Huh? Why ‘service vmware-tools status’ no longer works on newer Linux VMs – Tip of the Week

After deploying a CentOS v6.6 VM via vCloud Director today, I was puzzled that I couldn’t confirm whether VMware Tools was running after installing it.

[root@ZenOSS-POC ~]# service vmware-tools status
vmware-tools: unrecognized service

Huh? Surely not!

[root@ZenOSS-POC ~]# ps -ef|grep tools|grep –v grep
root 2409 1 0 21:25 ? 00:00:00 /usr/sbin/vmtoolsd

Weird right? VMware Tools IS running…

The answer lies in the fact that for vSphere 5.x versions of VMWare Tools installed on the latest Linux’s, the upstart mechanism is now used, instead of the old /etc/init.d/script and chkconfig / service mechanisms.

So now:

[root@ZenOSS-POC ~]# status vmware-tools
vmware-tools start/running

So here’s the upstart command set you’ll need to manage this (and other) service(s) on the newer Linux’s:

stop vmware-tools
start vmware-tools
status vmware-tools
restart vmware-tools

How to hide the menubar in Mac OS X (Mavericks) Yosemite while using (OpenNX) X2Go- Tip of the Week

NOTE: I’ve updated the below post after recently upgrading my MBP to Yosemite.
I’ve moved away from using OpenNX to X2Go. This because I found X2Goclient better at handling full screen mode than OpenNX. In X2Goclient, click on the maximise (green ‘+’) button and the X window just fills all the space on the Thunderbolt display.

This also means no more NXserver on the Ubuntu side, especially after upgrading to Ubuntu v14.04.1 – X2Goserver provides all you need on the server side

Follow the instructions here to show you how to add the apt repo to your Ubuntu box

The following combination works for me:

– The latest release of x2Goserver on Ubuntu
– X-Quartz-2.7.6 – I found the later version 2.7.7 incapable of allowing X2Goclient to use the maximise button, and was very frustrating with the X window going off screen and becoming inaccessible
– x2goclient for Mac OS X, latest release Oct 19

NOTE: When starting up X2Go client and the X window appears, move the window away from the screen edges before maximising – otherwise there is still a chance of maximising into inaccessible space!

The rest of the instructions below about hiding the menu bar still apply to X-Quartz of course

Happy X’ing!!

===

I use a Thunderbolt display attached to my Macbook Pro, and I love the extra screen real estate it gives me.  I was very keen to upgrade to Mavericks so I could use the “Displays have separate Spaces” feature (System Preferences -> Mission Control), which gives each display control over its own Spaces, without mirroring / tying them together.

Along with separate Spaces comes the addition of a separate Dock and Menubar to the second display, which is great – that is, unless your apps or programs can’t hide the menubar in fullscreen mode.  Some apps can, such as Oracle’s VirtualBox, but others can’t.

One such app is XQuartz, which provides the X11 backend to programs like OpenNX and other X aware products.

Prior to the Mavericks upgrade, I could remotely connect to my Linux desktop over OpenNX and having that in fullscreen mode on the Thunderbolt display – it looked just great, and presented in true fullscreen mode – no menubar, and no Dock.  Now however in Mavericks, the menubar is present and stops me from accessing the top bar of my Linux desktop, which is a pain.  No problem with the Dock, however, which you can autohide on the Thunderbolt display (Apple Icon -> Dock -> Dock Preferences)

Blasted menubar, I thought!  No option to hide it!  I did some Googling on this, and it turns out that setting the value of this parameter:

LSUIPresentationMode

… to 4 in the app or program’s Info.plist would hide the menubar.

I tried it, and it works just fine within XQuartz – here’s how to do it from within a terminal session on your Mac:

sudo defaults write /Applications/Utilities/XQuartz.app/Contents/Info.plist LSUIPresentationMode -int 4

sudo chmod 644 /Applications/Utilities/XQuartz.app/Contents/Info.plist

Now I’m back to gorgeous fullscreen mode within OpenNX on my Thunderbolt display, without that pesky menubar

If you want to return to default behaviour, then do:

sudo defaults delete /Applications/Utilities/XQuartz.app/Contents/Info.plist LSUIPresentationMode

sudo chmod 644 /Applications/Utilities/XQuartz.app/Contents/Info.plist

Happy full screening!

