Adam SMASH!

I have Fedora Core 12 running on my laptop at home. The laptop functions as a media server for my home, and as a downloader and a cloud-facing server. It has now been up for 200 days without reboot or interruption. I like the stability of Linux. HOwever sometimes, the updates can bork your system, especially the kernel updates. I personally don’t see the point of kernel updates if you aren’t adding new hardware to your system that might require kernel support. Once you have a stable kernel, and the hardware picture isn’t going to change, I don’t see the point in updating the kernel. It could be that I’m misinformed about additions going into the kernel, but from what I’ve read this seems to be the case.

That isn’t to say however that you shouldn’t update your system. When I used Windows, I always told Windows Update to at least update the security updates, and leave out everything else. That way I was getting updates that Microsoft felt were a security risk, while keeping my other software at a level I liked. You can do the same thing in Fedora Core 12.

DISCLAIMER: There is probably a gui tool or something built into FC12 to do this, but as stated before, this is not the point of this blog, I aim to find ways in the CLI to make things happen. Also, this is not to say this is the only way to do this, just a way that I found.

To start, as I said before I don’t believe in updating the kernel unless I am adding new hardware and I know that a newer kernel has support for it. So I disabled yum from updating the kernel under any circumstances. I did that by adding this to my /etc/yum.conf:

This will prevent yum from updating anything with the word kernel in it. This can have some negative side effects, since it will prevent ANYTHING with the word ‘kernel’ from showing up in yum searches or updates etc, but overall I’ve found it not to be a big deal. You can skip this step if you feel nervous or if you love being on the newest, spankiest kernel that Fedora feels you should have.

Now that we’ve told it to leave out kernel updates (or not as the case may be), we can go about telling Fedora to launch a security update check on a nightly basis. Yum has an ability to filter out updates that are not flagged as security updates built into it, which goes like this:

This calls yum, the fedora package manager, and tells is to update anything labeled as a security update. The -y part tells it to answer yes to the “Are you sure you want to update the following items” prompt if there is one. You could just do this every once in a while (as root since yum will require root) to keep your system secure, but I want to have it happen automatically, every night, so I am as secure as I can possibly be. For this we need Cron.

Cron is sort of like Task Scheduler in Windows, but way more powerful in my opinion. In Fedora and most other Linux flavors, there are a couple of ways you can add something to the cron schedule. Since we want this to run on a daily basis, the easiest way for us to accomplish this is to create a script in the appropriate cron directory, in this case, /etc/cron.daily.

Most stuff run from these folders will be run as root, so we don’t have to worry about sudo or anything like that. So as root, run the following:

You can replace nano with any editor you like using, and name the file itself anything, I just happen to use yum-security-check so I know what this particular script is without having to open it.
inside the script we place the following:

the first line, #!/bin/bash is the interpreter line.This tells Linux to use /bin/bash to interpret everything in the script. It’s probably unnecessary, but I add it anyway for completeness. The next line says to run the above command I told you about, yum -y update –security. The /bin/mail part sends an email to me with the subject “yum security check output”. You’ll need to change “adam” to whatever user you want the mail to go to.

Now we need to set the script to executable, or it will never be able to run. Run the following as root:

Change the filename to whatever you named the script before. And you’re done. When your daily cron jobs run, which for me is 3:35am for whatever reason, your script will be kicked off and check for security updates, and then apply any that appear, then it will mail you the output from that command. Been using it for months with no problems.

A while ago I promised a writeup on the installation of SABnzbd+ on Ubuntu. Well I finally got around to it now that I am more comfortable with the software. I MUCH prefer this program to HellaNZB. It is far, FAR superior in my opinion, probably due to the fact that it is still being actively developed. It has a web interface, and automated RSS downloading of NZBs, just to name two of the features.

So let’s get started. If you have Ubuntu 9.04 or later, you can install it from the package manager if you want, but that’s an older version (0.4.9) of the program, I’m all about the latest and greatest and using aptitude is cheating!

And this one is ridiculously easy to set up! It’s just a python script. So nothing to ./configure or make install etc. You basically untar it in a directory and run it from there.

