Thursday, January 15, 2015

How to kill whole process group (parent + child process)

This is very easy, and all this while I have been using ps with grep and awk, just to get the parent and child process PID, and feed it to kill command to kill the whole lot of them. Now no more, that is why reading the man page is very beneficial ;). To kill the whole group process, please see below example.

Let's say I want to kill teamviewer, and it's child processes:

check what is teamviewer and its children's PID:


$ pstree -Gap 31458

teamviewerd,31458 -f

├─{teamviewerd},31460

├─{teamviewerd},31461

├─{teamviewerd},31462

├─{teamviewerd},31463

├─{teamviewerd},31464

├─{teamviewerd},31465

├─{teamviewerd},31466

├─{teamviewerd},31549

└─{teamviewerd},24892

run kill to the PID of parent, and put - sign in front of the PID, to signal the whole group killing:
$ kill -TERM -31458

no more PID 31458, with the children processes
$ pstree -Gap 31458

Wednesday, December 24, 2014

Hot attach and hot detach network interface to kvm guest

To hot attach a network interface to a kvm guest, please follow below steps. The command we'll be using is virsh:


  1. Get to know the name of the guest, run below command on the kvm host: 
    foo@host:~$ sudo virsh list
    
     Id Name                 State
    ----------------------------------
      1 kvm-guest running
  2. Check whether module acpiphp is loaded on the guest: 
    foo@guest:~$ sudo lsmod | grep -i acpiphp
    
  3. If yes, proceed to step 4. If no, run below command:
    foo@guest:~$ sudo modprobe acpiphp
  4. Hot attach the network interface:
    foo@host:~$ sudo virsh attach-interface kvm-guest network --model virtio --persistent
    Interface attached successfully
  5. Run dmesg on guest to verify that the interface has been attached successfully:
    foo@guest:~$ dmesg | tail 
    [38613567.591261] virtio-pci 0000:00:04.0: using default PCI settings
    [38613567.591283] pci 0000:00:05.0: no hotplug settings from platform
    [38613567.591285] pci 0000:00:05.0: using default PCI settings
    [38613567.591741] virtio-pci 0000:00:05.0: enabling device (0000 -> 0003)
    [38613567.593361] ACPI: PCI Interrupt Link [LNKA] enabled at IRQ 10
    [38613567.601486] virtio-pci 0000:00:05.0: PCI INT A -> Link[LNKA] -> GSI 10 (level, high) -> IRQ 10
    [38613567.601524] virtio-pci 0000:00:05.0: setting latency timer to 64
    [38613567.602328] virtio-pci 0000:00:05.0: irq 43 for MSI/MSI-X
    [38613567.602343] virtio-pci 0000:00:05.0: irq 44 for MSI/MSI-X
    [38613567.602357] virtio-pci 0000:00:05.0: irq 45 for MSI/MSI-X
  6. Set ipaddress for the new interface:
    foo@guest:~$ sudo touch /etc/sysconfig/network-scripts/ifcfg-eth1; sudo echo -e "DEVICE=eth1\nONBOOT=yes\nTYPE=Ethernet\nBOOTPROTO=static\nIPADDR=10.0.0.8\nNETMASK=255.255.255.0" > /etc/sysconfig/ifcfg-eth1
  7. Bring up the interface:
    foo@guest:~$ sudo ifup eth1
  8. Check the interface:
    foo@guest:~$ ifconfig eth1
    eth1      Link encap:Ethernet  HWaddr 52:54:00:D7:10:04
              inet addr:10.0.0.8  Bcast:10.0.0.255  Mask:255.255.255.0
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:178767965 errors:0 dropped:0 overruns:0 frame:0
              TX packets:58477452 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:11949338417 (11.1 GiB)  TX bytes:498944480375 (464.6 GiB)
Done.

For hot detaching, the command in virsh is detach-interface, please follow below steps to detach the newly added interface in the above instruction:

  1. Bring down the interface in the guest:
    foo@guest:~$ sudo ifdown eth1
  2. Delete the interface config file:
    foo@guest:~$ sudo rm /etc/sysconfig/network-scripts/ifcfg-eth1
  3. Detach the network interface in host:
    foo@host:~$ sudo detach-interface kvm-guest type network --mac 52:54:00:D7:10:04
  4. Verify that the network has been removed, by running the dumpxml command, pipe to less, and search for interface:
    foo@host:~$ sudo virsh dumpxml kvm-guest | less
Done.

Hope you all will gain benefit from this post.

Wednesday, December 10, 2014

Creating a persistent live cd (ubuntu or linux mint) using a loopback file

This technique will require the use of the live cd, and a usb stick, as a vessel for the persistent file. Two requirements: the partition of the live cd must be in a format that can be mounted automatically, for example: vfat, ext3 or ext4 and the loopback file must be in the root of the partition

