Stupid Admin Tricks

[uudruid74]

I just wanted to start a thread that contains the most useful tools and tricks; stuff you end up installing because it makes your life so much easier.   Here's a couple to get you started.
 
VIM

In your non-root .vimrc

cmap w!! w !sudo tee "%" >/dev/null

 
If :w! fails because you forgot to su/sudo, just use ':w!!'

 

 

SSH the Byobu way!

 

I generally use mosh since it can be forgiving of slow and interruptable links, but I also go one step further and install byobu (its a layer on top of tmux/screen, tmux is default).   It will save your session from a network drop!  If you've never use tmux or screen you are in for a treat.  It multiplexes your terminal so that you can have multiple terminals through the same connection.  But, its also a session manager and this is more important (IMHO).  Start an emerge and then go ahead and detach (^A d) and you can drop your ssh connection and everything continues in the background.  When you connect to byobu again, everything is there as if you never disconnected.  Every terminal!  You can even connect from multiple machines and share the open terminals if you wish.

 

I use an Android APP called JuiceSSH (and the AnySoftKeyboard with the SSH extension keyboard, although Juice gives you the other keys you need).   It manages your SSH connections and lets you connect from your phone.  This means I can pull out my phone and tap a button and be logged in to a server, check on a compile or update or view a log, and then detach from byobu really fast.    I keep byobu on the gnome "Drop Down Terminal" (desktop extension) so I have a terminal that I never lose track of and it multiplexes with byobu.  It also stays active if I log out of Gnome!!  Its session doesn't die when you log out of your desktop, its persistent.   Also, if I "Juice" in, the terminal size is changed byobu to fit the phone screen - so I can see byobu on my laptop resize as I rotate my phone (yeah, not very useful, but it looks cool).

[sputnik]

Hmm, I do the same with screen as you describe with byobu all the time.  Detach, relog in, screen -r, why there it is, still running away!  Even multiple sessions.  It cares not about the machine you are coming from, same user/same screens.

But the more the merrier.  I notice great polarization with these types of programs, tmux users aren't fond of screen and vice-versa.  Whichever you like, that's the one for you!  I also use dtach on my embedded devices for things that run 24/7, a much smaller memory footprint, although limited to one session.

+1 on JuiceSSH for android, love it.  ES File Explorer for android is also great, much better than any other file manager I've seen, including the one in Cyanogenmod, an FTP client too, so you don't need another client for that.  More cool stuff than I know what to do with.

SSH Server on android works well for me too.  You can set it up to start in the background at boot, I have more ways to log into my androids than Uncle Sam...

[uudruid74]

I used to use screen back in the 90s so I could start a compile at work and then go home and dial in to the server to check on it. I think I even had it on my 3b2... yeah I had an AT&T 3b2 running Unix SysVr3.2

 

For new users that don't know the juice/tmux (or screen or byobu) combination, I forgot to mention you can swipe left/right to change terminal screens. Ill use any of the three - byobu just has cool status bar applets and I think tmux has more features for a couple weird things I do with it.

 

I also use ES File manager mainly for the Sftp (usually over USB) but I'm looking to replace it. The author sends detailed information about everything you do with it to some Chinese server. I firewall off the two IPs it goes to. I have real issues with apps that immediately open a connection to the Internet when you open them. People need firewalls and packet sniffers on their phones! Yes, I have a GUI packet sniffer on my phone.

 

We kinda need an OS that does a two-way data sanitize. Programs should scrub data before putting it into sql or a command line, but the reverse should happen. Programs shouldn't be able to open sockets to addresses that don't originate from the user (not practical on today's systems, but if things we're designed to empower users rather than application vendors may it could have happened). But, I'm wandering off topic.

[sputnik]

Yes, I agree with you.  I get lazy because android is so inherently insecure in so many ways, it seems almost hopeless.  I'll have to sniff that out & shut it off too.

I always seek out those programs that are the least intrusive, but I find ES File Explorer too handy.  I used to use Xposed on my phone, but it was too wimpy (ancient), although I have a newer one now, only 4 years old  :P .  Maybe I'll go back to that.

