Dec 05
Recently we had to install openssl but for the 32-bit platform. This is how I did it.
wget http://www.openssl.org/source/openssl-0.9.8x.tar.gz tar zxvf openssl-0.9.8x.tar.gz setarch i386 ./config -m32 shared make clean; make install
In general though for anything that you need to build the following command will work:
./configure && make && sudo make install
Nov 19
How do you change the attributes at the node level. I just went through this recently with some Scala servers that required Oracle Java 7. The defaults for the Java cookbook at the marketplace: https://supermarket.getchef.com/cookbooks/java#readme are openJDK 6. To replace them you need to:
knife node edit <NODE_NAME>
In the editor that pops up add the java section under normal. In the precidence order normal will overwrite the attributes in the java file.
{
"name": "AWSSERVER-UE1T",
"chef_environment": "TEST",
"normal": {
"java": {
"install_flavor": "oracle",
"jdk_version": "7",
"oracle": {
"accept_oracle_download_terms": true
}
},
"set_fqdn": "AWSSERVER-UE1T.aws.test.local",
"agency": "VIV",
"tags": [
]
},
"run_list": [
"role[linux_base]",
"recipe[ubuntu_xfce_rdp]",
"recipe[scala]"
]
}
Now with that said after running chef-client locally on the server it didn’t pickup the changes. But you will see the change in the json attributes on the chef server.
Amazon has a good atricle on overriding attributes here: http://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook-json-override.html
Oct 31
One of the best records I ever owned. I nearly wore it out as a kid. Finally a girlfriend took it from me when I was in college damn it! But fun stories even now.
Oct 24
Found an interesting short that tries to bring a bunch of conspiracy theory’s together and … Well you be the judge.
Oct 22
First create a key:
gpg --gen-key
For generation I use the default of RSA and RSA, and I use 4096 bits, and i usually let the keys live for 1y.
Create a Revocation Certificate so you can Revoke you key on a keyserver
gpg --gen-revoke --armor --output=GPGRevocationCertificate.asc your@email.address
Create your ASCII public key so other people can encrypt to you.
gpg --armor --output pubkey.txt --export 'Your Name'
Post it to a key server
gpg --send-keys 'Your Name' --keyserver http://pgp..mit.edu
To encrypt you need to add your self as a recipiant.
gpg --encrypt --recipient 'Your Name' secret.txt
To decrypt a file.
gpg --output secret.txt --decrypt secret.txt.gpg
If you want to add a user to your keyring.
gpg --import key.asc
Oct 21
For Red Hat systems the command is
service nscd restart
For Debian systems its
/etc/init.d/nscd restart
Jun 27
Putty can’t remember the last IP address you used. It can’t remember anything. the buffer is horrendously low. adding a ssh key should be straight forward. remembering your fucking login ID should be straight forward. remembering the fucking keys! Even the location of the keys? changing the color scheme should be easy, and able to handle it on the fly. Tabs, for Christ’s sake fucking tabs. Copy and Paste shouldn’t fill up the fucking history! If you copy don’t paste it!!!!!!!!!!!!!!! Oh you have to convert pem keys to a native format.
After that little rant I’ve found a replacement, and it does everything that putty can’t – mobaXterm: http://mobaxterm.mobatek.net/download.html
Jun 19
Oh the humanity! Configuring chrooted sftp always seems like a chore when you combine it with an out side authentication like winbind or pbis (Power Broker Identity Services).
So configuring /etc/ssh/sshd_config is straight forward. All you need to change is:
http://en.wikibooks.org/wiki/OpenSSH/Cookbook/SFTP
But I kept seeing errors in /var/log/secure that said denied access because they are not in the ‘require membership of’ list and [lsass-pam] [module:pam_lsass]pam_sm_authenticate error [login:domain.local\user][error code:40158]
Finally figured out that you can adjust this so that they are allowed performing the following commands (need to be root or have sudo access):
/opt/pbis/bin/config --list
/opt/pbis/bin/config --details RequireMembershipOf
/opt/pbis/bin/config RequireMembershipOf "domain.local\\account1" "domain.local\\user2"Just don’t change something major like
sudo /opt/pbis/bin/config AssumeDefaultDomain trueThat will just lock you out.
May 30
Update Aug 25th 2015 –
Looks like James Gladman has released the full HD version of the movie on Vimeo. I’d recommend that you go view his instead of the one below: https://vimeo.com/133170463
———————————————————————————————————————————————————-
What’s interesting is that the director and writer (James Allen Higgins) of this film appears to have been poisoned to death. It was discussed on Coast to Coast Mar, 2nd 2014 in the first hour of the show. 20:50 is where the speaker starts talking about him.
Just press play, it will start
Addendum from http://www.godlikeproductions.com/forum1/message2599060/pg18 posted 10/5/2014
This video will be out on the usual VOD outlets in the next (hopefully) couple of months. The filmmaker died under mysterious circumstances. The person who took care of the filmmaker in his last months of life also funded a great deal of the film, paid for the filmmaker’s end-of-life expenses, his autopsy and blood work, which determined he had 10 to 50 times the ‘maximum acceptable’ amount of 12 heavy metals and raidioisotopes. He is making sure that the film gets out to the major public for two reasons: To ensure the film is seen by a wider audience than ‘the already converted’, and to hopefully recoup some of the $12,000.00 he spent on the filmmaker’s funeral expenses, autopsy, etc. as well as the expenses of being executor of his estate. He is also adding additional material for the film regarding the filmmaker.
Please be patient, the process of distributing a film is time-consuming and requires a lot of legal process for clearance, production. You won’t be disappointed!
It would be much easier to ‘make it free on youtube’, but this is not what the filmmaker wanted. He wanted it to have a higher profile. Not for money, to be sure. He wanted it to be as high-profile as possible in order to awaken as many people to these ideas.
————————————————————————————
Here is the toxicology report: http://www.paradigmresearchgroup.org/graphics/AllenToxicologyReport.pdf
————————————————————————————
Another interesting film http://youtu.be/pD9r8o1Tjwk
————————————————————————————
May 16
In an attempt to determine the feasibility of creating an FTP server that is FUSe backed using S3 amazon storage I ran into issues of package dependence. This is the list of packages I had to install:
sudo yum install curl-devel automake fuse fuse-devel libcurl-devel gcc-c++ openssl-devel libxml2-devel gccAfter that the readme at https://github.com/s3fs-fuse/s3fs-fuse got me throught the rest.
Also the Wiki page is at:
http://code.google.com/p/s3fs/wiki/FuseOverAmazon
A word of caution, it’s slow, and if you have a S3 directory or bucket your mounting to that has hundreds to thousands of files it’s even worse because it tries to retrieve that list and it takes patience. For FTP it’s not something I’d recommend.
Peak Oil
Recent Comments