First we need to prepare for the program. It has a couple of dependencies. These we will get from Aptitude. I know I said it was cheating, it’s ok in this case. We have a greater goal here.

So to obtain the program, you need to go to http://sabnzbd.org/download. The link we want is the one for the Python Sources. Save that file someplace where you know how to get to it. I am going to grab it with wget from the CLI, because I love the CLI.

Once you’ve got it saved, we need to extract it out of the gzipped tarball. I have a directory in my home directory called ~/bin which is in my path and in which I store alot of my downloaded programs, instead of losing everything in /usr/share or something like that. It’s just a personal preference.

So I downloaded the file to ~/bin, now to extract it:

This will extract the contents of the file to a directory titles SABnzbd-0.5.0. We need to CD into that.

You can really at this point just type ./SABnzbd.py and launch the program, and for the first run I would recommend it, since it will start a browser up and run you through a quick wizard to set up the program. So let’s do that.

You’ll see some information scroll past and eventually a browser window should open and you’ll be faced with the wizard to configure SABnzbd on your machine. Go ahead and step through this process to get it all configured with your usenet server’s info etc. Oh I highly recommend the Plush theme, I didn’t like it at first, but I am a convert now, and I love it. It wouldn’t be SABnzbd in my opinion without Plush.

During the setup a hidden directory will get created in your home folder called .sabnzbd. This is where your configuration file will be saved, and should be added to any backup system you are using so in case your drive craps out you still have your config for SABnzbd.

If we want to use that config every time SABnzbd starts, we need to tell it that at launch. We will also tell it to launch as a daemon, instead of needing to launch it from the CLI everytime we want to download something. This is the command to launch it using the config file we created in the setup wizard and to make it a daemon, making it run in the background:

Obviously you will need to change adam to whatever your username is. The -d is to make it a daemon, the -f is to tell it where to look for the configuration file. If you call SABnzbd with this command line, it will return you to the command line and look like it did nothing, but SABnzbd is running in the background. If you launch http://localhost:8080/sabnzbd in your browser, you’ll see it’s going!

Now just add the following line to your Ubuntu startup programs and you’ll have this start up everytime you log into Ubuntu:

Again you will need to change adam to whatever your username is, and if you decided to extract and run the program from somewhere other that a directory called bin in your home directory, then you’ll need to substitute that. I’ll write some more later on some of the configuration options that exist in the SABnzbd config menus. For now, this should have you ready to start downloading from usenet using SABnzbd. If you have any problems or questions about SABnzbd feel free to comment or contact me on the contact page and I will do my best to answer your questions.

I was having a fit earlier this week trying to figure out why I cannot ping the other PCs in my network by their netbios names. I could ping my linux box from my Windows 7 PC, but not the other way around. So after two days of googling and trying different config options I found out what it takes.

I’m not sure if Ubuntu just cannot do this on it’s own, or if just my particular install is unable, but my ubuntu 9.04 install had no ability to ping machines by their netbios names. This is what I had to do to get that working.

First of all you need to edit the /etc/nsswitch.conf file. As far as I’ve been able to tell, this is the file that Ubuntu uses to determine the host name resolution order when trying to resolve a host name to an IP address.

The line you need to edit is the Hosts: line. Mine looked like this previously:

We need to add something there after files. What we need to add is wins.

I would recommend against adding or removing anything else in this line, it may cause youre entire system to stop functioning, no joke. I think Ubuntu might rely on this file to get the local loopback device going, which tons of stuff depends on.

Anyhow, after adding wins to that line, we are only halfway there. We need to install some additional software from the repositories.

Once you have winbind installed and the wins attribute added to the hosts line of the nsswitch.conf file, you should have no problems pinging machines on your network by their netbios host name.

protip: for an app that will list the computers on your network that are broadcasting a netbios name, also install nbtscan.

This tutorial will probably work for any distro with OpenSSH installed.

Normally, when you log into SSH on you Ubuntu PC, you’ll just see a prompt for the login and password.

But there is a way that you can get a bit of text to show after a user enters their login name.

there is a file called /etc/issue.net. Edit this file with your favorite text editor, nano, pico, whatever, and insert whatever you want to show after a user enters their username. It’s typically used as a disclaimer against people trying to gain unauthorized access. Something like “Unauthorized attempts at access are prohibited.”

The reason this method is used is because it will show even on unsuccessful logins or usernames that don’t really exist. You wouldn’t want to place the disclaimer in the motd file, since that would only show if someone actually got logged in.

So anyhow, edit the file.

You’ll need to use sudo, because the file is owned by root, and can only be written to by root. Once in nano, enter the message you want to appear on SSH login attempts and save the file.

Now you’ll need to edit the /etc/ssh/sshd_config file to tell ssh which banner file to use. It may already be set up to use issue.net, but check to make sure.

The line you are looking for is Banner /etc/issue.net. It might be commented out with a # in front, if it is, remove the #, and make sure the line appears as above.

Now to reload the config you need to restart SSH.

Subsequent attempts to log in with SSH should look like this now:

I’ll be doing a writeup for installation of SABnzbd+ in the next few days. I was looking for a Hellanzb replacement, I forget exactly why, but I found this app. Whereas hellanzb is no longer in development, and if you want a new feature, better learn python or request it in forums, SABnzbd+ is in active development and the features list is very extensive and nice. Once I get very confortable with its featureset I’ll show you how to install and move beyond Hellanzb!

Occasionally you may want to not have to type out the full path to a file or directory in your linux system or a network share. That is where links come in. Links are files that redirect to another location.

For instance, I have a 500gb external that I store music and backups etc. Well, I have a directory on there that I use alot, the FILM directory. I keep all the AVIs I’ve created from my DVDs for watching on my Media Center PC. The path is not super long, but once you understand symbolic links in Linux, you don’t have to type more than you want to.

The path to my film folder is /media/My\ Book/Video/Film but I want to be able to copy files to it easily from my home directory. So I will make a link to the directory in my home folder.

From my home folder I need to enter the following command:

ln is the command to create a link, -s will tell it to make a symbolic link. Symbolic links may point to any file or directory irrespective of the volumes on which the source and destination reside. Hard links cannot point to directories or other volumes. The next part is the path we want to link to. the last part, FILM, is the name of the link itself. This could be anything, but I made it film so it describes where I am linking to. But you could name it anything at all.

Now that I have my symbolic link in my home directory, as long as I am in my home directory, I can substitute FILM for the full path anytime I need to access it. For instance:

is now the same as

And you can copy files to the FILM symbolic link and linux will redirect them to the directory linked to.

Also instead of just directories, you can symlink files. For instance, if you wanted to be able to be able to read your system’s auth.log file without having to type out the whole path to /var/log/auth.log, you could make a symlink in your home directory like so:

This will make a symlink in the current directory called authlog pointed to /var/log/auth.log. Now all you have to do is type

in the directory containing the symlink et voila, you’re reading the auth.log file.

There are many other uses for symbolic links in linux, these are just a couple.

In windows, you can use the w32time service to automatically sync your PC’s clock to an atomic clock somewhere on the planet. Well Ubuntu linux has that capability as well. The command is ntpdate, and it comes installed in Ubuntu 9.04 by default.

As a caveat, there may be a way to do this in gnome and/or KDE, but I’m all about the commandline and learning how linux works at the lowest level, so that’s what I’m going to teach you.

As I said the command is called ntpdate. The command to sync your time is fairly simple:

That’s all there is to it. As long as your PC can get out on port 123, your pc will sync the time with an atomic clock and tell you how off it was:

This is nice and all, and our time is synced for now, but we want to work out how to make this update every day automatically, with no further input from you. For this we will need CRON.

Cron is a scheduler in linux, and ubuntu comes with vixie-cron, which from what I can tell is pretty much the standard. At any rate I think they all work mostly the same, but if you’re using Ubuntu 9.04, chances are you’ve got vixie-cron and this is exactly what you need to do.

First we want to create a script that will run this command. For most of this you’ll need to be root, or at the very least use sudo.