[pytony]

I'm picking up your w!! trick for vim :P

 

mkdir and cd in a row:

mkncd() {
  mkdir -pv $1
  cd $1
}

In my python virtualenvs (using virtualenvwrapper), I have a postactivate hook to cd in the right directory after "workon virtualenv":

[[ -f "$VIRTUAL_ENV/.workpath" ]] && cd $(cat $VIRTUAL_ENV/.workpath)

[uudruid74]

Next stupid trick, which is pertinent to Gentoo/Funtoo since you frequently may have to add to a file with >>/etc/portage/package.mask (or .use or whatever).  A slight typo could kill your file.  Fix this way:

 

In .profile

set -o noclobber

Just please don't ask what made me think of this :(

[uudruid74]

Time for another STUPID Admin Trick ... running a CGI on Nginx / Tengine !

 

There are plenty of ways to do it, most involve installing a wrapper around the fastCGI interface.  However, I already have FPM installed, and figured that PHP could execute a program, so why not wrap a PHP wrapper?   I would NOT recommend this for production use as there is probably more than one security issue, compatibility issue, or whatever.  Then again, you aren't using CGI for production system's anyway, right?

 

First a bit of magic in your server { } section of your web server config file :

location ~ ^/cgi-bin(.*)$ {
                gzip off;
                include /etc/tengine/fastcgi.conf;
                fastcgi_split_path_info ^/cgi-bin/(.*cgi)(.*)$;
                fastcgi_param CGI_FILENAME $fastcgi_script_name;
                fastcgi_param SCRIPT_FILENAME $document_root/cgi-bin.php;
                fastcgi_param PATH_INFO $fastcgi_path_info;
                fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
            }

Now, you need a wrapper called cgi-bin.php (in server root):

<?php

$scriptname = "{$_SERVER['DOCUMENT_ROOT']}/cgi-bin/{$_SERVER['SCRIPT_NAME']}";

if (array_key_exists('HTTP_REFERER',$_SERVER)) {
    putenv ("HTTP_REFERER={$_SERVER['HTTP_REFERER']}");
}
putenv("DOCUMENT_ROOT={$_SERVER['DOCUMENT_ROOT']}");
putenv("QUERY_STRING={$_SERVER['QUERY_STRING']}");
putenv("REMOTE_ADDR={$_SERVER['REMOTE_ADDR']}");
putenv("REMOTE_PORT={$_SERVER['REMOTE_PORT']}");
if (array_key_exists('REMOTE_USER',$_SERVER)) {
    putenv("REMOTE_USER={$_SERVER['REMOTE_USER']}");
}
putenv("REQUEST_METHOD={$_SERVER['REQUEST_METHOD']}");
putenv("REQUEST_URI={$_SERVER['REQUEST_URI']}");
putenv("SCRIPT_FILENAME=$scriptname");
putenv("SCRIPT_NAME={$_SERVER['SCRIPT_NAME']}");
if (array_key_exists('PATH_INFO',$_SERVER)) {
    putenv("PATH_INFO={$_SERVER['PATH_INFO']}");
}

$output = shell_exec ($scriptname);

echo preg_replace('/^.+\n/', '', $output);

?>

Now, assuming you have a /cgi-bin directory, you can run scripts like this  /cgi-bin/mycgi.cgi?h=45&y=6  or whatever.   The script must be executable and must end in cgi and must be in the /cgi-bin directory.

 

I'm no PHP programmer, and new to Tengine/Nginx (using Apache too long), so if you are shaking your head at some of the above hackery, feel free to correct it!  I'm sure its pretty bad, but I couldn't find any examples online that did anything like it.

 

Have fun.

[uudruid74]

Here's another stupid admin trick ...

 

How often do you have about a dozen shell windows open?   Let's add two capabilities to make that easier.  These are controlled with a line that looks like this in the script:

export PROMPT_COMMAND="shareHistory; testWindow"

You can simply remove the feature you don't want from your PROMPT_COMMAND, or change it on a window-by-window basis if you like.

1. shareHistory - Consolidate the bash history so that it is available through any bash that your username controls.  The history will sync after every command.  The only drawback is that it's AFTER every command, so you might want to hit enter if you just switched windows to ensure that the commands you just used in the other window are available in this window.  Hit ENTER to sync up, then use up-arrow, history, or ! commands as if you never swiched windows.
2. fixTitle - This one happens as part of the testWindow command below.  It updates the window title to the command you just ran so that you always know whats running in that window. 
3. testWindow - You probably switched windows because you are waiting on something to finish, like an emerge.   Wouldn't it be nice to know when it's done?  This command will look and see if its currently on top and if not, it will issues a notification to your desktop to let you know the last command finished.  It even selects an appropriate icon.  Its silent as long as window is on top.  This is sort of a hack since bash doesn't know anything about your window stack.  Instead, a couple commands are aliased to look at the window that currently has focus (which should be itself since you are typing the command!) and records this.   You shouldn't use commands that record the window in a script.  You can also force it to remember the window with the new command n.

Also, the testWindow functionality is set up to not try to remember the window when the script starts.  This is because your bash profile starts to run before the window is open and gets focus creating a race condition.  You have to specifically turn on the feature with 'n'.  I've also aliased 'ls' and 'emerge' to turn this on as well (and record the window via 'updateWindowId').   None of the fixTitle or textWindow features work until you use one of these commands.

 

To use, save the following script as /usr/local/bin/windowtricks.bash

#!/bin/bash
#-
#- This is to display notifications when you aren't watching the window
#- and updates the window title with the currently running command.
#- The command is reset when it finishes, unless the window is on top.
#- In this case, the window title is kept so you can find it.  You
#- may use the 'n' command to manually reset the window title.
#-
#- We should only update the WindowId when the window has focus!
#- This means the first update can't be inside .bashrc
#-
#- The new 'n' command updates the 'notify' and resets title to $SHELL
#-
#- source this file from your .bashrc
#-

shopt -s histappend

alias n='updateWindowId; fixTitle; initTrap'

#- These commands will automatically call n to turn on the features
alias ls='n; ls --color=tty'
# alias cd='n; cd'
alias emerge='n; emerge'

#- keep this info
resetTaskName() {
  LC_TASK=$(basename ${SHELL})
}

#- need to remember this
updateWindowId() {
    LC_XWINDOWID=$(xdotool getactivewindow)
    #resetTaskName
	if [ -z "$LC_NAME" ]; then
	  LC_NAME=$(xdotool getwindowname $LC_XWINDOWID)
	fi
}

#- actually set the window title
fixTitle() {
	#- If we have a 'screen' type terminal, name the screen, not the window
    case $TERM in
        screen)
            echo -ne "\033k${LC_TASK}\033\\"
            ;;
        xterm|xterm-256color|xterm-color|Eterm|aterm|rxvt|kterm|rxvt-unicode|gnome|interix)
            echo -ne "\x1b]0;${LC_NAME}: ${LC_TASK}\x07"
            ;;
    esac
}

#- get command for title
autoTitle() {
  case $BASH_COMMAND in
    fixTitle) ;;
    testWindow) ;;
    updateWindowId) ;;
    getLastCommand) ;;
    sendNotify) ;;
    *)
        LC_TASK=$BASH_COMMAND
        fixTitle
        ;;
  esac
}

#- grab from history
getLastCommand() {
  LC_TASK=$(history 1 | cut -c 8-)
  LC_ICON=$(basename $LC_TASK 2>/dev/null)
  if [ -z "$LC_ICON" ]; then
    LC_ICON="utilities-terminal"
  else
  	#- FIXME: This is a bad/slow hack.
    eval $(locate $LC_ICON.desktop | xargs cat | grep Icon | head -1 | sed 's/Icon/LC_ICON/') 2>/dev/null
  fi
}

#- notification of task completion
sendNotify() {
  getLastCommand
  notify-send -t 10000 -i "$LC_ICON" "Task Complete in $LC_NAME" "$LC_TASK"
}

#- test to see if window is on top
testWindow() {
  LC_ACTIVE=$(xdotool getactivewindow 2>/dev/null)
  if [ -z "$LC_XWINDOWID" ]; then
     return 0;
  fi
  if [ "$LC_ACTIVE" != "$LC_XWINDOWID" ]; then
     #- This command is forked because it takes too long
     sendNotify & disown 2>/dev/null
  else                  		#- comment these 3 lines to keep last command in title
     resetTaskName      		#- above and this one
     fixTitle           		#- and this one
  fi
}

#- This trick shares history in all open bash windows
shareHistory() {
  history -a
  history -c
  history -r
}

#- the magic!  Executed when prompt is displayed
export PROMPT_COMMAND="shareHistory; testWindow"

#- some magic for updating window title
initTrap () {
    if [ -z "$LC_INIT" ]; then
    	#- These commands update the windowid in case
    	#- our shell moved from one window to another
		alias ls='updateWindowId; ls --color=tty'
		alias cd='updateWindowId; cd'
		#- The rest we just unalias
		unalias emerge

		LC_INIT="DONE"
		trap autoTitle DEBUG
    fi
}

Now change your .bashrc and add a line like this at the end.

source /usr/local/bin/windowtricks.bash

Enjoy!

