Category: Linux


Many a times, one needs to keep an eye on certain aspects of a system. Be it verifying transfer of contents over to a host or scanning log files as they are written to, these tasks need constant supervision. Wouldn’t it be better if there was some automation to accomplish this? Thankfully, there is one.

Most Linux distros have an inbuilt utility known as ‘watch’ which essentially keeps running a particular command, every ‘n’ number of seconds. The watch command is very simple to use.

Recently, I was rendering a video in Openshot. To my inconvenience, the progress bar within the Openshot failed to show any visual indication. Here I quickly fired up a console & navigated to the location where my video file was to be rendered by Openshot. After this, it was simply a matter of running the mundane ‘ls -lhtr’ command using watch. The ‘ls -lhtr’ lists the files by their recent modification times & presents them in human readable size output. I used the following format;

$watch -n 5 ls -lhtr

Watch Command

Here the ‘-n 5′ option tells watch to run the command ‘ls -lhtr’ every five seconds. One can notice the increasing file size of the file which was rendered by Openshot as the command ran at five seconds interval. Thus, I was guaranteed of Openshot doing its work smoothly despite the conked progress bar in GUI.

The ‘watch’ command is regularly used by system administrators to check the output of a log file as it is written to viz. apache access log. Of-course, one can even use the ‘tail -f’ command to check the output of the log file in this scenario. Watch is a nifty tool in any administrators toolbox and its utility is limited by your imagination.

A remotely exploitable vulnerability in bash has been discovered by Stephane Chazelas. The vulnerability has the CVE identifier CVE-2014-6271 and has been given the name Shellshock by some. This affects Debian as well as other Linux distributions. The vulnerability arises from the fact that you can create environment variables with specially-crafted values before calling the Bash shell. These variables can contain code, which gets executed as soon as the shell is invoked. The name of these crafted variables does not matter, only their contents. As a result, this vulnerability is exposed in many contexts.

This issue affects all software that uses the Bash shell and parses values of environment variables. This issue is especially dangerous as there are many possible ways Bash can be called by an application. Quite often if an application executes another binary, Bash is invoked to accomplish this. Because of the pervasive use of the Bash shell, this issue is quite serious and should be treated as such.

However, there is nothing to worry about as a patch has been issued. It is recommended to install it using your system software manager.

Bash Patch

You can verify the upgrade by running the following command. You should receive “Not vulnerable”.

$env check=’Not vulnerable’ x='() { :;}; check=Vulnerable’ bash -c ‘echo $check

Read more : https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

varnish

If you have a website, it is crucial it loads up fast so users get a good experience. There is a small piece of software known ‘Varnish Cache’ which can help your side load faster by caching its content. Varnish Cache is an open source web application accelerator also known as HTTP accelerator or caching HTTP reverse proxy. Varnish Cache can dramatically improve the site performance and depending upon your system architecture can speedup your website performance by 80% or more.
Continue reading

Configure Static IP in RHEL 7

It is fairly simple to configure a static IP address in Red Hat Enterprise Linux 7.

First one needs to stop & disable the Network Manager service. We do so since we are going to manually enter our network parameters.

To stop & disable the Network Manager service issue;

#systemctl stop NetworkManager.service

#systemctl disable NetworkManager.service

Next issue the following command if you are not sure of the name of the interface you want to set the static IP for. [If you have a single network interface card(NIC) installed in your system, there would be only a single file with the NIC name in network-scripts directory & hence issuing this command is avoidable.]

#ipconfig -a

Next we need to edit manually the interface file. It is recommended you take a backup of this file first before editing.

#vi /etc/sysconfig/network-scripts/ifcfg-p2p1

Keep the default file parameters as they are & simply make the below changes.

BOOTPROTO=STATIC

ONBOOT=yes

IPADDR=192.168.1.71

NETMASK=255.255.255.0

GATEWAY=192.168.0.1

Save the file & quit Vi.

You should keep a note in your mind. Whenever you edit a network interface file, you must restart the network service for the changes to take effect. Since RHEL 7 uses ‘systemd’ to manage the services we issue the following command to restart the network service.

#systemctl restart network

(Though one can even use the old #service network restart)

Once the network service is restarted successfully, you can verify the new IP by;

$ifconfig

Like most others, if you tried installing Windows 8.1 or Windows Server 2012 R2 64Bit in Oracle Virtualbox, you must have encountered the following error.

Win_VM_Error

This error occurs when the instruction CMPXCHG16B is disabled in your CPU. It is so by default in Oracle Virtualbox. The simple solution is to enable this instruction & then you should not get the error on initializing the Windows 8.1/Windows 2012 virtual machine.

To do this on your linux system first issue the following command,

$VBoxManage list vms

The above command will list all the virtual machines present. Be sure to run this command as a normal user. You won’t see a list of vm’s if the command is executed as a root. The VboxManage command is case-sensitive, keep that in mind. So make sure you use it properly as VboxManage.

Once done, copy down the vms name. In my case “Windows”.

[shuttertux@localhost ~]$ VBoxManage list vms

“Windows” {6e60906c-d449-4142-ba17-bb0424d3da3d}

Now to enable the CMPXCHG16B CPU instruction one needs to execute,

$VBoxManage setextradata “Windows” VBoxInternal/CPUM/CMPXCHG16B 1

The value ‘1’ at the end of the command enables the desired CPU instructions. Now you can go ahead successfully and install Windows 8.1/Windows 2012 64Bit in Oracle VirtualBox.

The wikipedia explains the following on CMPXCHG16B CPU instructions:

Early AMD64 processors lacked the CMPXCHG16B instruction, which is an extension of the CMPXCHG8B instruction present on most post-80486 processors. Similar to CMPXCHG8B,CMPXCHG16B allows for atomic operations on octal words. This is useful for parallel algorithms that use compare and swap on data larger than the size of a pointer, common in lock-free and wait-free algorithms. Without CMPXCHG16B one must use workarounds, such as a critical section or alternative lock-free approaches. This also prevents 64-bit Windows from having a user-mode address space larger than 8 terabytes. The 64-bit version of Windows 8.1 requires this feature.

Follow

Get every new post delivered to your Inbox.

Join 82 other followers

%d bloggers like this: