Wednesday, July 30, 2014

My PS1 in ~/.bashrc

export PS1="\[\e[00;30m\]\u@\h:\w\\$ \[\e[0m\]"

user@hostname:directory $or#

->

root@rhel7:/lib/systemd/system# 

[lawrence@rhel7 tmp]$ 




Friday, July 25, 2014

How to enable vncserver on CentOS7/RHEL7

CentOS7/RHEL7 改用了systemd取代了SysVinit,因此我必須把這幾年已經還給天地的Linux重新拿出來研究一番,否則真的跟不上時代了!那就先從學習systemd開始吧!


Case: How can I enable vncserver at boot?

Steps:
1. Install vnc:
#yum install tigervnc*

2. 建立vnc user:
以某個user來執行vncserver之後,在user家目錄中有這個/.vnc/xstartup檔案就可以了,當然passwd也是會一起產生的。
以上與CentOS6/RHEL6無異。


3. 修改vnc config:
開啟/lib/systemd/system/vncserver@.service
修改[service]這個field如下:
[Service]
Type=forking
# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill > /dev/null 2>&1 || :'
ExecStart=/sbin/runuser -l root -c "/usr/bin/vncserver"
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill > /dev/null 2>&1 || :'
用root啟動vncserver不是一個好習慣.....


4. daemon-reload:
修改unit(service)的configuration後,必需讓systemd知道,所以我要執行 systemctl daemon-reload昭告天下。

5. 手動啟動vncserver:
systemctl start vncserver@multi-user
6. 開機啟動vncserver:
systemctl enable vncserver@multi-user

Monday, January 06, 2014

解決facility與severity在LogAnalyzer是空白的問題

最近實作中也碰到了這個問題,解決的方法如下:
http://wiki.rsyslog.com/index.php/Fix_blank_Facility_and_Severity_columns_in_loganalyzer

補充:
如何改變syslog到Rsyslog format23? 原文並沒有提到唷!這邊幫忙補充一下。

只需要一個步驟,那就是修改LogAnalyzer的config.php,把LogLineType從syslog改成syslog23如下:
$CFG['Sources']['Source2']['LogLineType'] = 'syslog23';

Wednesday, December 18, 2013

How to turn on wireless monitor mode to sniffer 802.11 wireless frame on OSX 10.9?

Install:
Step1. Install XQartz(X11) for OSX 10.6 or later (http://xquartz.macosforge.org/landing/)
Step2. Logout and login OSX by Admin account.
Step3. Install Wireshark for OSX 10.6 and later Intel 64 bit (http://www.wireshark.org/download.html)
Step4. Launch Wireshark and chose XQartz as X11 environment.
Step5. Turn on monitor mode -> http://ask.wireshark.org/questions/26270/how-to-turn-on-monitor-mode-on-mac-osx-1075

Specify channel for 2.4G or 5G radio:
Step1. sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/sbin/airport
Step2. sudo airport -z #disassociates you card from the current network
Step3. sudo airport --channel= ["channel you want to switch to"] #sets the channel the card monitors on

Tuesday, December 03, 2013

為何tail -f | grep "" >> 檔案 然後發現資料不完全? missing line?

昨天被同事問到這個問題,由於小弟智力有限一時間竟無法理解,然而今天找到答案了,原來是libc對於這種 pipe的結構不會自動去清除buffer,所以一旦buffer滿了(4KB by default)那接下來的資料就無法繼續傳給pipe之後來處理,所以就會missing line囉,解決的方法就是手動自行清除buffer如下以避免爆炸。

tail -f | grep "pattern" --line-buffered >> /tmp/log &

Monday, October 28, 2013

How does snmptrap work on Linux?

在此簡單記錄下如何設定CentOS接收snmp v2與v3的trap event.

Steps:
1. 安裝net-snmp。

2. 確定snmptrapd已經安裝於系統。

3. 匯入mibs files:
先確定mibs的目錄:
[root@localhost ~]# net-snmp-config --default-mibdirs
/root/.snmp/mibs:/usr/share/snmp/mibs
可以看到我的mibs可以放在/root/.snmp/mibs or /usr/share/snmp/mibs,在此我選擇放在/usr/share/snmp/mibs。

4. 設定snmptrapd可以接收snmp v2與v3的trap event:
開啟並編輯[root@localhost mibs]# vi /etc/snmp/snmptrapd.conf 如下:
#SNMP v2 with community as public
disableAuthorization no
authCommunity log,execute,net public
# SNMP v3 with user as admin and passphase as aaaaaaaa
createUser admin MD5 aaaaaaaa DES aaaaaaaa
authUser log,execute,net admin

5. 不以daemon的方式啟動snmptrapd:
[root@localhost mibs]# snmptrapd -m all -c /etc/snmp/snmptrapd.conf -Lo -f
NET-SNMP version 5.3.2.2
-m all -> 讀入所有的mibs files
-c -> 預設的configuration file
-Lo -> 輸出到基本output
-f -> do not fork from the shell
這邊你會看到snmp trap event會輸出至螢幕,方便debug用。

6. 以daemon的方式啟動snmptrapd:
[root@localhost mibs]# /etc/init.d/snmptrapd start
正在啟動 snmptrapd:                                        [  確定  ]
而這裡你將會看到snmp trap event會被寫入到/var/log/messages。






Friday, August 02, 2013

How to enable auth details in FreeRADIUS log?

Here to describe how to enable detail auth information and authentication requests to the log file in FreeRADIUS.

FreeRADIUS 1.x:
Open and edit /etc/raddb/radiusd.conf to set:
log_auth = yes
auth_log
detail auth_log {
                detailfile = ${radacctdir}/%{Client-IP-Address}/auth-detail-%Y%m%d
                #
                #  This MUST be 0600, otherwise anyone can read
                #  the users passwords!
                detailperm = 0600
         }


FreeRADIUS 2.x:
Open and edit /etc/raddb/radiusd.conf to set:
auth = yes
Open and edit /etc/raddb/sites-available/default to set:
auth_log