Marius van Witzenburg "Learned my lesson in life, now setting my action to stay in life."

7Jul/100

How to batch rename files and use the file its own name content with Bash

In my example the files had the right content in their name only the position was wrong.

The original files their name were:

The file title - vendor_1.mp3
The file title - vendor_4.mp3
The file title - vendor_22.mp3
The file title - vendor_39.mp3

But afterwards I found this is a difficult way of searching on a vender. Which I do the most.
So, I decided to make a simple rename script to move the vendor to the beginning of the file name and the title to the end of the filename.

This would give the following filenames as result:

vendor_1 - The file title.mp3
vendor_4 - The file title.mp3
vendor_22 - The file title.mp3
vendor_39 - The file title.mp3

I hope you find this useful or that you can modify it for your own use. You can see the tiny script I used below.

#!/usr/local/bin/bash
 
root="/my/files/location"
 
find $root -type f | while read file
do
    filename=${file##*/}
    piece1=${filename%% - *}
    piece2=${filename##* - }
    extension=${filename##*.}
    newfile="${piece2%%.$extension} - ${piece1}.$extension"
    mv "${file}" "${root}/${newfile}"
done
Tagged as: , , , , , , , No Comments
2Jul/100

How to setup a GEOM Raid mirror on FreeBSD with gmirror

To setup GEOM Raid you first have to prepare the master disk with gmirror. To do this you first have to label the disk with gmirror and load gmirror it self.

sysctl kern.geom.debugflags=17
gmirror label -vb round-robin gm0 /dev/ad4
gmirror load

Since we want our Raid mirror to remain active after a reboot we have to add gmirror to the loader.conf in /boot.

echo 'geom_mirror_load="YES"' >> /boot/loader.conf

After that you should replace the devices in /etc/fstab with the new geom mirror device. I used sed to easy replace it, some people prefer to replace it by hand.

sed -i .orig -e 's|/dev/ad4|/dev/mirror/gm0|' /etc/fstab
shutdown -r now

Now our mirror is prepared we can add more disks to the array so we will get our actual mirror.

gmirror insert gm0 /dev/ad6
gmirror insert gm0 /dev/ad8
gmirror status

In case you want to disable write cache to be sure everything gets written directly you should add the following to /boot/loader.conf:

hw.ata.wc=0
Tagged as: , , , , No Comments
30Jun/100

How to clear bash shell history when you log out of the command-line

On some machines I prefer to not leave a log of everything I typed on the command-line. So, I remove the logs and clear the history.
To accomplish this you have to add the lines below to ~/.bash_logout:

history -c
rm -f ~/.bash_history
rm -f ~/.history

Filed under: Development, FreeBSD No Comments
21Jun/100

How to create a self-signed SSL Certificate for Apache

The following is an extremely simplified view of how SSL is implemented and what part the certificate plays in the entire process.

Normal web traffic is sent unencrypted over the Internet. That is, anyone with access to the right tools can snoop all of that traffic. Obviously, this can lead to problems, especially where security and privacy is necessary, such as in credit card data and bank transactions. The Secure Socket Layer is used to encrypt the data stream between the web server and the web client (the browser).

SSL makes use of what is known as asymmetric cryptography, commonly referred to as public key cryptography (PKI). With public key cryptography, two keys are created, one public, one private. Anything encrypted with either key can only be decrypted with its corresponding key. Thus if a message or data stream were encrypted with the server's private key, it can be decrypted only using its corresponding public key, ensuring that the data only could have come from the server.

If SSL utilizes public key cryptography to encrypt the data stream traveling over the Internet, why is a certificate necessary? The technical answer to that question is that a certificate is not really necessary - the data is secure and cannot easily be decrypted by a third party. However, certificates do serve a crucial role in the communication process. The certificate, signed by a trusted Certificate Authority (CA), ensures that the certificate holder is really who he claims to be. Without a trusted signed certificate, your data may be encrypted, however, the party you are communicating with may not be whom you think. Without certificates, impersonation attacks would be much more common.

Step 1: Generate a Private Key

The openssl toolkit is used to generate an RSA Private Key and CSR (Certificate Signing Request). It can also be used to generate self-signed certificates which can be used for testing purposes or internal usage.

