Skip to content

Sharing uid to cope with inconsistent user and group names

One day you set up some service, for instance like this spam slayer setup. Later arises the situation when the distribution package use user account named X (for instance debian-spamd)  while you set up things to use another one (for instance Debian-exim).

The easiest fix is to give them a common uid:

usermod –non-unique –uid 101 debian-spamd

(101 being user id of Debian-exim account).

Obviously it could be best to review the setup to really use two separates accounts. But it’s up to you to decide whether it’s changing it.

You may also add –gid too.

Removing invalid/incomplete multibyte or wide character in filenames

Getting an old backup, from an ante-UTF-8 era, I found out many files had filenames with some characters unreadable, or partly readable depending on the software.

I tried my urlize script first but unac (that it depends on) failed with:

unac_string: Invalid or incomplete multibyte or wide character

The easiest way to get rid of these is simply use iconv, for instance doing in a directory with such files:

for file in *; do mv "$file" "`echo "$file" | iconv -f utf8 -c -t ascii//IGNORE`"; done

Getting rid of the ever growing /var/lib/mysql/ibdata1 by getting rid of InnoDB itself

On your MySQL server, what’s is the size of /var/lib/mysql/ibdata1 ? Even if you completely drop all your databases, it won’t shrink. It surely fits a purpose: MySQL people wrote that “the fact that InnoDB tablespaces can only grow and never shrink is docummented design decision”. But the notion of a file (ibdata1 – InnoDB tablespaces) that can only grow even if you remove permanently all of your data is odd nonetheless.

The solution is not to use InnoDB. Here’s a fast way to get rid of all of it:

First we switch to MariaDB (project under the umbrella of MySQL founder Michael Widenius):

apt-get install mariadb-server mariadb-client

We make a dump of every database we want to keep:

cd /var/lib/mysql

mysqlshow # list databases
mysqldump database1 > database1.dump
mysqldump database2 > database2.dump

We add a configuration snippet to switch off innodb:

echo '[mysqld]
ignore-builtin-innodb
default-storage-engine = myisam' > /etc/mysql/conf.d/noinnodb.cnf

We restart the SQL server:

invoke-rc.d mysql restart
mysql -e "SHOW ENGINES" # should no longer show InnoDB

We remove databases with InnoDB tablespaces:

mysql -e "DROP DATABASE database1"
mysql -e "DROP DATABASE database2"

We recreate them with the dumps:

mysql -e "CREATE DATABASE database1"
mysql -e "CREATE DATABASE database2"
mysql database1 < database1.dump
mysql database2 < database2.dump

We remove the now useless InnoDB crap:

rm -f ib_logfile* ibdata1

And if everything is fine, we also remove the SQL dumps:

rm -f *.dump

Scanning and creating small PDFs using sane and ghostscript

I tend to try to avoid paper printouts. I have enough backups so scanned archives are enough. I made a few test on the best way to produce small PDF on the command line. I found the following bash functions to be the most effective:

function scan2pdf {
  cd ~/tmprm/scan
  FILE=$1
  [ "$FILE" == "" ] && read FILE
  [ -e "$FILE".pdf ] && return
  # scan A4 gray
  scanimage -l 0 -t 0 -x 215 -y 297 --mode Gray --resolution=300 > "$FILE".pnm
  # convert to ps because gs needs this import format
  pnmtops -dpi 300 "$FILE".pnm > "$FILE".ps
  # convert to PDF with decent /ebook quality setting
  gs -sDEVICE=pdfwrite -dCompatibilityLevel=1.4 -dPDFSETTINGS=/ebook -dNOPAUSE -dBATCH -sOutputFile="$FILE".pdf "$FILE".ps
  rm -f "$FILE".pnm "$FILE".ps
}

function scan2pdfs {
    cd ~/tmprm/scan
    ENDFILE=$1
    [ "$ENDFILE" == "" ] && read ENDFILE
    for i in `seq --equal-width 999`; do
	echo "(d)one?"
	read NEXT
	[ "$NEXT" == "d" ] && break
	scan2pdf "$ENDFILE"$i
    done
    gs -sDEVICE=pdfwrite -dNOPAUSE -dBATCH -sOutputFile="$ENDFILE".pdf -f "$ENDFILE"*.pdf"
    echo "OK? (CTRL-C)"
    read OK    
    rm -f $LIST
}

It can be used as follow:

scan2pdf thisfile

scan2pdf thisotherfile

scan2pdfs multiplefiles

It does all the work in ~/tmp/scan but that’s a personal convenience. With this, I get PDF that are smaller than 1MB – while other methods I tried before was producing 5/6MB files for the same content.

Update: now this is provided as general bashrc.d script. It’s included in the -utils package. Now the main command for multiple A4 pages PDF is no longer scan2pdfs but scan2pdf. Its behavior can be changed through variables SCAN2PDF_DIRECTORY (default = ~/tmprm/scan) and SCAN2PDF_DPI (default = 300).

