ihashacks

i dunno

Openldap Monitor With Cn=config

I needed to configure OpenLDAP running on Ubuntu 12.04 in such a way that query statistics could be monitored in Cacti. The documentation for OpenLDAP is usually quite thorough and can sometimes be overwhelming for newcomers. As it relates to the monitor module however, the documentation is actually non-existent (or at least isn’t readily available in that particular part of the documentation). Based on the pain felt in this thread and the lack of straight-forward documentation on this specific topic elsewhere, here we go:

Required LDIF

Add them to LDAP

1
2
# ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f add_monitor.ldif
# ldapadd -Q -Y EXTERNAL -H ldapi:/// -f configure_monitor.ldif

Test it

1
2
$ perl openldap_operations.pl -h ldap01 -D 'uid=cacti,ou=People,dc=foo,dc=bar,dc=com' -W 'foo'
bind-initiated:3929 bind-completed:3929 unbind-initiated:2511 unbind-completed:2511 search-initiated:4700 search-completed:4699 compare-initiated:0 compare-completed:0 modify-initiated:4 modify-completed:4 modrdn-initiated:0 modrdn-completed:0 add-initiated:21 add-completed:21 delete-initiated:8 delete-completed:8 abandon-initiated:0 abandon-completed:0 extended-initiated:2208 extended-completed:2208

The Cacti plugin can be found here.

Linux Software Raid Tuning

I wrote a handy script to perform write and read tests on Linux software RAID devices.

Features:

  • tests stripe_cache_size 28 – 215
  • auto-detects active software RAID volumes
  • automatically determines test sizes based on physical RAM
  • tests that enough free space exists to perform the test

See it in action:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
testing md126...
running write test 1 for stripe_cache_size 256... (17 GB) copied, 152.671 s, 108 MB/s
running write test 2 for stripe_cache_size 256... (17 GB) copied, 129.458 s, 127 MB/s
running read test 1 for stripe_cache_size 256... (17 GB) copied, 68.6053 s, 241 MB/s
running read test 2 for stripe_cache_size 256... (17 GB) copied, 68.8021 s, 240 MB/s
running write test 1 for stripe_cache_size 512... (17 GB) copied, 113.154 s, 146 MB/s
running write test 2 for stripe_cache_size 512... (17 GB) copied, 110.665 s, 149 MB/s
running read test 1 for stripe_cache_size 512... (17 GB) copied, 68.5612 s, 241 MB/s
running read test 2 for stripe_cache_size 512... (17 GB) copied, 68.1318 s, 242 MB/s
running write test 1 for stripe_cache_size 1024... (17 GB) copied, 97.5265 s, 169 MB/s
running write test 2 for stripe_cache_size 1024... (17 GB) copied, 103.142 s, 160 MB/s
running read test 1 for stripe_cache_size 1024... (17 GB) copied, 69.2239 s, 238 MB/s
running read test 2 for stripe_cache_size 1024... (17 GB) copied, 74.1555 s, 223 MB/s
running write test 1 for stripe_cache_size 2048... (17 GB) copied, 89.9376 s, 183 MB/s
running write test 2 for stripe_cache_size 2048... (17 GB) copied, 89.3581 s, 185 MB/s
running read test 1 for stripe_cache_size 2048... (17 GB) copied, 78.6678 s, 210 MB/s
running read test 2 for stripe_cache_size 2048... (17 GB) copied, 74.8776 s, 220 MB/s
running write test 1 for stripe_cache_size 4096... (17 GB) copied, 83.1424 s, 198 MB/s
running write test 2 for stripe_cache_size 4096... (17 GB) copied, 84.5773 s, 195 MB/s
running read test 1 for stripe_cache_size 4096... (17 GB) copied, 75.3009 s, 219 MB/s

…and so on.

Download raid-perf-test on GitHub.

Airdroid Webapp

Here’s an easy way to get AirDroid to show up as a Chromium web app in your Unity Dash and other application menus:

1
2
3
mkdir $HOME/.icons
wget -O $HOME/.icons/airdroid-256.png http://cdn.ihashacks.com/img/2012/11/airdroid-256.png
wget -O /home/brandon/.local/share/applications/airdroid.desktop https://raw.github.com/gist/4109120/05cd175bc50fe54d8fbf0db14208da45191e3ea7/airdroid.desktop

Voila:

Chromium AirDroid web app screenshot

Just make sure to edit your resulting airdroid.desktop with the proper icon path. Here’s mine:

Symantec Mail Security Quirks

I have noticed that installing Symantec Mail Security updates can often leave previous set options un-checked (I seem to have to re-enable the “Lower spam threshold” in “Spam Scoring” for almost every update). This particular update (6.5.6.268 —> 6.5.7.279) had couple of very strange bugs.

Symantec Mail Security Settings Screenshot

This spiked my curiousity, so I took a peek at the registry. The keys can be found at HKLM\SOFTWARE\Symantec\SMSMSE\6.5\Components\LiveUpdateConfig

Symantec Mail Security in Registry

Another strange thing is that you actually aren’t supposed to be able to select a specific time when using the “Rapid Release” option. Where on earth the 06:31 1 came from is beyond me. :)

…easily fixed though, just re-select the desired settings – as with all of the other upgrade bugs you may experience in Symantec Mail Security.

SFD Countdown

Software Freedom Day is approaching! Here’s how to show your support in Octopress.

1) Create the custom aside, substituting “UTC-8” for “UTC+6” or wherever you may reside

source/_includes/custom/asides/sfd_countdown.html
1
2
3
4
5
<section>
  <div align="center">
      <a href="http://www.softwarefreedomday.org/"><img src="http://www.softwarefreedomday.org/countdown/banner1-UTC-8-en.png" border="0" width="160" height="90" alt="Celebrate SFD with us on September 15!"></a>
  </div>
</section>

2) Add the custom aside to the configuration

_config.yml
1
default_asides: [custom/asides/sfd_countdown.html]

3)???

4) Profit!

build it
1
rake generate && rake deploy

Check_dell_warranty

My Nagios plugin to check Dell warranties is something I actually wrote in 2008. For better or worse I haven’t actually made it public until now.

plugin in action
1
2
check_dell_warranty GH57CS1 30 15
Warranty expires in 1032 days for <a href=http://support.dell.com/support/topics/global.aspx/support/my_systems_info/details?c=us&l=en&s=gen&servicetag=GH57CS1>GH57CS1</a>

Fork it on GitHub!

Stackad in Octopress

StackAd is most commonly known as a WordPress plugin developed by Quick Media Solutions. Thanks to a post on StackApps, setting this up on Octopress is pretty easy.

source/_includes/custom/head.html
1
2
3
4
5
6
7
8
9
--- /tmp/head.html.orig 2012-05-28 18:17:22.785629323 -0700
+++ source/_includes/custom/head.html   2012-05-27 22:54:26.441620000 -0700
@@ -4,3 +4,6 @@
 <link href="http://fonts.googleapis.com/css?family=PT+Sans:regular,italic,bold,bolditalic" rel="stylesheet" type="text/css">
 -->
 <link href='http://fonts.googleapis.com/css?family=Ubuntu:400,700,400italic,700italic' rel='stylesheet' type='text/css'>
+<script type='text/javascript'
+       src='http://files.quickmediasolutions.com/stackad/stackad.min.js'>
+</script>
source/_includes/custom/asides/stackad.html
1
2
3
<section>
  <div class='stackad' data-site='askubuntu.com'></div>
</section>

It is possible to change “data-site” to other Stack Exchange sites such as stackoverflow.com

_config.yml
1
2
3
4
5
6
7
8
9
10
11
--- /tmp/_config.yml.orig       2012-05-28 18:13:58.845629356 -0700
+++ _config.yml 2012-05-27 22:56:10.737620929 -0700
@@ -45,7 +45,7 @@

 # list each of the sidebar modules you want to include, in the order you want them to appear.
 # To add custom asides, create files in /source/_includes/custom/asides/ and add them to the list like 'custom/asides/custom_aside_name.html'
-default_asides: [asides/recent_posts.html, asides/github.html, asides/twitter.html, asides/delicious.html, asides/pinboard.html, asides/googleplus.html]
+default_asides: [asides/recent_posts.html, asides/github.html, asides/twitter.html, asides/delicious.html, asides/pinboard.html, asides/googleplus.html, custom/asides/stackad.html]

 # Each layout uses the default asides, but they can have their own asides instead. Simply uncomment the lines below
 # and add an array with the asides you want to use.

You won’t get any passive income with these ads, but for me that’s not the point.

Tuxdroid Lives

Me and tux

There is not a whole lot of updated tuxdroid documentation on the net these days. I dusted my Tux off the other day and tried to get him working in Ubuntu. I had no luck in 12.04 but was able to get him up and running on 11.10.

1
2
3
wget http://ftp.tuxdroid-community.net/setup/linux/generic/tuxbox-USEnglish-TTS-3.1.4-amd64.tar.gz
tar zxvf tuxbox-USEnglish-TTS-3.1.4-amd64.tar.gz
cd tuxbox-USEnglish

The install.sh script needs to be patched.

1
2
3
4
wget https://raw.github.com/gist/2795759/b2711d8339ea434ab14247ebfbb702c97197b038/install.sh.patch
patch -p0 < install.sh.patch
sudo ./install.sh
echo $?

As long as $? == 0 you should be good to move forward.

Linksys Default

The year is 2012. Consumer wifi has been wide spread for over 10 years. Modern routers and access points come with clear instructions and an installer disc that requires you to set things like a unique network name and a password for the network.

In this day and age, how the hell are we still seeing this:

linksys_default

I wouldn’t be surprised if this were an old school WRT54G ver1 or the BEFW11S4 running in someone’s home. However, this was a fairly recent N model supporting a local real estate company! The router also had no password for the management interface which can lead to all sorts of network havoc (redirecting all DNS requests through a rogue name server, MITM routing – both withouth having to ARP spoof).

Of course, there were devices on the network such as a multi-function copier that had wonderful information about user names, sensitive documents printed (including the website they were printed from, where applicable), email server login info for the MFP, and of course an open print queue to wreak havoc on with something appropriately rendered from quickmeme.

scumbag_steve

Remember that rogue DNS option for the router? Now we have a great list of sites to target for bad translations to malicious IP addresses based on what we saw in the print job history.

None of these things were actually done but easily could have been with a few mouse clicks and some simple commands.