Ping packet is traditionally created as a raw packet and formatted into ICMP ECHO REQUEST. The problem with creating a raw socket requires root privilege. It is alright if the program is running as part of the system service under root anyway. However, running as a non privilege user, the program requires extra care by configuring the setuid bit which poses security risks e.g. the program may have memory leak which can be hijacked with shellcode.
This article gives a quick introduction of setting up PowerDNS (pdns) Authoritative and Recursor servers, and also demonstrates a scenario that how we need to use both in the same host.
DNS has two type of server operations: Authoritative and Recursive. Most common use of DNS servers is authoritative. For those who don’t know the difference, here is a good introduction. Both are for different purposes, also both types of server can be operated individually and cooperatively under the same host. Read more
Grub Failsafe boot
Set the boot failsafe prompt to have some timeout instead of indefinite wait
echo 'GRUB_RECORDFAIL_TIMEOUT=5' >> /etc/default/grub update-grub
Grub RecordFail boot
In some cases, a power outage can cause the Ubuntu stuck in the GRUB menu indefinitely in the next boot which causes headless system to hang. Here is more info of the issue. To avoid that, add the following line to /etc/default/grub:
Then runs update-grub. Alternatively, runs this command and it will remove the issue in the next boot.
Don’t ask when fs needs checking
echo 'FSCKFIX=yes' >> /etc/default/rcS
Automatic Check New Release
Apport – sending bug/crash reports
Postfix – Mail transfer agent
update-rc.d postfix disable
apt-check – periodic apt check
More to come when I find out more ….
Due to the severity of shellshock bug, I have to patch some of the internal legacy systems, like FreeBSD 8.0 which there are no more updates available. The only way I can update is to download the source from GNU site and build from that. However, the main source package is only available at version 4.3.0 at the time of writing. To remove the shellshock bug, it needs at least version 4.3.25. Although all the patches are located in the bash-4.3-patches directory, not of all them were created by pointing to “../bash-4.3” directory, some with different names.
So here it is, I have created this bash source package 4.3.27 with all these patches. I built it on FreeBSD and it passed the env test.
As far as I know there is no free web service that can produce a single page of stock symbols from a stock exchange. Moreover, for webpages that produce stock symbols, all of them only output with pagination. However, the easiest webpage to extract the symbols list is the Yahoo finance. This article shows how to extract a full list of symbols with a few repeated commands.
For Yahoo Finance, each page list approximately 50 symbols and it takes 3 calls to get all the symbols of FTSE 100 stock exchange. Here are the commands:
# Return the first 49 symbols curl -s "http://uk.finance.yahoo.com/q/cp?s=%5EFTSE" | grep -o '>[A-Z]*\.L</a>' | sed -n "s/>\(.*\)<\/a>/\1/p" # Return the next 50 symbols curl -s "http://uk.finance.yahoo.com/q/cp?s=%5EFTSE&c=1" | grep -o '>[A-Z]*\.L</a>' | sed -n "s/>\(.*\)<\/a>/\1/p" # Return the final symbol (last page) curl -s "http://uk.finance.yahoo.com/q/cp?s=%5EFTSE&c=2" | grep -o '>[A-Z]*\.L</a>' | sed -n "s/>\(.*\)<\/a>/\1/p"
For Dow Jones Industrial Average, it returns 30 symbols
curl -s "http://finance.yahoo.com/q/cp?s=%5EDJI" | grep -o 'q?s=[A-Z]*">[A-Z]*' | sed -n 's/.*=.*">\([A-Z]*\)<\/a>/\1/p'
For Nasdaq Composite, it is the same as above except changing the cp query to s=%5IXIC and repeat for many pages with parameter c. Alternatively, you can use this link to download the whole list.
I have to build a Ubuntu installer ISO using the kickstart utility but I need the installer to install a particular version of kernel. Here is the link for a quick guide on setting up Ubuntu kickstart. First, I added the following line into %packages section in the installer build script to install the target kernel package, ks.cfg: Read more
Suppose you need to bridge another network interface under your VM to a specific physical network port. First, you need to create a vmnet port and bind with that specific port. Here are the commands:
vmnet-bridge -n 2 -i eth1 -d /var/run/vmnet-bridge-2.pid -1vmnet2 mknod /dev/vmnet2 c 119 4 vmnet-netifup -d /var/run/vmnet-netifup-vmnet2.pid /dev/vmnet2 vmnet2 ifconfig vmnet2 up
In Mac, both Preview and Grab can take screenshots but Grab can also capture the mouse pointer. If you want different mouse cursor look, then you have to select your desired pointer type in
Grab -> Preferences. Read more
Something to remind myself
make -DBATCH install clean
I need to use CutyCapt to run with https url on server side. However, it doesn’t support https url. A patch for bypassing the SSL certificate confirmation has been submitted on this page (and other additional features). However that change has never been pulled to the main release. So I tried to apply the patch to the source, the patch process didn’t work and the build failed. Read more