How to include a last login sessions report in the daily logwatch report run – Tip of the Week

A client wanted login session statistics to be included in the daily logwatch reports he received.

The kind of stats he was looking for come from the last command:

[root@asus ~]# last| head -25
 mabboud  pts/0        sainsw           Thu Nov  1 18:12   still logged in
 cmurphy  pts/2        brkdtp2970       Thu Nov  1 16:59 - 17:01  (00:01)
 akozak   pts/2        sfddtp2889       Thu Nov  1 16:51 - 16:52  (00:00)
 ghughes  pts/1        brklap026        Thu Nov  1 16:37 - 17:40  (01:03)
 creading pts/1        ivmdtp2958       Thu Nov  1 16:19 - 16:26  (00:06)
 awall    pts/0        lavlap009        Thu Nov  1 15:56 - 17:36  (01:39)
 hnisbet  pts/16       brmdtp005        Thu Nov  1 15:02 - 16:58  (01:56)
 dbrache  pts/39       geedtp2923       Thu Nov  1 14:44 - 15:46  (01:02)
 cmcbean  pts/44       brklap011        Thu Nov  1 14:30 - 14:32  (00:01)
 dbrache  pts/39       geedtp2923       Thu Nov  1 14:20 - 14:43  (00:22)
 jgregory pts/42       brklap3053       Thu Nov  1 14:15 - 17:28  (03:12)
 awall    pts/41       thtmg            Thu Nov  1 14:13 - 14:40  (00:26)
 rraverty pts/40       brklap020        Thu Nov  1 14:10 - 15:14  (01:04)
 dbrache  pts/39       geedtp2923       Thu Nov  1 13:44 - 14:19  (00:35)
 cmcbean  pts/34       brklap011        Thu Nov  1 13:39 - 14:48  (01:08)
 dfurboro pts/3        sfdlap002        Thu Nov  1 13:29 - 16:20  (02:51)
 mhinton  pts/3        sfdlap001        Thu Nov  1 13:11 - 13:22  (00:11)
 znyparas pts/3        brmdtp3023       Thu Nov  1 12:53 - 12:56  (00:03)
 mhinton  pts/3        sfdlap001        Thu Nov  1 12:48 - 12:52  (00:03)
 mhinton  pts/3        sfdlap001        Thu Nov  1 12:14 - 12:22  (00:08)
 cmurphy  pts/41       brkdtp2970       Thu Nov  1 11:36 - 11:36  (00:00)
 rvlasvel pts/10       sfddtp002        Thu Nov  1 10:55 - 16:41  (05:45)
 rvlasvel pts/20       sfddtp2887       Thu Nov  1 10:52 - 16:41  (05:48)
 znyparas pts/10       btylap044        Thu Nov  1 10:52 - 10:54  (00:02)
 wpithous pts/49       btylap044        Thu Nov  1 10:41 - 11:03  (00:21)
 .
 .
 .

The twofold challenge I faced was:

• Write a simple script to gather yesterday’s login stats from the last command
• Modify logwatch to include these stats in a seamless way in the daily logwatch report

1.  Yesterday’s session stats

The last command provides a simple option:

last -t YYYYMMDDHHMMSS

…which can be used to show a list of last logged in users as of the specified date / time.

But I found this option didn’t work as advertised for some reason – I always seemed to get more than just yesterday’s login sessions.  It usually went beyond yesterday and included other days as well.

The customer simply wanted a snapshot of the login sessions for yesterday only.  The best approach seemed to be of the form:

last |grep [yesterday's date] > /var/log/lastsessions

Once I could get yesterday’s date massaged into the same output format as the last command displayed it, the grep would succeed.

