Fedora 17, create .rpm with added/new compiler flag

So, the story goes:
I was trying to setup squid3 on my Fedora-server and it should authenticate users via a MySQL Database. According to the squid site (http://wiki.squid-cache.org/ConfigExamples/Authenticate/Mysql), the requriment was:”Make sure squid is compiled with –enable-basic-auth-helpers=DB option.”

So this is how it all started, and now I’m trying to explain how to check and add flags to .rpm package.

First off – let’s search for the package and retrieve the info

yum search squid
yum info squid

Now that we know the package is in the repository, we need to check if it has been compiled with the right flags. Add the correct folder-structure:

mkdir -p rpmbuild/SOURCES 
cd rpmbuild/SOURCES/

Install yum-utils, so we’re able to download the .rpm

yum install yum-utils

Let’s download the source-rpm

yumdownloader --source squid

Extract the specifications:

rpm2cpio squid-3.2.9-1.fc17.src.rpm | cpio -i

Open up the .spec file and check the flags under (line 120): “%configure \”

nano -c squid.spec

The flag we need isn’t added “–enable-basic-auth-helpers=DB option.”
So, we’re going to add that flag manually.
On line 144 (after the last flag), type the following:

-- enable-basic-auth-helpers=DB \

Save the file as “squid.spec” (in nano ctrl +o + Enter/Return and ctrl + x + enter/Return)

We need to install some packages to create our own .rpm
according to: http://fedoraproject.org/wiki/How_to_create_an_RPM_package#Preparing_your_system

yum install @development-tools 
yum install fedora-packager

DO NOT BUILD RPM AS ROOT!!

from the man-page of rpmbuild:

-bb    Build a binary package (after doing the %prep,  %build,  and  %install stages).

Let’s give it a try:

rpmbuild -bb squid.spec

My Terminal outputs:

[m00kaw@teh-geek SOURCES]$ rpmbuild -bb squid.spec --nobuild
error: Failed build dependencies:
  openldap-devel is needed by squid-7:3.2.9-1.fc17.i686
  pam-devel is needed by squid-7:3.2.9-1.fc17.i686
  db4-devel is needed by squid-7:3.2.9-1.fc17.i686
  expat-devel is needed by squid-7:3.2.9-1.fc17.i686
  libxml2-devel is needed by squid-7:3.2.9-1.fc17.i686
  libcap-devel is needed by squid-7:3.2.9-1.fc17.i686
  libecap-devel is needed by squid-7:3.2.9-1.fc17.i686
  libtool-ltdl-devel is needed by squid-7:3.2.9-1.fc17.i686
  cppunit-devel is needed by squid-7:3.2.9-1.fc17.i686

Install all the dependencies:

yum install openldap-devel pam-devel db4-devel expat-devel libxml2-devel libcap-devel libecap-devel libtool-ltdl-devel cppunit-devel

Let try again

rpmbuild -bb squid.spec

Wait some time….
Wait some more time…
Wait some more, mor time…

Done…..

cd back to rpmbuild/

cd ..

Check the folder, where the .rpm is located:

ls RPMS/i686/
squid-3.2.9-1.fc17.i686.rpm            squid-sysvinit-3.2.9-1.fc17.i686.rpm
squid-debuginfo-3.2.9-1.fc17.i686.rpm

cd into that folder and install squid

cd RPMS/i686/
su -c 'rpm -Uhv squid-3.2.9-1.fc17.i686.rpm'

confirm squid is installed locally

[m00kaw@teh-geek i686]# which squid
/usr/sbin/squid

start squid

#start squid 
systemctl start squid
 
#check status: 
systemctl status squid

Check that the right flag is enabled (–enable-basic-auth-helpers=DB option)

