sudo -s » sys admin

Puppet apt module

limed — Sun, 31 Jul 2011 19:30:30 +0000

Testing out the code plugin

class apt {

    file { '/etc/cron.daily/package.list':
        owner   => root,
        group   => root,
        mode    => 755,
        source  => "puppet:///files/etc/cron.daily/package.list"
    }

    file { "/etc/apt/sources.list":
        owner   => root,
        group   => root,
        mode    => 644,
        source  => $lsbdistcodename ? {
            "squeeze"   => "puppet:///files/etc/apt/sources.list.squeeze",
            default     => "puppet:///files/etc/apt/sources.list.squeeze"
        }
    }

    file { '/etc/apt/apt.conf.d/10puppet' :
        ensure  => present,
        owner   => root,
        group   => root,
        mode    => 644,
        source  => "puppet:///files/etc/apt/apt.conf.d/10puppet"
    }

    file { '/usr/local/sbin/check-updates':
        owner   => root,
        group   => root,
        mode    => 755,
        source  => "puppet:///files/usr/local/bin/check-updates"
    }

    exec { 'apt-update':
        command     => "/usr/bin/apt-get -qq update",
        logoutput   => false,
        refreshonly => true,
        subscribe   => [File["/etc/apt/sources.list"]]
    }

}

Mail log fu

limed — Thu, 09 Jul 2009 22:49:25 +0000

Ever had someone go "I need you to look through the logs and get me every email address this From address sent to". Well heres how (or at least the easiest way I can think of doing it)

grep "from=" /var/log/mail.log | awk '{if ($6 != "NOQUEUE:"){print $6}}' | sed 's/\://g' | while read SEARCH; do grep "${SEARCH}" /var/log/mail.log; done | grep "to=" | awk '{print $7}' | sed -r 's/^to=<(.+)>\,$/\1/g' | uniq

Here is a step by step walkthrough of whats going on

We grep the from address out of the mail log
Pipe the output to awk and get the 6th column which is the mail id, if the 6th column doesn't start with NOQUEUE print the output
The output goes to sed which removes the ":" and
Read the output and put it into a variable and from that variable go through the mail log again
This time filter out the "to=" line from the mail log and print out the 7th column (which is the to address)
Use sed to filter out the to=<> line to print out the actual email addresses
Pass it through uniq to make sure there are no dupes

Checking expiration date for an SSL cert

limed — Tue, 30 Dec 2008 01:17:15 +0000

Here is you how you check whether an SSL cert is valid and hasn't yet expired

1. Retrieve the certificate.

$ echo "" | openssl s_client -connect server:443 > certificate

2. Check the expiration date of the certificate.

$ openssl x509 -in certificate -noout -enddate

Or you can use ssl-cert-check or check-expire

Changing permissions for all directories in folder

limed — Sun, 07 Dec 2008 06:57:22 +0000

Ever run into a situation where you have a mixture of both files and folders in a directory and you only need to change the permission of the folder? Naturally the first thing that comes to mind is to do something like this

find . -type d -print | xargs chmod 755

But what happens if your folders have spaces? Using find that way will not escape the spaces instead the solution to this is to use find but in a slightly different manner

find . -type d -print0 | xargs -0 chmod 755

The -print0 tells find to terminate with zero so that whitespaces are recognized and the same goes for xargs as well.

Taken from Shell-fu

limed — Tue, 02 Dec 2008 22:20:59 +0000

This is taken from shell-fu.org still a pretty handy one liner though

aptitude search ~c | awk '{ print $2 }' | xargs aptitude -y purge

This will delete any packages that are not installed anymore which still has configuration files on the box

deborphan and for loops

limed — Tue, 02 Dec 2008 18:29:59 +0000

deborphan is a package in debian that list orphaned libraries in debian. Handy for removing libraries that is no longer needed on a server. The problem with deborphan is that it only lists packages that are orphaned but doesnt remove them, so I do this:

 for i in `deborphan`; do sudo aptitude remove $i; done

I love BASH