Puppet apt module
Testing out the code plugin
class apt {
file { '/etc/cron.daily/package.list':
owner => root,
group => root,
mode => 755,
source => "puppet:///files/etc/cron.daily/package.list"
}
file { "/etc/apt/sources.list":
owner => root,
group => root,
mode => 644,
source => $lsbdistcodename ? {
"squeeze" => "puppet:///files/etc/apt/sources.list.squeeze",
default => "puppet:///files/etc/apt/sources.list.squeeze"
}
}
file { '/etc/apt/apt.conf.d/10puppet' :
ensure => present,
owner => root,
group => root,
mode => 644,
source => "puppet:///files/etc/apt/apt.conf.d/10puppet"
}
file { '/usr/local/sbin/check-updates':
owner => root,
group => root,
mode => 755,
source => "puppet:///files/usr/local/bin/check-updates"
}
exec { 'apt-update':
command => "/usr/bin/apt-get -qq update",
logoutput => false,
refreshonly => true,
subscribe => [File["/etc/apt/sources.list"]]
}
}
Mail log fu
Ever had someone go "I need you to look through the logs and get me every email address this From address sent to". Well heres how (or at least the easiest way I can think of doing it)
grep "from=<foo@example.com>" /var/log/mail.log | awk '{if ($6 != "NOQUEUE:"){print $6}}' | sed 's/\://g' | while read SEARCH; do grep "${SEARCH}" /var/log/mail.log; done | grep "to=" | awk '{print $7}' | sed -r 's/^to=<(.+)>\,$/\1/g' | uniq
Here is a step by step walkthrough of whats going on
- We grep the from address out of the mail log
- Pipe the output to awk and get the 6th column which is the mail id, if the 6th column doesn't start with NOQUEUE print the output
- The output goes to sed which removes the ":" and
- Read the output and put it into a variable and from that variable go through the mail log again
- This time filter out the "to=" line from the mail log and print out the 7th column (which is the to address)
- Use sed to filter out the to=<> line to print out the actual email addresses
- Pass it through uniq to make sure there are no dupes
Checking expiration date for an SSL cert
Here is you how you check whether an SSL cert is valid and hasn't yet expired
1. Retrieve the certificate.
$ echo "" | openssl s_client -connect server:443 > certificate
2. Check the expiration date of the certificate.
$ openssl x509 -in certificate -noout -enddate
Or you can use ssl-cert-check or check-expire
Changing permissions for all directories in folder
Ever run into a situation where you have a mixture of both files and folders in a directory and you only need to change the permission of the folder? Naturally the first thing that comes to mind is to do something like this
find . -type d -print | xargs chmod 755
But what happens if your folders have spaces? Using find that way will not escape the spaces instead the solution to this is to use find but in a slightly different manner
find . -type d -print0 | xargs -0 chmod 755
The -print0 tells find to terminate with zero so that whitespaces are recognized and the same goes for xargs as well.
Taken from Shell-fu
This is taken from shell-fu.org still a pretty handy one liner though
aptitude search ~c | awk '{ print $2 }' | xargs aptitude -y purge
This will delete any packages that are not installed anymore which still has configuration files on the box
deborphan and for loops
deborphan is a package in debian that list orphaned libraries in debian. Handy for removing libraries that is no longer needed on a server. The problem with deborphan is that it only lists packages that are orphaned but doesnt remove them, so I do this:
for i in `deborphan`; do sudo aptitude remove $i; done
I love BASH 