[root@teh-geek i686]# squid -v

Squid Cache: Version 3.2.9
configure options:  '--build=i686-redhat-linux-gnu' '--host=i686-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin'
 '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib' '--libexecdir=/usr/libexec' 
'--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--disable-strict-error-checking' '--exec_prefix=/usr' 
'--libexecdir=/usr/lib/squid' '--localstatedir=/var' '--datadir=/usr/share/squid' '--sysconfdir=/etc/squid' '--with-logdir=$(localstatedir)/log/squid' 
'--with-pidfile=$(localstatedir)/run/squid.pid' '--disable-dependency-tracking' '--enable-arp-acl' '--enable-follow-x-forwarded-for' '--enable-auth' 
'--enable-auth-basic=DB,LDAP,MSNT,MSNT-multi-domain,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB,getpwnam' '--enable-auth-ntlm=smb_lm,fake' 
'--enable-auth-digest=file,LDAP,eDirectory' '--enable-auth-negotiate=kerberos' '--enable-external-acl-helpers=ip_user,ldap_group,session,unix_group,wbinfo_group'
 '--enable-cache-digests' '--enable-cachemgr-hostname=localhost' '--enable-delay-pools' '--enable-epoll' '--enable-icap-client' '--enable-ident-lookups' 
'--enable-basic-auth-helpers=DB' '--with-large-files' '--enable-linux-netfilter' '--enable-referer-log' '--enable-removal-policies=heap,lru' 
'--enable-snmp' '--enable-ssl' '--enable-storeio=aufs,diskd,ufs' '--enable-useragent-log' '--enable-wccpv2' '--enable-esi' '--enable-ecap' '--with-aio' 
'--with-default-user=squid' '--with-filedescriptors=16384' '--with-dl' '--with-openssl' '--with-pthreads' 'build_alias=i686-redhat-linux-gnu'
'host_alias=i686-redhat-linux-gnu'

As we can see – the flag is indeed enabled!
SUCCESS

Userfriendly bash script for Youtube-Downloads

You need to have youtube-dl installed and ffmpeg. Both are probably in your repository (apt/yum)

 
#!/bin/bash
 
function mp3(){
echo "Feed me the YouTube-Link :D"
read link
sleep 1
youtube-dl $link -t -x --audio-format "mp3"
exit 0
}
 
function ytuser(){
echo "enter only the username of the youtube-user!"
read username
youtube-dl -citw ytuser:$username
exit 0
}
 
function singleVid(){
echo "Feed me the link :D "
read link
youtube-dl $link --max-quality "mp4" -t
exit 0
}
 
function req(){
cat << !
 
 
You need to have youtube-dl installed. 
It requires Python http://python.org 
(native in most linux / unix and Mac OSX)
 
Download youtube-dl from your package-manager or 
http://rg3.github.com/youtube-dl/download.html
 
In order to download MP3-files, you need to have 
ffmpeg installed. 
Install it with your package-manager or 
http://www.ffmpegx.com/download.html
 
 
!
}
 
while : #loop
do
cat << !
R U N M E N U
 
1. Download mp3
2. Download entire youtube-user
3. Download a single Youtube Video in mp4-format
4. quit
5. requirements
!
 
echo -n " Your choice? : "
read choice
 
case $choice in
1) mp3 ;;
2) ytuser ;;
3) singleVid ;;
4) exit ;;
5) req ;;
*) echo "\"$choice\" is not valid"; sleep 2;;
esac
done

Save it as ytdl.sh and chmod +x ytdl.sh
now launch it with ./ytdl.sh

The script is also on my:
Github

Make Linux ISO as USB installer

This is just a small note to myself.. It’s pretty much stolen from crunchbang-wiki

Find the USB-drive (nice if you have more than 1 HDD in your computer / laptop, as I do)

sudo ls -l /dev/disk/by-id/*usb*

Outputs something like:

[M00kaw@localhost ~]$ sudo ls -l /dev/disk/by-id/*usb*
lrwxrwxrwx. 1 root root  9 Feb 15 18:53 /dev/disk/by-id/usb-Kingston_DataTraveler_2.0_0019E06B0793F980F77109BB-0:0 -> ../../sdc
lrwxrwxrwx. 1 root root 10 Feb 15 18:53 /dev/disk/by-id/usb-Kingston_DataTraveler_2.0_0019E06B0793F980F77109BB-0:0-part1 -> ../../sdc1
lrwxrwxrwx. 1 root root 10 Feb 15 18:53 /dev/disk/by-id/usb-Kingston_DataTraveler_2.0_0019E06B0793F980F77109BB-0:0-part2 -> ../../sdc2
lrwxrwxrwx. 1 root root 10 Feb 15 18:53 /dev/disk/by-id/usb-Kingston_DataTraveler_2.0_0019E06B0793F980F77109BB-0:0-part3 -> ../../sdc3
[M00kaw@localhost ~]$

Copy the ISO to the USB:

sudo dd if=/path/to/Linux/Linux-file.iso of=/dev/sdX bs=4M;sync

replace sdX with sdb (note: NO sdb1 or sdb2 etc.!)

Nexus or SuperNexus ROM (SG3) “enable google apps location access”

So I installed SuperNexus ROM on my Samsung Galaxy S3 and I’m so happy with it, compared to Samsungs stock rom. It’s super fast, battery-life increased by 24 hours. However, when I tried to use GPS on GoogleMaps i got an error saying:”enable google apps location access.
I found the solution at saying “Settings > Accounts > Google > Location settings.” as shown on the picture below:

google-location

This was just a small note to myself..

//M00kaw

Learn Linux! The sysadmins shortcut to Linux!

I’ve currently started a new project. It aims to learn people how to use Linux as an alternative to enterprise products. The course will be in 8 sessions. Topics such as ‘standard input, standard output, standard error’, ‘repository‘, ‘sed, awk, grep‘ etc. will be covered. The videos are available at  https://vimeo.com/m00kaw/videos

All the videos and the README are available at

http://www.mediafire.com/?3h0k1o3h3hh33

 

Please e-mail me feedback at m00kaw@teh-geek.com or on Twitter: https://twitter.com/M00kaw

Find and Kill PID’s in a User-Friendly Matter

So, the situation was like this:
A friend runs a Counter-Strike Server, with multiple instances of Counter-Strike. He would usually launch the program like any other, with ./CSS-server.sh

The problem came, when he would search for the PID (Process ID) for each instance.
ps aux | grep CSS-server | grep -v grep would show him 3 servers. He wasn’t able to tell which instance he would like to kill, and what instance he would keep.

SO – I recommended him, to make some small scripts, that launches the server. And then, naming the scripts Foo1, Foo2, Foo3 etc.

Inside Foo1 would look something like:
#!/bin/bash
./CSS-server.sh &
echo “Launched CSS-server”

So, when that being said and done, I wrote this small script (that could use some improvement).
It pretty much just greps for Foo, so remember to replace Foo with the name of your scripts.

A quick demo of the script:
It looks like

And the code:

 
#!/bin/bash
 
#Creates an array that finds Process ID (PID)
array=(`(ps uax | grep foo | grep -v grep) | awk '{print $2}'`)
 
#Creates an array that finds the name of process ID (PID)
blah=(`(ps aux | grep foo | grep -v grep) | awk '{print $12}' `)
 
 
len=${#array[*]}
 
 
i=0
while [ $i -lt $len ]; do
echo "$i: ${array[$i]} ${blah[$i]} "
let i++
done
 
echo "What process do you want to kill?"
echo "press CTRL^C to cancel"
read varkill
 
kill -9 "${array[$varkill]}"
 
echo "${array[$varkill]} ${blah[$varkill]} was killed"

Record your Desktop with ffmpeg and Command Line

First: install ffmpeg and xwininfo

apt-get install ffmpeg x11-utils

start up your terminal and enter: xwininfo, now click on your desktop and look for “Width” and “Height”. Mine are:

Width: 1280
Height: 751

Now, in order to record your desktop, type in the following:

ffmpeg -f x11grab -s 1280x751 -r 10 -i :0.0 -s 1280x751 -r 10 -sameq output.avi

Simply hit CTRL^C to stop the recording.