This will start up nano and start editing a file called timeupdate in the /etc/cron.daily/ folder. In that, we want to enter the following text:

The first line is just to tell linux which program interpreter to use. In this case we’re just using a bash command we can enter right on the bash terminal line, so /bin/bash will work. Later on if you get into writing scripts in other languages, say python for instance, you will change that line to #!/usr/bin/python. The meat of the script is almost exactly what we put on the command line to get our time updated, but now I’ve added a bit to create a log in the /var/log/ directory, so we know that this is happening. the >> part tells bash to redirect the output of a command to some other location. You could redirect it directly to a printer if you wanted, but in this case, we’re telling it to place the output in a file called /var/log/ntptime.log. the 2>&1 part tells bash to redirect error output to the same place. Otherwise cron throws away the errors, because they get output to STDERR, which is the screen. Since you won’t have access to cron’s STDERR when it’s running, we want it to log the errors too.

Ok once we save the file, we’ll need to make the script executable. In its current state it won’t execute.

This adds the X flag to the file, making it executable.

This is basically all you need to do. Now when your PC runs its cron.daily jobs (which for me is about 7:30am) it will also execute this step, updating your PC’s time every single day.

If you want to test out the script and make sure it is all working, you can simply execute the script. If you are in teh same directory as the script, type sudo ./timeupdate, if you are elsewhere in the system, call it by it’s full pathname. And then check the log that the script is supposed to make. If all is well, it will have an entry in there telling you that it corrected your PC’s time.

SIDENOTE:
You can place any script you want to run on a daily basis in the /etc/cron.daily directory and it will run with the rest of them. Pretty handy!

EDIT: Apparently I reinvented the wheel here, you can just install a daemon called ntpd and it’ll do wha tI just showed you. At any rate, it’s nice to have alternate ways to do stuff I guess. :)

If you log into your Linux box with SSH at all, you will notice that it displays a little message to you telling you some basic info about the system and the GPL if I recall. Well, if you’d like to change your MOTD to display whatever you want, this is how.

It’s pretty simple. There is a file, /etc/motd, and that is the text that is displayed as your message of the day. But you are not meant to edit this file directly. If you do, the next time your PC reboots, it’ll revert to its old MOTD. That is because Ubuntu has another file called /etc/motd.tail, THIS is the file you edit.

In a terminal type:

(You will need root for this since we’re changing a file in the /etc/ directory, so issue this command as sudo if you need to or commit a su just before)

The file will probably have some text in there, which you can leave as is, or change to your desires. The purpose if this file is to be read into the /etc/motd file by the terminal command update-motd. Once you have edited the /etc/motd.tail file, run the update-motd command and now your /etc/motd file will be updated with the contents of the /etc/motd.tail file. Pretty simple right?

Additional Tip:

If you want to have some pretty ascii-art in your MOTD, it can be done easily in two distinct ways. You can either install a program called ‘figlet’ (sudo apt-get install figlet) or you can go to this website, which is basically a souped up figlet with an HTML frontend. The website is the one I used to create my MOTD. I named my PC FooBuntu and this is how it looks in my MOTD file, every time I log into my PC with SSH:

 _______          ______
(_______)        (____  \              _
 _____ ___   ___  ____)  )_   _ ____ _| |_ _   _
|  ___) _ \ / _ \|  __  (| | | |  _ (_   _) | | |
| |  | |_| | |_| | |__)  ) |_| | | | || |_| |_| |
|_|   \___/ \___/|______/|____/|_| |_| \__)____/

With figlet you can get the same thing, but the website makes it much less hassle. Just copy and paste right into your /etc/motd.tail file and run update-motd. Et voila!

This tutorial will be written using Ubuntu 9.04 for its examples, but these tactics will work with most if not all Linux distros. You will however need to have root access to the machine you are running all of this on.

Backing up data is nothing new, and it is often overlooked. Sad really since it’s relatively easy to do in Linux. (Windows too, but we’re not discussing Windows here :) ).

You will not need to install any software to get this working in Ubuntu 9.04. Probably won’t need it for any other mainstream linux distro. We’re going to be using the tar command here, and vixie-cron, both of which come bundled with Jaunty (Ubuntu 9.04).