[Chris Kurlinski]

not sure if this counts, but I have gone to i3 wm running from tigervnc as my main server access, works great with my os x screenshare.

i3 is completely stripped down, but I can still start virt-manager or whatnot.

I can just close my laptop when the kids start screaming, or phone rings, open it back up, and everything is still there.......

[uudruid74]

not sure if this counts, but I have gone to i3 wm running from tigervnc as my main server access, works great with my os x screenshare.

i3 is completely stripped down, but I can still start virt-manager or whatnot.

I can just close my laptop when the kids start screaming, or phone rings, open it back up, and everything is still there.......

VNC isn't the best Protocol for remote viewing. If you are using Linux to Linux then plain X is better (ssh will just forward X connections if you tell it) and there are ways of adding compression and such on X. There are other methods too.

 

For me, I don't do any remote GUI stuff since I use either satellite or cellular for my data connection. Byobu manages plain text shells, old school dumb terminal style. In fact, I used to use screen (one of the byobu backends) with a dial up modem! Then again, I've run X like that too using a low bandwidth X extension

 

Sent from my A0001 using Tapatalk

[Chris Kurlinski]

Yeah I am getting sick of i3 and tigervnc. They are headaches for me right now, after my recent rebuild.

I think i will try it your way. Running on a mac and android, so should not be a big deal.

Just broke my work phone, so looking for a new primary, thinking about something that I could run Paranoid Android on.

I want to do openvpn and ssh back to server. Just don't trust android to put my rsa certs on it yet.

 

Is there a good tutorial for headless X?

[uudruid74]

Yeah I am getting sick of i3 and tigervnc. They are headaches for me right now, after my recent rebuild.

I think i will try it your way. Running on a mac and android, so should not be a big deal.

Just broke my work phone, so looking for a new primary, thinking about something that I could run Paranoid Android on.

I want to do openvpn and ssh back to server. Just don't trust android to put my rsa certs on it yet.

 

Is there a good tutorial for headless X?

You don't need headless X on the server, just Xlib. You only need X on the machine displaying the graphics. The machine running the app just needs Xlib.

 

Headless X servers would be to do something like run Chrome on a headless server, have it render the page to an offscreen buffer then grab a screenshot. This works although may be faster with a video card since Web sites make use if hardware accelleration.

 

Normal X forwarding doesn't actually need an Xserver on the remote host.

 

Sent from my A0001 using Tapatalk

[uudruid74]

Yeah I am getting sick of i3 and tigervnc. They are headaches for me right now, after my recent rebuild.

I think i will try it your way. Running on a mac and android, so should not be a big deal.

Just broke my work phone, so looking for a new primary, thinking about something that I could run Paranoid Android on.

I want to do openvpn and ssh back to server. Just don't trust android to put my rsa certs on it yet.

 

Is there a good tutorial for headless X?

Oh and my recommendation on Phones is OnePlus One :-) Although there is a little known ROM that will knock the socks of Paranoid in terms of speed, battery, and stability.

 

Sent from my A0001 using Tapatalk

[Chris Kurlinski]

Ok I get it.

Never really played with X before. So just a Xlib.

I'll try it.

 

As far as the phone, I keep going back to the OnePlus One.  I was looking at the Asus Intel phone, but just looked like a pain wth weird button placement.

Plus you can Install Sailfish OS on the OnePlus One.

 

Thanks 

[uudruid74]

Ok I get it.

Never really played with X before. So just a Xlib.

I'll try it.

 

As far as the phone, I keep going back to the OnePlus One. I was looking at the Asus Intel phone, but just looked like a pain wth weird button placement.

Plus you can Install Sailfish OS on the OnePlus One.

 

Thanks

Don't count on Sailfish as a selling point. The port is pretty, but I could never get WiFi working with the 'fixes' given and mobile is dead, camera is dead, etc. The early alpha that was up is more or less abandoned by the devel. Not much of a phone OS if you cant make calls :-)

 

Sent from my A0001 using Tapatalk