  1. Boot your machine using live cd
  2. Once boot up, insert your usb stick
  3. Check whether your usb stick is already mounted
    $ df -lh
    Filesystem      Size  Used Avail Use% Mounted on
    /cow            3.9G   59M  3.9G   2% /
    udev            3.9G  4.0K  3.9G   1% /dev
    tmpfs           798M  1.4M  796M   1% /run
    /dev/sr0        1.2G  1.2G     0 100% /cdrom
    /dev/loop0      1.2G  1.2G     0 100% /rofs
    none            4.0K     0  4.0K   0% /sys/fs/cgroup
    tmpfs           3.9G   24K  3.9G   1% /tmp
    none            5.0M     0  5.0M   0% /run/lock
    none            3.9G  700K  3.9G   1% /run/shm
    none            100M   12K  100M   1% /run/user
    /dev/sdb1         8G    1G    7G  12% /media/mint/backup 
  4. In this case, your usb stick is already mounted to /media/mint/backup
  5. Create a 1GB loopback file (or whatever size you desire)
    $ dd if=/dev/zero of=/media/mint/backup/casper-rw count=1000 bs=1M
  6. Format the file as ext3:
    $ mkfs.ext3 -L casper-rw /media/mint/backup/casper-rw 
    mke2fs 1.42.9 (4-Feb-2014)
    casper-rw is not a block special device.
    Proceed anyway? (y,n) y
    Discarding device blocks: done                            
    Filesystem label=casper-rw
    OS type: Linux
    Block size=4096 (log=2)
    Fragment size=4096 (log=2)
    Stride=0 blocks, Stripe width=0 blocks
    64000 inodes, 256000 blocks
    12800 blocks (5.00%) reserved for the super user
    First data block=0
    Maximum filesystem blocks=264241152
    8 block groups
    32768 blocks per group, 32768 fragments per group
    8000 inodes per group
    Superblock backups stored on blocks: 
        32768, 98304, 163840, 229376
    
    Allocating group tables: done                            
    Writing inode tables: done                            
    Creating journal (4096 blocks): done
    Writing superblocks and filesystem accounting information: done
  7. The file is done
  8. To set your live cd to use the loopback file, after your live cd booted up, add a space followed by word "persistent" without the quotes, at the end of your kernel parameter. This can be achieved in linux mint by pressing tab in the kernel list menu, add the parameter, and enter to boot from that kernel. 
    For ubuntu, when the Live CD menu gets displayed hit the key to enter “Other Options”. This will display the arguments that the Live CD passes to the kernel. At the end of this argument list just add a space and add the word "persistent". This will instruct the Live CD to maintain and use persistence. 
  9. That's all folks, test your persistent live cd by saving a few files in your home, and restart to see whether the files survived a reboot.

Thursday, November 13, 2014

How to generate ssh rsa keys

Ssh keys are used to login into linux server securely, and it is more secure than using password. To use it, just put the public key in the server that you want to access to, and connect to that server using a machine that has your private key. To increase the security even more, you can even set passphrase for the private key during the generation process. To generate the keys:

To generate the rsa key in the client machine (usually it is your own machine), run below command:

 
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/foo/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/foo/.ssh/id_rsa.
Your public key has been saved in /home/foo/.ssh/id_rsa.pub.
The key fingerprint is:
4a:dd:0a:c6:35:4e:3f:ed:27:38:8c:74:44:4d:93:67 foo@bar
The key's randomart image is:
+--[ RSA 2048]----+
|          .oo.   |
|         .  o.E  |
|        + .  o   |
|     . = = .     |
|      = S = .    |
|     o + = +     |
|      . o + o .  |
|           . o   |
|                 |
+-----------------+

 For the location to save key, you can press Enter to save to the default location, which is /home/foo/.ssh where foo is the user we use to generate the key. id_rsa is your private key, and id_rsa.pub is your public key

$ ls .ssh/
id_rsa  id_rsa.pub

For the passphrase, you can opt to omit it, but it will reduce the security level of the key pair, since anyone who get your private key can use it to access all the servers that contain your private key. The advantage is, you can do passwordless access.

The final thing to do is to copy the public key to the servers that you want to access, and you are done.

Friday, October 31, 2014

Use apt-get through http proxy

This issue happened when one day, my lovely company decided that they want to implement a proxy server, and without me realizing, not just browser will be affected, apt-get also will be affected.

How do you know that you apt-get command encounter proxy issue, when ypu received "401 authenticationrequired" error after running your apt-get command, like below:

$ sudo apt-get update

...

W: Failed to fetch http://my.archive.ubuntu.com/ubuntu/dists/raring-updates/universe/binary-i386/Packages  401  authenticationrequired

...


How to encounter this?

Method 1 (if you have GUI)

  1. Simply open your browser, and the proxy will ask for authentication
  2. Fill up your authentication.
  3. Rerun your apt-get command

Method 2 (if you have GUI)
  1. Go to System -> preferences -> Network Proxy
  2. Under Proxy Configuration, put in you proxy details
  3. Rerun apt-get

Method 3 (without GUI) - temporary proxy session
  1. export the http_proxy environment variable using this command:
    $ sudo export http_proxy='http://myusername:mypassword@myproxyaddress:myproxyport'
  2. Rerun apt-get


Method 4 (without GUI) - permanent proxy setting on .bashrc
  1. Put the settings into .bashrc:
    $ echo "http_proxy='http://myusername:mypassword@myproxyaddress:myproxyport'" >> .bashrc
  2. Activate the change:
    $ source .bashrc
  3. Rerun apt-get

Method 5 (without GUI) - permanent settings on apt.conf ~ need sudo
  1. Append your proxy settings to /etc/apt/apt.conf (choose your proxy, either http, https, ftp, or socks:
    $ sudo echo -e 'Acquire::http::proxy "http://myusername:mypassword@myproxyaddress:myproxyport/";\nAcquire::https::proxy "https://myusername:mypassword@myproxyaddress:myproxyport/";\nAcquire::ftp::proxy "ftp://myusername:mypassword@myproxyaddress:myproxyport/";\nAcquire::socks::proxy "socks://myusername:mypassword@myproxyaddress:myproxyport/";' >> /etc/apt/apt.conf
  2. Rerun apt