This took a bit of careful study – I worked out that the last command date output was formatted as follows:

• Always fitted into 10 columns, e.g:

Thu Nov  1
Wed Oct 31

•  …notice that the day column is right-justified, and had no ‘0’ padding for single digit days

I also discovered that yesterday’s date could easily be obtained in the correct format by using:

[root@asus ~]# date --date=yesterday
 Wed Oct 31 18:35:16 EST 2012

…and, confirming the formatting is correct for single-digit dates:

[root@asus ~]# date --date=tomorrow
 Fri Nov  2 18:36:55 EST 2012

So now my grep command could be placed into a script, like this:

[root@asus ~]# cat /usr/local/bin/lastSessions.sh

#!/bin/bash
# Get yesterday's date in the correct format for grep'ing
# We only need the first 10 columns of output
YESTERDAY=`date --date=yesterday|cut -c1-10`
# Get yesterday's login sesssions, sorted by name and filed away for logwatch use
last |grep "${YESTERDAY}" |sort >/var/log/lastsessions 2>&1
exit 0

Typical output of the above script looks like this:

[root@asus ~]# cat /var/log/lastsessions
 aarthur  pts/19       btydtp2926       Wed Oct 31 08:06 - 08:07  (00:00)
 ajones   pts/7        10.191.1.3       Wed Oct 31 07:23 - 15:58  (08:34)
 akarpath pts/0        vildtp003        Wed Oct 31 05:00 - 13:13  (08:13)
 askinner pts/15       sp1lap001        Wed Oct 31 07:46 - 16:06  (08:20)
 bhoar    pts/14       sp1lap003        Wed Oct 31 07:38 - 16:13  (08:34)
 dchua    pts/0        ml1dtp2898       Wed Oct 31 13:49 - 16:50  (03:00)
 dchua    pts/22       sp1lap032        Wed Oct 31 08:50 - 17:03  (08:12)
 dsmedley pts/1        btylap005        Wed Oct 31 05:07 - 12:52  (07:45)
 garmstro pts/21       sp1dtp022        Wed Oct 31 08:36 - 14:45  (06:08)
 garmstro pts/4        sp1dtp022        Wed Oct 31 05:30 - 16:10  (10:39)
 garmstro pts/5        sp1dtp022        Wed Oct 31 07:07 - 07:11  (00:04)
 jlangrid pts/12       sp1dtp2938       Wed Oct 31 07:37 - 16:30  (08:52)
 kwarne   pts/9        ml1dtp2898       Wed Oct 31 07:27 - 16:50  (09:23)
 ndrury   pts/13       sp1lap015        Wed Oct 31 07:38 - 09:26  (01:48)
 ndrury   pts/2        sp1lap015        Wed Oct 31 14:12 - 14:59  (00:47)
 nfitzger pts/1        kaldtp2952       Wed Oct 31 13:54 - 16:03  (02:09)
 nfitzger pts/19       kaldtp2952       Wed Oct 31 08:10 - 12:51  (04:40)
 npavitt  pts/2        btydtp2902       Wed Oct 31 05:19 - 12:24  (07:05)
 phincksm pts/6        sp1dtp025        Wed Oct 31 06:56 - 15:52  (08:56)
 ppezzali pts/11       ml1dtp018        Wed Oct 31 07:35 - 15:53  (08:18)
 rboyd    pts/18       bundtp2883       Wed Oct 31 08:05 - 15:52  (07:47)
 root     pts/17       btylap044.ap01.a Wed Oct 31 07:57 - 11:59  (04:02)
 root     tty7         :0               Wed Oct 31 08:09   still logged in
 rpagano  pts/13       sp1lap030        Wed Oct 31 09:43 - 16:30  (06:47)
 sai      pts/0        saitest          Wed Oct 31 02:14 - 02:45  (00:30)
 scarter  pts/23       ml1dtp2911       Wed Oct 31 09:15 - 09:16  (00:01)
 scarter  pts/23       ml1dtp2911       Wed Oct 31 09:20 - 09:24  (00:04)
 scarter  pts/23       ml1dtp2911       Wed Oct 31 09:50 - 09:51  (00:01)
 scarter  pts/23       ml1dtp2911       Wed Oct 31 09:52 - 10:06  (00:13)
 scarter  pts/3        sp1dtp2914       Wed Oct 31 14:35 - 16:31  (01:55)
 scarter  pts/5        ml1dtp2911       Wed Oct 31 07:23 - 09:16  (01:53)
 scarter  pts/5        ml1dtp2911       Wed Oct 31 09:17 - 16:14  (06:57)
 scarter  pts/8        ml1dtp2911       Wed Oct 31 07:24 - 10:04  (02:40)
 scarter  pts/8        ml1dtp2911       Wed Oct 31 10:06 - 16:14  (06:08)
 sfick    pts/1        sp1dtp2915       Wed Oct 31 16:29 - 16:31  (00:02)
 sfick    pts/20       sp1dtp2915       Wed Oct 31 08:10 - 16:25  (08:15)
 sleatham pts/10       weldtp3019       Wed Oct 31 07:32 - 16:07  (08:34)
 ssmith   pts/5        ml1dtp2911       Wed Oct 31 06:49 - 06:53  (00:03)
 ssmith   pts/5        ml1dtp2911       Wed Oct 31 06:56 - 06:57  (00:00)
 wskirrow pts/16       bundtp2884       Wed Oct 31 07:55 - 15:32  (07:36)

2.  Configuring Logwatch to display the stats

This was tricky as I had always wanted to customise logwatch but never had need to until this customer’s request

Online help for logwatch is available via the Sourceforge Forums here:

…and customisation documentation seems scarce to find.

So, here’s a summary of what needs to be done to customise logwatch to include the output of the above script in the daily report

First, make sure logwatch is in fact installed in your Linux distro.  Then for Ubuntu users, start in /etc/logwatch – which ends up looking like this:

[root@asus logwatch]# tree -Cf
 .
 ├── ./conf
 │   ├── ./conf/ignore.conf
 │   ├── ./conf/logfiles
 │   │   └── ./conf/logfiles/lastsessions.conf
 │   ├── ./conf/logwatch.conf
 │   ├── ./conf/override.conf
 │   └── ./conf/services
 │       └── ./conf/services/lastsessions.conf
 └── ./scripts
 └── ./scripts/services
 └── ./scripts/services/lastsessions

Three files need to be created:

 [root@asus logwatch]# cat ./conf/logfiles/lastsessions.conf
 LogFile = lastsessions

…this tells logwatch to use the lastsessions file as the log file to check, found in the default /var/log/ location

[root@asus logwatch]# cat ./conf/services/lastsessions.conf
 Logfile = lastsessions
 Title = "Last Login Sessions Accounting"

…this tells logwatch the name of the log file to check, and the title to be used in the final logwatch report

[root@asus logwatch]# cat ./scripts/services/lastsessions
#!/usr/bin/perl

while (defined($ThisLine = <STDIN>)) {
 print $ThisLine;
 }
exit(0);

…lastly, this is the script logwatch will use against the log file previously defined, named the /var/log/lastsessions file.  It’s a simple Perl script which prints each line of the /var/log/lastsessions file to standard output – the output of course ends up in the logwatch report.

NOTE: Make sure the script has execute permissions

3.  Putting it all together

Once the above mods are made, the last thing to do is run the /usr/local/bin/lastSessions.sh script as a cronjob, before the logwatch cronjob runs at 4am.  I run it like this:

[root@asus ~]# crontab -l
 0 2 * * * /usr/local/bin/lastSessions.sh >/dev/null 2>&1

…everyday at 2am, the lastSessions.sh script produces the /var/log/lastsessions output file.  Then at 4am, logwatch parses the output file and includes the output in it’s report.

I like to run logwatch at detail level 10 (High), and have it produce an HTML formatted email report, so that navigating the various sub-reports is as easy as clicking the report headings links.  You configure logwatch to do this like so:

[root@asus ~]# cd /usr/share/logwatch/default.conf

…and make sure the following parameters are set in logwatch.conf:

 LogDir = /var/log
 TmpDir = /var/cache/logwatch
 MailFrom = Logwatch
 Print = No
 Range = yesterday
 Detail = High
 Service = All
 mailer = "sendmail -t"

NOTE: Default email goes to root, change this by modifying the MailTo = <address> parameter.  I use an alias of email addresses from /etc/aliases which I name logwatchUsers

Lastly, I make sure the logwatch output format is HTML, as follows:

[root@asus ~]# cat /etc/cron.daily/0logwatch
 #!/bin/bash
DailyReport=`grep -e "^[[:space:]]*DailyReport[[:space:]]*=[[:space:]]*" /usr/share/logwatch/default.conf/logwatch.conf | head -n1 | sed -e "s|^\s*DailyReport\s*=\s*||"`
if [ "$DailyReport" != "No" ] && [ "$DailyReport" != "no" ]
 then
 logwatch --output HTML
 fi

Typical logwatch output email will look like this (the headings are usually HTML links):

 * LOGWATCH Summary
 * System Configuration
 * Cron
 * httpd
 * Last Login Sessions Accounting   <-- This is the link to our report :-)
 * pam_unix
 * samba
 .
 .
 .
Last Login Sessions Accounting
Last Login Sessions Accounting Begin
 aarthur  pts/19       btydtp2926       Wed Oct 31 08:06 - 08:07  (00:00)
 ajones   pts/7        10.191.1.3       Wed Oct 31 07:23 - 15:58  (08:34)
 akarpath pts/0        vildtp003        Wed Oct 31 05:00 - 13:13  (08:13)
 askinner pts/15       sp1lap001        Wed Oct 31 07:46 - 16:06  (08:20)
 bhoar    pts/14       sp1lap003        Wed Oct 31 07:38 - 16:13  (08:34)
 dchua    pts/0        ml1dtp2898       Wed Oct 31 13:49 - 16:50  (03:00)
 dchua    pts/22       sp1lap032        Wed Oct 31 08:50 - 17:03  (08:12)
 .
 .
 ssmith   pts/5        ml1dtp2911       Wed Oct 31 06:49 - 06:53  (00:03)
 ssmith   pts/5        ml1dtp2911       Wed Oct 31 06:56 - 06:57  (00:00)
 wskirrow pts/16       bundtp2884       Wed Oct 31 07:55 - 15:32  (07:36)
 Last Login Sessions Accounting End

Happy monitoring!

Ubuntu / Debian equivalent to yum check-update – Tip of the Week

…been searching for the equivalent command to yum check-update for Ubuntu and Debian, and thanks to some Google searching, found what I needed, as follows:
1.  sudo apt-get update

…to ensure you have the latest package index files, then

2.  sudo aptitude search ‘~U’

…which is the aptitude syntax for search for upgradeable packages. Check out Daniel Burrows aptitude manual online here.

You can use the equivalent:

sudo aptitude search ‘?upgradable’

…but I thought folks could trip over the spelling of upgradable -vs- upgradeable (the latter won’t work)

🙂

Hope this helps!

Michael

VPNC and Mac OS X Lion, Mavericks (NOTE: Broken on Yosemite) – Tip of the Week

NOTE: Update 23 October 2014: This is broken on Yosemite because of tighter controls on unsigned kernel extensions. These are NO LONGER allowed to either load or run as unsigned extensions. This prevents the /dev/tun* or /dev/tap* devices from being created. More to follow …

Michael

===

How I got VPNC working in Mac OS X Lion (works in Mavericks too), without clobbering my /etc/resolv.conf file, while preserving my local, default gateway setting!

NOTE: These steps are best used to access your work laptop securely from Home, rather than your entire Office network.  Best to use the standard OS X VPN setup for that

Mac OS X Lion’s inbuilt Cisco IPSEC VPN client works a treat, except when you want to do two crucial things:

1.  Not forward all traffic through the Tunnel, and
2.  Preserve your DNS settings so that you can continue to roam freely outside the Tunnel

The canned options available to you in the Apple client do not let you configure it to this degree.

This is where VPNC comes in – I use it on my Ubuntu workstation in this exact way, so that I can access my Laptop within my Office Microsoft domain, while continuing to work as normal from Home.

Ubuntu’s VPNC package allows me to accomplish the two requirements mentioned earlier using the following two parameters in the .conf file:

Target networks 10.x.x.0/24
DNSUpdate no

The Target networks parameter basically tells VPNC I only want to access this particular private network – it effectively prevents all traffic from flowing through the tunnel interface, except for the given network address
And the DNSUpdate parameter, which is deprecated, preserves your local DNS settings by not allowing VPNC to clobber /etc/resolv.conf with the Tunnel’s server-side DNS settings

So much for the Ubuntu setup.  Now, on to OS X Lion!