Convert 1080p WMV to 720p MP4 for Samsung Galaxy S3

My Samsung Galaxy S3 isn’t very happy about 1080p WMV files.  So to convert them, make sure you have ffmpeg installed.

apt-get install ffmpeg

or

yum install ffmpeg

in order to convert:

 
ffmpeg -i INPUT-FILE.wmv -sameq -s hd720 -f mp4 -strict experimental OUTPUT-FILE.mp4

Mount Samsung Galaxy S3 MTP in #!Crunchbang Linux

This is a note to my self – and all the material is straight from this site: http://tomsalmon.eu/2012/08/mounting-samsung-galaxy-s3-using-mtp-on-debian/
You should totally check his blog out – there are a lot of good stuff there..

Now for the guide:

To mount the phone in Debian (Wheezy/Testing):
su -
apt-get install mtp-tools mtpfs
mkdir /mnt/phone

plug in the phone

mtpfs -o allow_other /mnt/phone

umount /mnt/phone

Monitor pastebin.com for passwords

I wrote a small bash-script a while ago, that monitors pastebin.com for passwords and logins.. It can pretty much monitor all you want it to. Remember to install elinks (text browser)
It’s just a proof of concept-script, so it does have some flaws.. But feel free to edit it, and send an update if you like.

The code:

#!/bin/bash
 
function lookup()
{
 
fetch=$(elinks -dump http://pastebin.com/realtime | awk 'NR==110 { print $2}')
check=$(elinks -dump $fetch | egrep -i "username|password|e-mail") 
 
if [ "$check" ]; then
	echo "$fetch"
fi
}
 
while true; do 
	'lookup'
done

first, we create a function called lookup. In that function, we have $fetch and $check.
$fetch will open a pastebin.com/realtime, and if you view page source, the newest pastebin-entry will be at line 110, 2. column.

$check then opens that link, which $fetch provides, and checks for “username” or “password” or “e-mail”.You can add more, if you like, or you can change “username|password|e-mail” to specific sites. It’s totally up to you..

The last thing we do, is to call the function “lookup” in a while-loop, that is always true. Meaning, it will run until it’s being stopped by the user.

I encourage you to do no evil with this, and I will not have responsibility, for the use of the script.
//M00kaw

Monitor ports on hosts over TCP

I’ve made a small program in ruby, as a school project. The purpose of the script is to monitor if the connect-ability to a port on a host. It does so over TCP. There are 2 .conf files, which you should edit. remember to install the gems required and  add a database in MySQL.

The project is hosted at googlecode: http://code.google.com/p/tcp-watcher/

It’s still early software, and lots of features needs to be added.

Export Document in vim to PDF (with syntax highlight)

I use vim with syntax highlight as my primary editor. I was writing some ruby for Linux class. I wanted to hand in my assignment as PDF with syntax highlight. So I found google around and found this trick:

First off, we have vim with :syntax on

Next,  we print it to postscript (.ps) with the command:

:hardcopy >/tmp/filename.ps

vimsyntax

next we cd to /tmp and convert the .ps to pdf

:~$ cd /tmp
:/tmp$ ps2pdf example.ps
:/tmp$ ls *.pdf
example.pdf

the PDF looks like this: example pdf

 

//M00kaw

Simple and quick backup in bash

 
tar -cf - * | (cd /usr/backup/; tar xfp -)

 

A couple of things are going on here.

lets break the command up in pieces:

tar -cf – *

tar is the program used to execute the command. -c if for creating an archive, -f is for file and astrix (*) is everything in the current directory.

We pipe that, meaning the output of that command, into a new command.

(cd /usr/backup/; tar xfp -)

Lets break that into pieces:

cd /usr/backup means, change the directory to /usr/backup (you might want to change that). ; seperates that command from the next, being tar xfp – . Again tar is the program used to handle the archive. x meaning extract and p is for preserve permissions –same-permissions as before it was archived.

