Older blog entries for skvidal (starting at number 412)

like chkconfig –list

reminder to me so I can find this later

for i in /lib/systemd/system/*.service; do svc=`basename $i`; stat=`systemctl is-enabled $svc`; echo -en “$svc\t\t$stat\n”; done

 


Syndicated 2011-11-04 21:25:42 from journal/notes

transition to f16 and other items

I spent a good bit of yesterday getting my system transitioned from f14ish/f15ish/mumble to f16rc4 from the xfce live install.

It took a while to get everything set up how I’m used to. I made the transition to claws from evo b/c I didn’t want to pull in the world with evo deps. I also transitioned some other tools around. One thing in particular though I kept was rhythmbox – I have a bunch of play lists in it and I didn’t feel like moving all those over to quodlibet.

However, rhythmbox has dropped rhythmbox-client for one reason or another and I use that quite a lot for the keys on my keyboard (fn-arrowkeys) which allow me to playpause/next/prev/stop whenever I need to. Trying to figure out how to fix that I ended up having to write this:

http://skvidal.fedorapeople.org/misc/rhythmbox-client

Not the most beautiful but it gets the job done. I tried introspecting the rhythmbox shell dbus interface but I couldn’t find a way to make music play/pause or anything so I gave up and when with the mpris one. It all felt a little silly.

anyway – you can bind those keys in the keyboard settings configuration in XFCE to that script with –next/–previous/–playpause

If there was another, simpler, way to do that google could not find it for me.


Syndicated 2011-11-03 16:46:59 from journal/notes

on pto – but about yum

I’m on PTO this week to get some downtime but I got to read the discussion about yum from the ticket I opened for fesco.

A few  things that seem to be widely misunderstood:

1. rpm does not have a depsolver. You can pass rpm a set of pkgs/hdrs and it can tell you if they are a complete transaction, if they have missing deps or if they conflict. It can’t tell you how to solve the problem – just that there IS a problem. rpm doesn’t know anything about repositories or configurations, plugins, etc. That’s ALL in the depsolver/package manager above rpm. In this case in yum.

2. librpm peforms the actual transaction. Yum mediates the transaction – it provides rpm with where the rpm pkgs are and provides a callback to tell the user what is going on. Yum also tries to track what is going on so that if something goes off the rails yum can try and recover.

3. When yum started out – it used rpm for everything. Yum was just a mechanism of indexing pkgs. It would take pkg headers, chuck them into a transaction set and ask rpm ‘tell us what is missing and we’ll find it’. That ate memory like there was no tomorrow and would not scale with many thousands of packages. I doubt yum 1.0 and 2.0 would be able to run, at all, with a modern number of pkgs like fedora currently has.

4. Yum was moved away from that partially by James Antill, Jeremy Katz, Paul Nasrat, Menno Smits, Tim Lauridisen, Florian Festi, Panu Matilenen and me.  The move away consisted of traversing the set of pkgs intended for the transaction (and their deps/provs) in yum itself and figuring out what deps were missing that way, rather than building up an rpm transaction set and asking rpm what was missing. Florian Festi and James Antill did an enormous amount of that work. It resulted in a speed up and gave yum more control over the depsolving process than was available before. Rpm was always used as a back-check at the end, though to confirm consistency.

5. For a very, very long time yum needed to use rpm-python for A LOT of things. From verchecking to just accessing the rpmdb. In recent time this dependence has been reduced. It has allowed faster access and simpler access (especially to the rpmdb).

6.  Every depsolver in the rpm-universe makes subtly different choices and therefore has potentially different results. Depsolvers deal with errors and issues in different ways. A lot of the behaviors people think of as yum-specific are adopted, originally, from the choices anaconda (and up2date) made in the Red Hat Linux days. (shortest-name-wins is an example of this). Yum made those choices as to remain consistent. Consistency in package dependency resolution is more important than other kinds of precision.   One of the reasons anaconda and other tools moved to using yum for their dependency resolution was specifically so we could have consistency across the board both at install-time and post-install. Consistency matters b/c at the end of the day the depsolver is impacting the files on a running system. The user/admin needs to be able to know that an action will return the same results on multiple systems – and that doing a transaction of pkgs post-install will result in the same thing as adding the pkgs in a kickstart %packages section.


Syndicated 2011-09-20 15:52:56 from journal/notes

2step auth for your gmail accounts

Been seeing a lot of random spam from known people on gmail accounts recently. People whose accounts got phished or brute-force-cracked or what-not.

I’d like to suggest folks using gmail look HARD at using this:

http://www.google.com/support/accounts/bin/static.py?page=guide.cs&guide=1056283&topic=1056284

it’s easy to setup and once you have it in place you’ve just made things much, much harder for folks to abuse. Not impossible, you’re not completely safe. But you are in a better position than you were before.

(caveat please don’t blame me b/c the guy in this video desperately needs to shave, it drove me nuts, too)

 


Syndicated 2011-06-08 17:15:03 from journal/notes

shutdown vm but enabled to autostart on boot

Having recently been bitten by this in an ugly way I hacked up this quick func script to check for this sort of nonsense. I could do it more trivially but I need some minion-side changes to make it easier:

http://skvidal.fedorapeople.org/misc/auto-enabled-but-shutdown.py

run this on your hosts, It will only hit hosts which have virtd/xen active on the system and then it will query them for the hosts. It will report if a vm is shutdown currently but is set to autostart on boot. If none are that way then it will output nothing.

I’ve pushed the minion-side changes out to upstream func and I’ll test out a new version of this which does it the opposite way, too: running, but not set to autostart on boot.


Syndicated 2011-06-01 17:01:44 from journal/notes

collecting connection data

Let’s say I want to collect the following info on a set of servers locally to the system:

- any tcp or udp connection (in or out) and the source and dest ports – but only to or from a specific set of hosts.

- uniqued so I don’t have more than one copy of any connection

what would be the least invasive way to do that? I thought of something like tcpdump – but that seems expensive. I also thought about trying to do something like it with iptables logging – but I’m not sure how much control I can get from the output of the logs.

thoughts?


Syndicated 2011-05-19 20:47:55 from journal/notes

canary?

or is it a canard?

or is it maybe a red fish?

so hard to tell these days.

just ignore this.


Syndicated 2011-05-04 18:20:28 from journal/notes

earliest installed pkg time.

Recording this for posterity – in case I forget.

date +%F --date=@`rpm -qa --qf '%{installtime}\n' | sort -nr | tail -1`

Syndicated 2011-04-29 21:19:45 from journal/notes

return list of files not owned by any package

I’m sure you’ve done this before. You add a file onto a system outside of any package and maybe outside of your config mgmt system and then you forget about it and when things go sideways you can’t find it and things get $bad.

Right, so this is a first version of a simple script to report the files which are on the system which are not owned by a package:

http://skvidal.fedorapeople.org/misc/return_unowned_files.py

run it like:

return_unowned_files.py /etc /usr

and it will return the files in those dirs that are not owned by a package.

A couple of things it does – it ignores ~ and .bak files it also ignores .pp files (b/c those are selinux policy compilations) and it will skip over symlinks.

Give it a try – you might be shocked as to how much crap there is in /etc, I know I was. :)

I’ll have another version before long that combines this with looking into puppet manifests to see if the file is controlled by puppet.

 


Syndicated 2011-04-14 16:22:56 from journal/notes

ad block plus – plug

I recently had my extensions crash in chromium and I visited some websites I commonly go to for the first time without adblock plus enabled.

I hadn’t realized how ugly the internet is these days.

Ad block plus makes the internet significantly less ugly.

I restarted my browser and then sent the guy who maintains it some cash for his work in making the internet less god-awful ugly.

http://adblockplus.org/en/

seriously.

 


Syndicated 2011-04-08 16:03:10 from journal/notes

403 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!