In a nutshell, here are the steps needed to make this work in OS X:

1.  Install the Apple Xcode development system
2.  Install the Command Line Tools component in Xcode (just in case!)
3.  Install the MacPorts ecosystem from the wonderful people at www.macports.org
4.  Using the MacPorts ecosystem, install the VPNC port for OS X Lion
5.  Configure VPNC correctly

****

1.  The Xcode development system is available from the Mac OS X App Store

2.  Once installed, goto Applications in the Finder window, and double-click on Xcode – once open, goto Xcode Preferences -> Downloads -> Components
Select Command Line Tools and Install the component

3.  Goto www.macports.org and download and install their system

4.  Once MacPorts is installed, at a Terminal shell do:

sudo update selfupdate    <— This ensures you have the latest version of the MacPorts system
sudo port install vpnc

…this will automatically determine which dependencies are needed by VPNC, download and install them, and then download and install VPNC itself.

Among the VPNC dependencies is the tuntaposx Tunnel interface package – a crucial bit right here!

5.  The MacPorts system installs in /opt/local – very neat and tidy.  It will also auto-configure your PATH variable the next time you open a Terminal window to include the path to its own executables.  So for example to run vpnc, you only need to type ‘vpnc’ at the root command line.

You will find the VPNC conf files in the /opt/local/etc/vpnc directory.  For our purposes, here is a typical VPN conf file – taken from my Ubuntu system:

[michael@asus ~]$ sudo cat /etc/vpnc/EMC.conf

## generated by pcf2vpnc
IPSec ID <your group id>
IPSec gateway <your vpn gateway IP>
IPSec secret <yoursecret>

Xauth username DOMAIN\<username>
Xauth password <password>

IKE Authmode psk
Target networks 10.x.x.0/24
#
DNSUpdate no

…we simply should copy the conf file into the /opt/local/etc/vpnc directory, and run:

sudo vpnc EMC

…to get things going in Mac OS X – but there are some very crucial bits to do before this:

A)  The tuntaposx tunnel interfaces do not get automatically created, nor do the Kernel extensions get loaded, even though the tuntaposx package is properly installed.
I don’t know why this is – so here’s what we do:

sudo rsync -av /opt/local/Library/Extensions/* /Library/Extensions/      <— This copies the tap.kext and tun.kext Kernel extension bundles into the System Extensions directory
sudo rsync -av /opt/local/Library/StartupItems/* /Library/StartupItems/  <— This copies the tun and tap initialisation services into the System StartupItems directory

Reboot once this is done, and confirm you can see the following:

bash-3.2#  ls /dev/tun*
/dev/tun0       /dev/tun10      /dev/tun12      /dev/tun14      /dev/tun2       /dev/tun4       /dev/tun6       /dev/tun8
/dev/tun1       /dev/tun11      /dev/tun13      /dev/tun15      /dev/tun3       /dev/tun5       /dev/tun7       /dev/tun9

(…we are only interested in tun devices, not tap devices)

…and also check that the Kernel extensions have been loaded too:

bash-3.2# kextstat |grep foo
109    0 0xffffff7f81afd000 0x8000     0x8000     foo.tun (1.0) <7 5 4 1>
110    0 0xffffff7f81b07000 0x7000     0x7000     foo.tap (1.0) <7 5 4 1>

B)  Comment out the two superfluous parameters from the conf file:

# Target networks 10.x.x.0/24
# DNSUpdate no

…these two parameters are not needed anymore

C)  Use the VPNC vpnc-script to emulate what the two parameters effectively did:

cd /opt/local/etc/vpnc
cp vpnc-script vpnc-script_ORIG

…and make the following changes using vi to vpnc-script:

#* INTERNAL_IP4_DNS             — list of dns serverss
INTERNAL_IP4_DNS=

#* CISCO_SPLIT_INC              — number of networks in split-network-list
#* CISCO_SPLIT_INC_%d_ADDR      — network address
#* CISCO_SPLIT_INC_%d_MASK      — subnet mask (for example: 255.255.255.0)
#* CISCO_SPLIT_INC_%d_MASKLEN   — subnet masklen (for example: 24)
CISCO_SPLIT_INC=1
CISCO_SPLIT_INC_0_ADDR=10.x.x.0
CISCO_SPLIT_INC_0_MASK=255.255.255.0
CISCO_SPLIT_INC_0_MASKLEN=24

The INTERNAL_IP4_DNS=

…parameter effectively says do not clobber /etc/resolv.conf, and the

CISCO_SPLIT*

…parameters effectively setup a private connection through the tunnel to the 10.x.x.0 network