 

Rsync over SSH written in C

I recently ran out of space on my Dropbox, and then i thought “Why not use my VPS with 400GB storage?”.
I already knew rsync, but having to type a long command every time is not the same as a Dropbox!

So I made a script in C that uses rsync over SSH (also if you use another port than standard 22).
In my own version, I’ve hardcoded the server, username and port – in this script i’ve made it use an input.

Remember to install rsync on your local linux machine and on your server. Ofc, the server must have ssh enabled.

The code isn’t pretty – but it works.. And I would love inputs to make it better.

To download and compile the script:

wget http://teh-geek.com/wp-content/uploads/2011/12/rsync-script0.02.c
gcc -o rsync-script rsync-script0.02.c
./rsync-script

The script:

/*This is rsyn-script V0.2 that pushes and pulles*/
/*written by M00kaw at teh-geek dot com */
 
#include 
#include 
#include 
 
char server[80];
char username[80];
char port[80];
char l_path[200];
char r_path[200];
char totaldata[1400];
 
void getData()
{
 
printf("Enter the IP/domain of the server:\n");
gets(server);
 
printf("Enter the username for the server:\n");
gets(username);
 
printf("Enter the port for SSH (eg 22):\n");
gets(port);
 
printf("Enter the full local path:\n");
gets(l_path);
 
printf("Enter the full remote path:\n");
gets(r_path);
}
 
void push()
{
	getData();
 
	sprintf(totaldata, "rsync -avz -e 'ssh -p %s' %s %s@%s:%s", port, l_path, username, server, r_path);
 
	system(totaldata);
/*rsync -avz -e 'ssh -p portNo' /local/path/ username@remotehost:/remote/path */
}
 
void pull()
{
	getData();
	sprintf(totaldata, "rsync -avz -e 'ssh -p %s' %s@%s:%s %s", port, username, server, r_path, l_path);
 
	system(totaldata);
	/*rsync -avz -e 'ssh -p portNo' remoteuser@remotehost:/remote/dir /this/dir/ */
}
 
int main()
 
{
	char choice[10];
 
	printf("\n[&gt;]Press 1 for push data via Rsync\n");
	printf("[&gt;]Press 2 for pull data via Rsync\n");
 
	fgets(choice,sizeof(choice),stdin);
 
switch (choice[0])
{
	case '1':
	push();
	break;
 
	case '2':
	pull();
	break;
 
	default:
 	printf("[&gt;]Press 1 for push data via Rsync\n");
        printf("[&gt;]Press 2 for pull data via Rsync\n");
	break;
 
}
 
return 0;
}

Despotify-simple a cli client to spotify on Linux

So, since spotify finally came to Denmark, I was able to get a ‘Spotify Premium Account’. There’s different ways to use Spotify on a Linux machine. I’ve tried the windows client in wine, I’ve tried their un-supported Linux client and none of them was really smooth.
I decided to try out despotify (a third party open source software) and it’s actually really easy to install and get working. It takes a little time to adjust from a normal GUI client, but it’s really smooth.

link to despotify where manuals and tutorials are located: http://despotify.se

This is how I got it to work in Debian 6 (squeeze)
Install subversion for downloading the source code, build-essential for compiling the code and the rest are dependencies to compile and run despotify

sudo aptitude install subversion build-essential libssl-dev zlib1g-dev libvorbis-dev libtool libncursesw5-dev libao-dev

make a dir for the source code and cd into it

mkdir tmp && cd tmp

Download the source from subversion

svn co https://despotify.svn.sourceforge.net/svnroot/despotify despotify

cd into the build-folder of the source code

cd despotify/src

and now for the compiling part

make && sudo make install

When it’s done, you’re able to run the despotify client from anywhere in the terminal.
The way to use despotify needs a whole lot of explaining, and can be found at http://despotify.se/clients/

But, to get you started

despotify-simple USERNAME PASSWORD

where USERNAME is your username, and PASSWORD is the password for your account.

