von
Internetseiten zur Bekämpfung der Kinderpornografie verfolgt.
Continue Reading »

Tags: politik

Tags: photos

Wenn du zu träumen wagst dann lass dich hier entführen:
(anlässlich der Inbetriebnahme des LHC)

Tags: photos

hier das album

Tags: dublin, photos

Tags: videos

… und stimmungsvoll

so long