Resetting Samba password and monitoring Wifi via a web interface

In my article Setting up a silent/low energy consumption home server (DHCP/DNS/SMB/UPnP) are featured two perl script to provide a web interface to reset Samba password and to monitor (allow or ban) connections on a wifi (hostapd).

It’s not sophisticated and I have no plans to make it so. It fits a simple purpose.

I added to my list of Debian -utils package so if you happen to use it, you should proceed as follow.

First, note somewhere the www-data MySQL password. You probably  don’t remember it. It was hardcoded. Get it typing:

grep "^my \$db_password " /srv/www/sysadmin/index.pl

Then update the package. Assuming you already got the -keyring package:

apt-get update

apt-get install stalag13-utils-websysadmin

Next, you put the www-data MySQL password in the fresh new conffile /etc/websysadminrc. It looks like:

# MySQL database password
db_password = HEREITGOES
# wifi setup
wlan = wlan1
wlan_deny = /etc/hostapd/hostapd.deny
wlan_conf = /etc/hostapd/hostapd.conf

Make sure this file is readable to and only to www-data:

chmod 600 /etc/websysadminrc

chown www-data /etc/websysadminrc

It should be working. You need to cleanup outdated files (that have been renamed since then):

rm -f /usr/local/bin/sysadmin-update.pl /etc/cron.d/sysadmin

That’s all I can think of.

If you are not doing an upgrade but an install, the package -utils-nginx provide /etc/nginx/sites-available/fcgi as sample in order to set up Perl FastCGI.

Limit noise from hard disk using RAM (tmpfs) instead

I’m using a laptop, among other things, as alarm clock (included in my -utils general debian package). The hard disk of this laptop is not getting any younger and get noisy while there’s a decent amount of RAM available.

I toyed a bit in the past with ramdisk/tmpfs (the later having the benefit not to used a real fixed size but to adjust and unused memory free) and made tests to use tmpfs for /var/log. Since then, I did not use much this so-called transient log: it cannot be seriously used on a server where you want your logs not tampered with in any way – and especially there in case of failure; it does not make laptop or workstation very silent since there is still a large amount of file access that is in ~/.

In the case of my laptop part alarm clock, many ~/.directories and ~/.files are regularly read or wrote. So I finally changed the initial transient log init script into /etc/init.d/shush-toram that reads /etc/default/shush-toram to determines which directories to put into tmpfs, for instance /var/log and /home/alarmclockuser. bviously, you don’t want to put on tmpfs in directory that would use all or more of your actual RAM. There is also a /etc/cron.daily/shush-toram job that’ll daily update the data on the hard disk (just calling the init script with reload or restart).

Once the scripts in place, you just have to do:

invoke-rc.d shush-toram start      # start it
update-rc.d shush-toram defaults   # set autostart

Yeah, that’s sysv init scripts. It’s probably not necessary that I discuss the merits of systemd. I tried it and was happy to boot faster than usual. Then I found that making init scripts with it was annoying, counterproductive for me. Then I found that my /var/log directory contained a subdirectory journal of more than 800 Mo – that can be fixed by editing some conffile obviously, but it’s not working clean out of the box. It just does not suits me. It could, and will surely, improve. Still, it’s being made mandatory here and there while it’s still counterproductive and unpolished. I’ll continue to make script for sysv -that can actually be started outside of sysv- since I’m likely to try to avoid systemd as much as possible.

The shush-toram files are included in my -utils general debian package.

Off the list – The Pied Piper of MIT

Richard Matthew Stallman is a prolific writter and thinker. Mails he send these days start with:

[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden’s example. ]]]

Freedom matter a lot of him. So that makes sense.

But as the same time, RMS is an autocrat. He was in 2003 when he wrote:

I’d like people to understand that we are not still considering the question. It is a final decision to do this.

I will give a brief explanation. We cannot continue doing that because we have no one to maintain it properly.
This is maintained seriously. Therefore we will switch to This.

That was something he was never involved with, into he never spent a dime or a second. But as it relates to GNU, he thought he had the right not only to state his mind but to override any other opinion and ultimately decide. Because he thinks he’s right and know better, he thinks he can just have private talks with some parties and decides on his own. Well, This that he promoted turned into a proprietary software a few years later: he definitely should have know even better.

More than 12 years later, he’s still the same when he writes:

For now, please do NOT install this change.

I will talk with ThisDude about this, off the list, to find out more about the situation.

He still thinks himself entitled to make things go, begin or end. He still thinks he will find out what to do solely on his own after consulting people privately.

So although he values his freedom and values freedom in general, working with him, even in a very distant way, is just a matter of subordination. He’d make a credible science-fiction character: distopian guru, the Pied Piper of MIT.

Pied_piper

Follow

Get every new post delivered to your Inbox.