Alright, let’s get started. The tar command in Linux is used to store and extract files in a tarfile. Essentially it’s just a container for all of the other files. Asfar as I’ve been able to tell a tarfile is not compressed in any way. But you can force compression by passing an option to the tar command, the ‘z’ option to be precise. This causes the file to become a gzip file and uses gzip compression. Smaller filesize, more backups that fit on your backup media :)

The command to ‘tar’ a directory into a backup is as follows. I’ll give you my example tar command from my backup:

To break down the above command, the tar portion is self explanatory, we are invoking the tar command there, the -czpf is the options section. ‘c’ tells tar we are creating an archive here, as opposed to ‘x’ which would be extracting from an existing archive. ‘z’ is the option to use gzip compression. ‘p’ tells tar to preserve file permissions in the archive. And ‘f’ tells tar that we wish to store the archive to a file we will specify. /mnt/mybook/backups/homedir.tar.gz is the name of a mounted network drive on my home network where I store the backups. and the filename homedir.tar.gz, and /home/adam is the directory I am backing up.

If you run that command in your terminal right now, after changing the directories of course, it will create a permission-correct copy of your home directory where you tell it to. Something important to remember is the destination goes first, and THEN the directory or file you wish to back up.

Another example, let’s say you wanted to backup your log directory to a backup directory you created in root, /backups/.

This will create a file called varlog.tar.gz in the directory /backups/, and fill it with the contents of your /var/log directory. This is the reason you will need to run this command as root, because in a secure environment, you will not be able to access all of the files in the /var/log directory, and many other directories on your ubuntu install, because your username will lack permission to do so. This could cause your tarfile to be missing some files, making your backup fairly useless.

So, now we know HOW to make a backup, but what about scheduling it so your machine automatically backs up your files without your intervention? This is where CRON comes in. Cron in Linux was very intimidating to me as a new linux user. And I could write a whole mile-long tutorial on just CRON, but for the purposes of this tutorial, we’ll just stick to the basics.

You first want to become root, so type

and then enter your system’s root password when it asks. If you have not yet enabled your root account, here is a quick way to do so: http://www.adamsmash.com/?p=266. The reason you want to become root, is because we’re going to edit root’s cron table. Root will have no permission issues backup any directories or running any scripts, so root’s cron is where we’re going to create the cron job to call our backup.

You will now be in a root terminal. From here, type:

This will allow you to edit the root cron table. In ubuntu they do an ok job of explaining what all the *s mean, essentially there are 5 places to enter times, and then a command goes at the end. Cron looks at those times and runs the command if it matches.

The 5 asterisks correspond to 5 different time entries. First is Minute, Second is Hour, Third is Day of Month, Fourth is Month, and Fifth is Day of Week.

A Cron entry of:

Would run the command FOO every minute, of every hour, of every day, of every month, all week long for the rest of eternity :) You do not want to leave them all as stars. The * is a wildcard in Linux signifying “Everything”

A better examplee:

This cron entry would run the command every hour on the 1st minute after that hour. So 1:01, 2:01, 3:01 and so on, and it would do it every hour, every single day.

This cron entry would run the command every day at 3:01 am. (Hour is in military time, 15 would be 3pm)

So now that we got that squared, we need to pick a time for backups. Depending on when you sleep, or when your computer will not be in use, you’ll need to figure out what time to tell Cron to execute your backup.

For me, I chose midnight to do mine. I’m well asleep by then, and my PC is not doing much else, so it’s a perfect time. The cron entry to run something at midnight every single day is:

The first 0 is to tell Cron to run on the 0th minute, and the second 0 is the zeroth hour, which is 12:00. 24 also works I think, so 0 24 * * * FOO would be permissible as well.

Now you have a good foundation for scheduling backup jobs using CRON. If anything is unclear, please feel free to comment, I’ll clear it up as best I can. :)

You may have noticed when you installed Ubuntu, it never asks you to specify a root password. That’s because it generates a random one and basically disables login with the root account. Here’s how to re-enable it.

In a terminal window type:

And then enter the password you wish root to have. Et voila, your Ubuntu install now has its root account back like any other linux install.