Find TimeToLive arp cache on Linux and Windows 7

To find out what Time To Live your arp-cache has in linux type (as root e.g with sudo):

[m00kaw@teh-geek ~]$ sudo cat /proc/sys/net/ipv4/neigh/wlan0/gc_stale_time

Output is in seconds..

In windows 7 / Vista open up cmd as Administrator and type:

netsh interface ipv4 show interfaces

Find the right interface and chose the number (idx) and type

netsh interface ipv4 show interface

The output will look something like

C# HouseHolding app

Download a well described C# HouseHolding application.

//Rise

Backup your server over FTP on a Linux client

So, a while ago I made a script, that logs into a server via FTP, downloads the folders and then saves all the files into one archive. The client that downloads the backup is a Linux-client with gftp-text as ftp-client.
The code pretty much explains itself.
First, gftp-text (the ftp client), logs into the server, changes path on the client and then downloads everything from the FTP.
Then it’s being packed into one archive with tar gz and moved to another folder (the folder called BACKUP-FOLDER).
Remember to change the path, so it’s suited to your system.

 
#!/bin/bash
# apt-get install gftp-text 
gftp <<**
open ftp://USERNAME:PASSWORD@IP-ADDRESS
lcd /LOCAL/PATH/ON/SYSTEM
mget *
close
quit
**
 
 
#what to backup
backup_files="/LOCAL/PATH/ON/SYSTEM"
 
#where to backup to
dest="/LOCAL/PATH/ON/SYSTEM/BACKUP-FOLDER"
 
#create archive filename
day=$(date +%F)
#hostname=$(Set a hostname)
archive_file=$day.tgz
 
#print start status mesage
echo "Backing up $backup_files to $dest/$archive_file"
date
echo 
 
#backup the files using tar
tar czf $dest/$archive_file $backup_files
 
#print end status message
echo 
echo 
echo "Backup finished"
date
 
#listing the files in $dest to check file sizes
echo "The Destination Path:"
ls -lah $dest

//M00kaw

Detect Man in the Middle with ARP on Linux

So – as a small project I decided to script a bash-script that detects an ARP-poison Man in the Middle Attack. The notifier I’ve used is for KDE – feel free to replace it with something else for X11 or Gnome. (I might make a Gnome / X11 version). The code:

#!/bin/bash
gateway=$(ip route show | awk '(NR == 1) { print $3}')
 
startmac=$(arp $gateway | awk '(NR == 2) { print $3}')
 
while true; do 
 
gateway=$(ip route show | awk '(NR == 1) { print $3}')
macaddr=$(arp $gateway | awk '(NR == 2) { print $3}')
 
sleep 3;
if [ $startmac != $macaddr ]; then
  kdialog --title "Gateway has changed!" --passivepopup "Gateway Mac address has changed! Possible MitM Attack!" 60 &
 
fi
done

The nice things with Bash is, that it’s so easy to read and it just calls and uses standard Linux functions.
a quick explanation:
The variable $gateway uses the command: ip route show to list the routes, and then we sort it with awk.
the variable $startmac is the result of an arp-lookup at the gateway, and then we use awk to sort out the mac address.
a while-loop then runs and check if the gateway and mac address are chaning. After 1 loop it sleeps and then starts again.
If a change is detected, a popup notification will appear in KDE saying “Gateway Mac address has changed! Possible MitM Attack!”

That’s everything to it..
The code might not be beautiful, but it works :>

//M00kaw

Teh-Geek Wallpaper

I saw this gnarly wallpaper on 4walled and thought that it would look cool, if only the letters spelled ‘Teh-Geek’. So, I asked some photoshop guys to help me out, and a guy called EasyNote was kind enough to do the hard work. I’m very happy with the design, and I would love to share the wallpapers! The formats are 1200×800, 1680×1050, 1920×1080 and 1920×1200.

Download the wallpapers here

//M00kaw

Preview: