Posts

Posted on

Sharing GNU sessions

GNU Screen have a very useful feature: sharing the same same session with multiple terminals.

Setting up a shared screen session

The following command sequence sets up a shared screen session named ‘shared’:

screen -d -m -S shared

Listing screen sessions

screen -ls
There is a screen on:
	8632.shared	(Detached)
1 Socket in /var/run/screen/S-pkb.

Attaching an existing session

screen -x shared

 

Doing the same… with different users

First the bad news : screen sharing with another account requires that the screen command be suid root. That a strong security risk so do it only if you are on a non-critical environment. When it’s done, simply start a new session as usual, then:

Enable multiuser support

Ctrl-A
:multiuser on

Add the user to join your session

Ctrl-A
:acladd foobar

Now the user foobar can join the session shared launched by the user user like this screen -x user/shared.

Posted on

[eZPublish] HostMatchMapItems

When adding a new domain name to an eZPublish website, the site.ini file must be modify to assign the domain to an existing siteaccess.

Simply add a new entry into the HostMatchMapItems array:

vi settings/override/site.ini.append.php
HostMatchMapItems[]=<domain_one><siteaccess_fr>
HostMatchMapItems[]=<domain_two><siteaccess_en>
Posted on

[eZPublish] Clear app cache

To clear eZPublish cache you can use the ezcache.php script, inside the /bin directory.

php bin/ezcache.php --clear-all

For ez4.X add the --purge option too.

To delete only a portion of the cache, use the --clear-tag option:

php bin/ezcache.php --clear-tag=template

You can list all the tags with the --list-tags option.

It’s also possible to delete the cache of a single siteaccess:

php bin/ezcache.php --clear-tag -s automobile_magazine
Posted on

[Cisco] ASA – Displaying pre-shared keys

Normally you use the show run command to browse the running configuration. When doing it pre-shared keys for VPN tunnels are displayed as asterisks. In order to view the full configuration with unencrypted passwords, use the command:

more system:running-config
Posted on

[OpenVZ] Enable iptable inside containers

To enable iptable inside containers, you must first make sure the proper modules are loaded on the host:

modprobe xt_state
modprobe xt_tcpudp
modprobe ip_conntrack

Don’t forget to add them to /etc/modules
Them inside the /etc/vz/vz.conf setting file, add the following line:

IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state"

Then restart the vz service.

Posted on

GParted Live

I’m pretty sure you already know gparted. Now you can have the power and simplicity of GParted on a biz-card size LiveCD ! Check here.

Posted on

[Exim] Block all outgoing mails except for specific domains

The common practice on preproduction environment, is to block all outgoing mails except for a given whitelist domain. To do that in exim you must modify the router section.

Edit your exim4.conf.template just after the “begin routers” line, add the following snippet:

catch_otherdomains:
        driver = redirect
        domains = !foobar.com:!example.fr
        data = :blackhole:
Posted on

[OpenVZ] vzctl enter and env variables

When doing a vzctl enter from an OpenVZ hypervisor you go inside the container but… without any environment variables :

hypervisor:~# vzctl enter container
entered into VE 101
container:/# echo $LANG

container:/# su -
container:~# echo $LANG
en_US.UTF-8

You can workaround this ‘problem’ by patching the /root/.bashrc from the container to execute a su - like this :

if [ "$LANG" = "" ]; then
    exec su -
fi
Posted on

Detach processes from terminal

GNU screen/tmux

The best solution is simply to use a terminal multiplexer, like GNU screen or tmux. Simply launch a session, tape your command and then detach it (Ctrl-a d for screen). Easy and clean 😉

setsid

Debian contains a binary called setsid in the util-linux package. setsid can be use to start a process and detach it from the current shell (basically it create a new shell for the ‘orphaned’ process).

setsid doesn’t redirect the standard files descriptors (stdin, stdout and stderr) so you loose any process output except if you make a stdout+stderr redirection to a file:

setsid <command> > /tmp/output.txt &2>1

nohup

nohup as the name implies, makes your command ignore SIGHUP signal. Also by default nohup redirects the standard output and error to the file nohup.out, so the program won’t fail for writing to standard output when the shell is closed. Note that nohup doesn’t remove the process from the shell’s job control and also doesn’t put it in the background. Usage:

nohup <command> > /tmp/output.txt &

disown

Last option (and the more interesting) is the built-in bash command disown. disown removes the process from the shell’s job control, but still leaves it connected to the terminal. The results is that the shell won’t send it a SIGHUP when closed, but in the meantime you still get the output. The advantage is you can disown a already running program.

Simply suspend the program using Ctrl-z then use bg to put it in background. Then detach it:

disown %n

where n is the job number (use the command job to get it).