The first step is to create your RSA Private Key. This key is a 1024 bit RSA key which is encrypted using Triple-DES and stored in a PEM format so that it is readable as ASCII text.

Command:

openssl genrsa -des3 -out server.key 1024

Output:

Generating RSA private key, 1024 bit long modulus
.........................................................++++++
........++++++
e is 65537 (0x10001)
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:

Step 2: Generate a CSR (Certificate Signing Request)

Once the private key is generated a Certificate Signing Request can be generated. The CSR is then used in one of two ways. Ideally, the CSR will be sent to a Certificate Authority, such as Thawte or Verisign who will verify the identity of the requestor and issue a signed certificate. The second option is to self-sign the CSR, which will be demonstrated in the next section.

During the generation of the CSR, you will be prompted for several pieces of information. These are the X.509 attributes of the certificate. One of the prompts will be for “Common Name (e.g., YOUR name)”. It is important that this field be filled in with the fully qualified domain name of the server to be protected by SSL. If the website to be protected will be https://public.akadia.com, then enter public.akadia.com at this prompt. The command to generate the CSR is as follows:

Command:

openssl req -new -key server.key -out server.csr

Output:

Country Name (2 letter code) [GB]:CH
State or Province Name (full name) [Berkshire]:Bern
Locality Name (eg, city) [Newbury]:Oberdiessbach
Organization Name (eg, company) [My Company Ltd]:Akadia AG
Organizational Unit Name (eg, section) []:Information Technology
Common Name (eg, your name or your server's hostname) []:public.akadia.com
Email Address []:martin dot zahn at akadia dot ch
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Step 3: Remove Passphrase from Key

One unfortunate side-effect of the pass-phrased private key is that Apache will ask for the pass-phrase each time the web server is started. Obviously this is not necessarily convenient as someone will not always be around to type in the pass-phrase, such as after a reboot or crash. mod_ssl includes the ability to use an external program in place of the built-in pass-phrase dialog, however, this is not necessarily the most secure option either. It is possible to remove the Triple-DES encryption from the key, thereby no longer needing to type in a pass-phrase. If the private key is no longer encrypted, it is critical that this file only be readable by the root user! If your system is ever compromised and a third party obtains your unencrypted private key, the corresponding certificate will need to be revoked. With that being said, use the following command to remove the pass-phrase from the key:

Command:

cp server.key server.key.org
openssl rsa -in server.key.org -out server.key

The newly created server.key file has no more passphrase in it.

Output:

-rw-r--r-- 1 root root 745 Jun 29 12:19 server.csr
-rw-r--r-- 1 root root 891 Jun 29 13:22 server.key
-rw-r--r-- 1 root root 963 Jun 29 13:22 server.key.org

Step 4: Generating a Self-Signed Certificate

At this point you will need to generate a self-signed certificate because you either don't plan on having your certificate signed by a CA, or you wish to test your new SSL implementation while the CA is signing your certificate. This temporary certificate will generate an error in the client browser to the effect that the signing certificate authority is unknown and not trusted.

To generate a temporary certificate which is good for 365 days, issue the following command:

Command:

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Output:

Signature ok
subject=/C=CH/ST=Bern/L=Oberdiessbach/O=Akadia AG/OU=Information
Technology/CN=public.akadia.com/Email=martin dot zahn at akadia dot ch
Getting Private key

Step 5: Installing the Private Key and Certificate

When Apache with mod_ssl is installed, it creates several directories in the Apache config directory. The location of this directory will differ depending on how Apache was compiled.

Config code:

cp server.crt /usr/local/apache/conf/ssl.crt
cp server.key /usr/local/apache/conf/ssl.key

Step 6: Configuring SSL Enabled Virtual Hosts

http-ssl.conf:

SSLEngine on
SSLCertificateFile /usr/local/apache/conf/ssl.crt/server.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/server.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog logs/ssl_request_log \
   "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

Step 7: Restart Apache and Test

Command:

/usr/local/etc/rc.d/httpd stop
/usr/local/etc/rc.d/httpd start

I hope this helps you getting started :-)

Tagged as: , , , , , , , No Comments
13Jun/100

Manual how to install Transmission on FreeBSD as torrent client daemon

This manual is for Transmission 2.00 and higher.

