Bashup – a sophisticated Bash backup script

Mnemonikk (who still lacks a blog because he cannot decide which name to choose) finally made the step to create a sourceforge project for Bashup. Bashup is a more or less modular and Bourne shell compatible backup script with few dependencies. It targets backup for servers and provides features like mysql, oracle, postgresql, subversion repository and file system backup, backup over ftp, ssh, rsync, heavy rotation (yes – even over ftp) and reporting. The script is already used on a couple of different live servers. It matches the need for a script that is neither binary, nor python, ruby or perl but just plain shell and some external calls.

The script is released under GPL. Right now you can only get it by checking out the svn repository (see sourceforge project page for details) but will be branched with an official version number soon. I know there are a lot of backup solutions out there and this is just one more, but you might also know how difficult it can be to backup a system when having very limited possibilities to install software and servers distributed on very different data centers…

Feel free to contact me for gaining access as developer. Patches and new modules welcome!

/usr/bin/test not /usr/bin/[ anymore?

I am really puzzled: While proudly presenting some linux knowledge I could not explain why /usr/bin/test and /usr/bin/[ are on Debian and Ubuntu (and maybe other distributions) not binary and symlink but different binaries. On Ubuntu Gutsy it looks like this:

[ccm:0:~]$ ls -l /usr/bin/test
-rwxr-xr-x 1 root root 23036 2007-09-29 14:51 /usr/bin/test
[ccm:0:~]$ ls -l /usr/bin/\[
-rwxr-xr-x 1 root root 25024 2007-09-29 14:51 /usr/bin/[
[ccm:0:~]$ md5sum /usr/bin/test
d83583f233cb4a014c2e9faef6bb9b32  /usr/bin/test
[ccm:0:~]$ md5sum /usr/bin/\[
b1e9282a48978a17fb7479faf7b8c8b7  /usr/bin/[

When playing around with them, they even behave different:

[ccm:0:~]$ /usr/bin/test --version
[ccm:0:~]$ /usr/bin/\[ --version
[ (GNU coreutils) 5.97

On Debian, Fedora, RedHat it looks the same. It puzzles me as just some weeks ago I read one of them is actually a symlink and think I the first test I made showed me machine where it behaved that way.

So maybe someone can update me why these binaries are different now. Guess there cannot be good reason as „man test“ and „man [“ show the same document:

ls -l /usr/share/man/man1/\[.1.gz
lrwxrwxrwx 1 root root 9 2007-12-04 19:20 /usr/share/man/man1/[.1.gz -> test.1.gz

And when answering this: „/usr/bin/test“ is part of coreutils, but /usr/bin/[ ?

Powered by ScribeFire.

Ubuntu LAN party

While dealing with preparations for our already announced Hardy Heron release party we are currently planning an Ubuntu LAN party. What does that mean? The Ubuntu Berlin team came to the conclusion that network gaming is one of the major reasons for sticking to Windows based operating systems. There is of course an unmanageable amount of games of Windows machines out there – no doubt about it. But it seems to be a prejudice that you cannot have network based gaming fun on Linux. And I don’t mean running Wine, VmWare or similar here.

Therefore we set up a small and incomplete list with games that you can play under Linux. Some of them are actually Windows games that can run under Wine – but only some (and they are a kind of compromise for some of our members). Quite enthusiastic discussions occurred in conjunction with games like „Battle for Wesnoth„, „Armagetron„, „OpenArena“ and „Nexuiz„. All of them are available through Ubuntu package repositories and – even better – not all of them are shooters.

So we are happily looking towards our first lan party within the next weeks which will be located at c-base or newthinking store if one them lets us in. I hope that we also have time to do some bug reporting afterwards if necessary – it should be a great possibility to do some network game stress tests.

Powered by ScribeFire.

Ubuntu Hardy Heron Release Party – 26th of April at c-base/Berlin (Germany)

Yes, guys, we are fast. While you might be trying the alpha 2 release of Ubuntu Hardy Heron, the so called „Ubuntu +1“, meaning the next release which is scheduled for 24th of April 2008, the „Ubuntu Berlin“ user group is already busy with preparing its release party. After our last two release parties took place at the well known c-base – a sunken star ship – and reached an audience of eigthy to hundred people, we are pleased to announce that the next party will become even bigger.

As last time several lectures will be held. Due to the public interest especially in technical information we moved our party from Friday to Saturday and are going to start earlier in the afternoon so we can provide more input for visitors while still being able to have the dj(s) do their work in the evening and probably some barbecue.

So if you live around Berlin (Germany) – save the date – and feel free to help us with the preparation. You are welcome on the mailing list or our other communication channels that you can find on our wiki page. If you are just interested in attending the lectures or just want to hang around at the party, you invited to join our moderated, low traffic announcement mailing list.

The dilemma of ssh authorized_keys key files and its comments

Imagine the following situation: You care for live servers and work in a team of let’s say five, six or even more people. Access to the servers is granted through ssh. The people login either as root (yes, you should not do that, but that is not the point here) or as user with sudo rights or they just share an unprivileged account. Authentication is done via ssh keys.

Now somebody leaves your team. Either as he has a new job or he just got fired. Of course you start deleting his key from all those ~./ssh/authorized_keys files. You have been smart before as you forced your buddies to use their real name or mail address as comment in the key. Easy identification.

But then you start thinking: How do I know I am deleting the right keys? Let’s say the target user is a smart bad guy. He just might have done the following: He looks for somebody who seldomly logs in. Maybe a manager has a key just for security purposes or something like that. Now he exchanges the order of the keys and its comments if they are in a shared authorized_keys or he even exchanges the authorized_keys files when they belong to different users, so you just think you are deleting the right keys but disable another person – in the worst case even yourself.

Of course you can start working around this with trip wire, shell scripts and so on, but be honest: Being able to change the comment in an ssh key without disturbing a checksum or even a signature that rings bells and whistles is a pain for every security minded administrator.

Feel free to hint me an easy solution for this that you might already have implemented.

Ubuntu on 24C3 Congress summary

24C3, the annual hacker congress at Berlin/Germany, is nearly over and there is not so much to say about Ubuntu. Though there had been a small Debian booth – marketing materials and stuff – there was nothing similar for Ubuntu. We discussed that earlier and actually most people thought, it’d not make that much sense as Ubuntu is not known for being the hacker favorite operating system. I guess, we should think about this next year again, as this conference gives the possibility not only to contact users but also a great bunch of possible developers.

In spite of that, this year you could notice dozens of Ubuntu driven notebooks around the congress. I met some folks interested in Ubuntu contacts and even helped out a Brazilian girl from linuxchix.org.br (greetings!) with an Ubuntu cd. So what you can summarize is the fact that Ubuntu is just a part of common usage around and that is what we like, don’t we?

Using netcat and tar for network file transfer

Imagine you are on lan party or on the road and quickly want to transfer a file or directory to another computer. Both computer owners are just to lazy to setup something like ftp, smb, nfs. A very simple and even cross platform solution is using netcat and in case of a directory in combination with tar like the following steps. I will just show you how to use it without compression for a directory. Fell free to play around. You can test it locally of course.

1. The sender

The sender has to call netcat in server mode and pipe content into it. The next line tells tar to build a tarball and write it to standard output which is redirected via a pipe to netcat. Netcat is told to start in server mode (-l), listen on port 7878 (-p 7878) and shutdown itself after waiting 10 seconds after having seen an end of file in standard input (-q 10):

$ tar c directory | nc -q 10 -l -p 7878

2. The receiver

The receiver has to call netcat and tell him to Weiterlesen

Ubuntu on OLPC XO anonye?

While waiting for the delivery of my One Laptop per Child OLPC XO, ordered through the great Give one Get One program (you can order until 31. of December and yes, you can do it from outside U.S. e.g. Europe too, as the FAQ shows you), I’s nearly unhappy to see a lot of guys walking around with an OLPC XO at the annualy ccc hacker convention 24C3 while being nearly jealous :) Despite of dozens of OLPCs around here, at this time, nobody could answer my question whether there already had been serious efforts to bring Ubuntu to the little green thingy with the official bunny ears.

As far as Google knows, there exists an Ubuntu launchpad blueprint entitled „Ubuntu for the One Lap Top Per Child Project„, that brings up some hope but to be honest, there are dozens of interesting blueprints. So is anybody of you right now dealing with an installation of Ubuntu on the XO or knows someone around who does so?

(And yes, I know, that the Eeepc is a nice tool, too. But it just has no bunny ears, you know.)

Getting around the Gnome network manager

Know that problem? You are somewhere around and got special network settings like a wlan essid and static ip ressources. Your Gnome network manager which you really like as it finally brought easy wpa2/wpa/wep detection and setup to you prefers dhcp and skips around the networks like mad.

So this is the time to consider going back to the roots: Switch it off. Just disable the network manager by right clicking on it. Now open /etc/network/interfaces in an editor of your choice with sudo/root rights and add something like this:

iface mynetwork inet static
address 1.2.3.4
netmask 255.255.255.0
gateway 1.2.3.1
wireless-essid NAME-OF-WLAN

Fill this with your specific details and yes, just choose a name for the interface you like. Don’t edit an existing one, don’t think about connecting it to a real interface right now.

After you have done this, open Weiterlesen