The default vpnc-script above is always called when vpnc is run, and with the above changes made, we can now make a connection:

[michael@air ~]$ sudo vpnc EMC

add net 10.x.x.0: gateway 10.x.x.8
add host x.x.x.x : gateway 192.x.x.1
add net 10.x.x.0: gateway 10.x.x.8
VPNC started in background (pid: 800)…

[michael@air ~]$ netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags        Refs      Use   Netif Expire
default            192.x.x.1      UGSc           45        0     en0
10.x.x/26       10.x.x.8        UGSc            0        0    tun0
10.x.x.8        10.x.x.8        UH              2        0    tun0
10.x.x/24       10.x.x.8        UGSc            0        0    tun0
.
.
.
…I can still resolve external hostnames, using my local DNS settings:

[michael@air ~]$ cat /etc/resolv.conf
#
# Mac OS X Notice
#
# This file is not used by the host name and address resolution
# or the DNS query routing mechanisms used by most processes on
# this Mac OS X system.
#
# This file is automatically generated.
#
domain theabbouds.lan
nameserver 192.x.x.1

[michael@air ~]$ ping http://www.google.com
PING http://www.l.google.com (74.125.237.112): 56 data bytes
64 bytes from 74.125.237.112: icmp_seq=0 ttl=56 time=10.193 ms
64 bytes from 74.125.237.112: icmp_seq=1 ttl=56 time=13.795 ms
64 bytes from 74.125.237.112: icmp_seq=2 ttl=56 time=13.579 ms

I can now ping the IP of my Office Laptop:

[michael@air ~]$ ping 10.x.x.33
PING 10.x.x.33 (10.x.x.33): 56 data bytes
64 bytes from 10.x.x.33: icmp_seq=0 ttl=122 time=18.259 ms
64 bytes from 10.x.x.33: icmp_seq=1 ttl=122 time=30.517 ms
64 bytes from 10.x.x.33: icmp_seq=2 ttl=122 time=23.366 ms
64 bytes from 10.x.x.33: icmp_seq=3 ttl=122 time=22.495 ms
64 bytes from 10.x.x.33: icmp_seq=4 ttl=122 time=20.989 ms

…and run an RDP session to it – at the same time

search / find by size on Unix / Linux systems – Tip of the Week

Searching by size on *nix systems by using the find command may not be readily apparent.

Say you have a file system approaching 100% full (/var/log is an example which comes to mind), and you want to do some housekeeping.  You want to locate all files in /var/log which are larger than say 10Mbyte – here is the find command which will do this for you:

find /var/log -size +10000000c -ls

… this will locate all files larger than 10,000,000 characters, i.e. 10Mbytes, and will do a long ls listing, which will show the full path and size of each file.  In older Unix systems, the -ls command may not be an option to the find command, so you can use the -exec option instead:

find /var/log -size +10000000c -exec ls -lt {} \;

…which will do the same thing.  Let’s say you have your root file system nearly full, and also have a number of other file systems mounted under /.  How do you restrict your find command to only search under the root file system, and not the others?  Use the -xdev option, as follows:

find / -xdev -size +10000000c -exec ls -lt {} \;

..this will only search under / and will not cross file system boundaries to other mount points.

bash shell – Tip of the Week: Those pesky comments!

Have you grown tired of going through lines and lines of comments in a configuration file, when all you want to see is what parameters are actually set?

Are you tired of using ‘grep -v‘ to eliminate the lines you don’t want to see?

Well, this handy little alias I’ve called nocomm in your .bash_profile can help.

Somewhere in your home bash profile ~/.bash_profile, create an inbuilt function and then alias it, like this:
.
.
.
grepvalues()
{
       grep -v ^# $1 | grep -v ^$
}

alias nocomm=grepvalues

… the alias becomes active at the next login (or immediately, if you source the file like this ‘. ~/.bash_profile‘)

The alias works by not showing any line beginning with a comment, nor any blank lines, like this:

[root@asus ~]# nocomm /etc/sysconfig/nfs

RQUOTAD=”/usr/sbin/rpc.rquotad”
RQUOTAD_PORT=10005
LOCKD_TCPPORT=30001
LOCKD_UDPPORT=30001
MOUNTD_PORT=10004
STATD_PORT=10002
STATD_OUTGOING_PORT=10003