Installation
Install required ports:

cd /usr/ports/net-p2p/transmission-daemon ; make install clean
# If required, install transmission-web
cd /usr/ports/www/transmission-web ; make install clean

Login to unpriv account and start transmission-daemon.

su - mariusvw

transmission-daemon

Now transmission created the default configuration kill it.

# Get current pid:
ps aux |grep transmission
# Kill it:
kill 43541

Edit the configuration to your needs:

vi .config/transmission-daemon/settings.json

You can view an example config here:

{
    "alt-speed-down": 1500,
    "alt-speed-enabled": false,
    "alt-speed-time-begin": 540,
    "alt-speed-time-day": 62,
    "alt-speed-time-enabled": true,
    "alt-speed-time-end": 1020,
    "alt-speed-up": 100,
    "bind-address-ipv4": "172.20.20.1",
    "bind-address-ipv6": "",
    "blocklist-enabled": true,
    "dht-enabled": true,
    "download-dir": "/home/mariusvw/Downloads",
    "encryption": 1,
    "incomplete-dir": "/home/mariusvw/Downloads",
    "incomplete-dir-enabled": false,
    "lazy-bitfield-enabled": true,
    "message-level": 2,
    "open-file-limit": 32,
    "peer-limit-global": 240,
    "peer-limit-per-torrent": 60,
    "peer-port": 53945,
    "peer-port-random-high": 65535,
    "peer-port-random-low": 49152,
    "peer-port-random-on-start": false,
    "peer-socket-tos": 0,
    "pex-enabled": true,
    "port-forwarding-enabled": true,
    "preallocation": 1,
    "proxy": "",
    "proxy-auth-enabled": false,
    "proxy-auth-password": "",
    "proxy-auth-username": "",
    "proxy-enabled": false,
    "proxy-port": 80,
    "proxy-type": 0,
    "ratio-limit": 2.0000,
    "ratio-limit-enabled": true,
    "rename-partial-files": true,
    "rpc-authentication-required": true,
    "rpc-bind-address": "172.20.20.1",
    "rpc-enabled": true,
    "rpc-password": "YOUR PASSWORD HERE",
    "rpc-port": 9091,
    "rpc-username": "mariusvw",
    "rpc-whitelist": "127.0.0.1,172.16.23.8,172.16.32.102",
    "rpc-whitelist-enabled": true,
    "speed-limit-down": 100,
    "speed-limit-down-enabled": false,
    "speed-limit-up": 100,
    "speed-limit-up-enabled": false,
    "trash-original-torrent-files": true,
    "umask": 18,
    "watch-dir": "/home/mariusvw/Downloads/__WATCH_DIR",
    "watch-dir-enabled": true

}

Restart the daemon:

transmission-daemon

Surfto: 


http://192.4.1.9:9091/transmission/web/

Have fun downloading! :-P

Optional and OLD scripts:
Dynamic Speed Script
Change maximum speeds on time period:

0 23 * * * /home/mariusvw/transmission-speed.sh fast > /dev/null 2>&1
0 8 * * * /home/mariusvw/transmission-speed.sh slow > /dev/null 2>&1

Create speed-change script: transmission-speed.sh

#!/bin/sh
action=$1
case $action
in
'slow')
/usr/local/bin/transmission-remote -n mariusvw:<yourpassword> -d 100 -u 10
;;
'fast')
/usr/local/bin/transmission-remote -n mariusvw:<yourpassword> -d 500 -u 50
;;
esac

Easy commands
You can use this to easily enter transmission-daemon commands without having to enter your username and password every time.

 #!/bin/sh
action=$1
if [ -n "$action" ]
then
/usr/local/bin/transmission-remote -n mariusvw:<yourpassword> $action
fi

I hope this is useful for the ones who like to work with Torrents and share easy without leaving on your desktop PC if you have a server available.

Tagged as: , , , , , , , , No Comments
8Jun/100

Upgrading Perl 5.8.x to 5.10.x on FreeBSD.

In the ports collection you can find /usr/ports/UPDATING. Here you can read how to upgrade Perl 5.8.x to the new release 5.10.x.

The description below is copied from the updating file.

Note: you might need to manually upgrade some ports after this. For example, I had to recompile APR, Apache and Subversion.

Portupgrade users:
0) Fix pkgdb.db (for safety):

	pkgdb -Ff

1) Reinstall perl with new 5.10:

	env DISABLE_CONFLICTS=1 portupgrade -o lang/perl5.10 -f perl-5.8.\*

2) Reinstall everything that depends on Perl:

	portupgrade -fr perl

Portmaster users:

	env DISABLE_CONFLICTS=1 portmaster -o lang/perl5.10 lang/perl5.8
	portmaster -r perl-

Note: If the "perl-" glob matches more than one port you will need to
specify the name of the perl directory in /var/db/pkg explicitly.

Tagged as: , , , , , , No Comments
8Apr/100

Fix write access problem for Mac OS X 10.6.x to Samba share on FreeBSD or Linux

Nothing is more irritating than not being able to copy the files you want to a share.

This problem has been bugging me since the release of Mac OS X 10.6.

The fix seems to be quite simple, I added the following to my global block in smb.conf:

1
2
3
4
5

[global]
dos charset = UTF8
unix charset = UTF8
display charset = UTF8
unix extensions = no

Now we can work without errors again. :-)

Ps. Don't forget to unmount and re-mount your share before the changes take effect.

Tagged as: , , , , , No Comments
29Mar/100

Set the local timezone on FreeBSD with a localtime file

Usually you want your timezone to be set to your local time instead of the UTC time.

In this example we set the timezone to CET since this is our timezone.

To set your timezone simply run the following two commands.

cp /usr/share/zoneinfo/CET /etc/localtime
chmod 444 /etc/localtime

You can see all available timezones in /usr/share/zoneinfo

Tagged as: , , , , , No Comments
28Mar/100

How to limit the bandwidth on Apache with mod_bw on FreeBSD

First you have to install mod_bw:

cd /usr/ports/www/mod_bw
make install

Then open your httpd.conf and locate

#LoadModule bw_module libexec/apache22/mod_bw.so

Remove the comment like this:

LoadModule bw_module libexec/apache22/mod_bw.so

Then you can add the following to your VirtualHost or global configuration to limit a directory speed, in my case I want to limit the band files where we host our demo materials width a limit of 50kb/s.

1
2
3
4
5
6
7

<directory /home/mariusvw/public_html/band>
    <ifmodule mod_bw.c>
        BandWidthModule On
        ForceBandWidthModule On
        Bandwidth all 50000
    </ifmodule>
</directory>

This is an example how you can globally limit all the traffic of your Apache installation.

1
2
3
4
5

<ifmodule mod_bw.c>
    BandWidthModule On
    ForceBandWidthModule On
    Bandwidth all 50000
</ifmodule>

For more info on this you can open the readme, which is located at:

/usr/local/share/doc/mod_bw/mod_bw.txt

Tagged as: , , , , , No Comments
28Mar/100

Use ftpsync to sync files to a ftpserver on FreeBSD

In the ports of FreeBSD I found a nice tool to sync a local directory to a remote FTP server.

First install ftpsync:

cd /usr/ports/ftp/ftpsync
make install clean

Next create a config file to configure ftpsync for synchronization:

localdir=/home/mariusvw/backups
ftpserver=rstore.mariusvw.com
ftpdir=/
ftpuser=username
ftppasswd=password

Next you have two options for syncing...

Get-sync from server:

ftpsync.pl -g cfg=financenetwerk_eu-v1.cfg

Put-sync to server:

ftpsync.pl -n cfg=financenetwerk_eu-v1.cfg

You can add the -p flag to not-prune directories on the target.

I don't use this program anymore for syncing but I can tell you, it works great if you want to easy upload a website to a live server.

Tagged as: , , , , , No Comments
Page 1 of 3123

My Love & Me

Donate

Social Links

Lifestream

Random Quote

I’m not an environmentalist. I’m an Earth Warrior.

Categories

Tags

Animal Apache Apple Backup Bash Car Celtic Dead Design Event Folk Food FreeBSD Fun Garden Guitar iPhone iTunes Joke Life Linux Mac OS X Metal Music Music Portals Nature OMNIA Pagan Pagan Folk PHP Plant Project Script Server SSH Stress Stress-ball Subversion SVN Sync Terminal USB Website Windows Work

Archives