Generate Puppet or Chef recipes from a Ubuntu system state

blueprint is DevStructure’s workhorse tool that looks inside popular package managers, finds changes you made to configuration files, and archives software you built from source to generate Puppet, Chef, or shell code.  Everything blueprint sees is stored in Git to be diffed and pushed.  It runs on Ubuntu Linux 10.04 and newer.

Dual monitors crashing Linux with NVIDIA drivers

My T410 has a NVIDIA graphics card (NVS 3100M).

My BIOS configuration looks like this:

  • NVIDIA Optimus is disabled in
  • "Discrete" mode on
  • Internal Intel card deactivated

My X crashed when trying to activate both Dell U2410 monitors connected using DVI to the docking station.

The solution was to disable DDC/CI on the monitors: Menu -> Other settings -> DDC/CI disable

Note that you shouldn't disable DDC/CI if you don't have any issues with your displays.

Insert an ndash and other special characters using the Compose key on Linux

Although you can access many symbols using the AltGr key you may be missing some, like the en-dash (–) or em-dash (—). You can use a compose key for them instead.

First, make sure you have a compose key configured.

Configuring a compose key

I suggest using the "Menu" key which is located between the right Meta and Ctrl key.

Ubuntu / MATE

Control Center → Keyboard → Layout → Options → Position of Compos...

AppArmor in Linux

This note is a reminder that there is something called AppArmor that could cause weird errors ("File not found", "Can't open file or directory", ...) after configuration changes, e.g. when changing MySQL's data directory.

Remember to have a look at AppArmor's daemon configuration (usually at /etc/apparmor.d/) if you change daemon configuration and run into errors such as the one above.

Encrypt files using OpenSSL

Using OpenSSL it's very easy to seriously encrypt files.
Use the script below. Input / Output are self explanatory. Put a long passphrase into PASSWORD_FILENAME. It is the key to decrypt to file again. Paste this into a console and copy it to wherever you need it.

touch /tmp/openssl_encryption_password && chmod 0700 /tmp/openssl_encryption_password && apg -n1 -m 60 > /tmp/openssl_encryption_password

Remember to at least delete the input file afterwards. Better use [shred to wipe files on Linux](https://makandracards.com/makandra/1013-s...

Securely remove files on Linux

When you delete a file with rm it's still possible to recover the file or parts of it. Use shred to overwrite the content of a file and delete it afterwards.

shred -u $file

Be aware that this is not sufficient for flash memory, like SSDs or USB pen drives. The write will possibly target another memory area than where the file was located previously. Prefer disk encryption whenever possible.

Erasing directories

To erase complete directory structures, using shred is cumbersome. Use wipe instead:

wipe -...

Continously run command under bash

Sometimes you want to run a command forever, e.g. to compile a haml to html file on the console. Use this:

$ while(true) do haml index.haml index.html; sleep 1.5; done

Linux: rename or change extension of multiple files

When you need to bulk rename files you can not call "mv *.foo *.bar" to change the extension of all .foo files to bar (because bash resolves wildcards and replaces them with the list of matched files).

This works on linuxes who use the Perl version of the rename command (like Ubuntu):

rename 's/\.foo$/\.bar/' *

You can also use this to rename other parts of the file, e.g. from flag_en.png, flag_de.png etc. to just en.png or de.png:

rename 's/^flag_//' *

Note that we used $ and ^ to explicitly look at the ...

Show the name and version of your Linux distribution

To list the name and version of your Linux distribution, type the following:

cat /etc/*-release

babushka: test-driven sysadmin

The idea is this: you take a job that you'd rather not do manually, and describe it to babushka using its DSL. The way it works, babushka not only knows how to accomplish each part of the job, it also knows how to check if each part is already done. You're teaching babushka to achieve an end goal with whatever runtime conditions you throw at it, not just to perform the task that would get you there from the very start.

Allow a user to run a single command with root privileges

It's that simple to allow one of your Linux users to run a single command as UID 0:

  1. sudo visudo
  2. Add the line below to allow user 'deploy' to run /usr/bin/bundle with root privileges
deploy  ALL=NOPASSWD: /usr/bin/bundle

Shell script to clean up a project directory

Call geordi clean from a project root to remove unused and unnecessary files inside it.


This script is part of our geordi gem on github. In Geordi > 1.2 you can call geordi clean.

Installing Nokogiri

Because Nokogiri needs to be compiled and dynamically linked against both libxml2 and libxslt, it has gained a reputation for being complicated to install. Let’s wrassle this little myth to the ground, shall we?

Install gems for all bundled projects

This is a bash script for those of you who need to install all gems for all projects (e.g. to get started quickly on a newly installed system).

Put it into your ~/bin/ and run it from the directory that holds your projects.

Note that, like the vanilla bundle install, this will fail whenever a new gem compiles native components and requires a missing system dependency.

Bash Cheat Sheet (standard Emacs mode)

  • Ctrl + R Search commands you entered previously. Press Ctrl + R again to search further back, Ctrl + Shift + R searches forward again.

  • Ctrl + W Deletes from the cursor position to the left.

  • Ctrl + _ Undo. Yes, this also works with a German keyboard layout.

  • Ctrl + L Clear screen.

  • Ctrl + D _Close shell. (EOT, just like in many other shells.) Note: if you dove into another shell (e.g. with sudo su username) you will close it and return to ...

Shell script to quickly switch Apache sites

I prefer the application that I'm currently working on to be reachable at http://localhost/.

So when I switch to another project, I use this handy shell script to set one site as the current one. Call it just like this:
apache-site makandra-com

Note that it disables all other sites in your Apache configuration so you would not want to use this on production machines.
Furthermore it will also enable the default site if that was available.

When you call apache-site with no arguments, it will list all available sites.


...

An obscure kernel feature to get more info about dying processes

This post will describe how I stumbled upon a code path in the Linux kernel which allows external programs to be launched when a core dump is about to happen. I provide a link to a short and ugly Ruby script which captures a faulting process, runs gdb to get a backtrace (and other information), captures the core dump, and then generates a notification email.

Kill a dead SSH shell

If a SSH shell dies (from timeout for example), you cannot kill it with the usual CTRL-C or CTRL-Z. Instead, press
[ENTER]~.
(That is ENTER TILDE PERIOD).

Sun Java JVM/JRE on Ubuntu Linux

Note that you should disable the Java plug-in in your browsers after installation.

Ubuntu >= 12.04

Java 11

sudo apt install openjdk-11-jre-headless

Java 10

sudo add-apt-repository ppa:linuxuprising/java
sudo apt-get update
sudo apt-get install oracle-java10-installer

Java 8

You probably want to get rid of OpenJDK (which is installed by default and leads to bad RubyMine performance):

...

Find files modified since a given timestamp

If you need to find all files inside a directory that were modified in the last 24 hours you can do this:

find . -mtime 1

You can also refer to another file's timestamp like this:

find . -cnewer other_file

This can be used to check against a specific timestamp, too. This is how you check for all files modified today (since 00:00):

touch -t `date +%m%d0000` /tmp/$$
find . -cnewer /tmp/$$

Note that $$ returns the current bash's PID so you will get some file like /tmp/12345 that stays the same for the current shell. This...

Recursively remove unnecessary executable-flags

Sometimes files attain executable-flags that they do not need, e.g. when your Windows VM copies them over a Samba share onto your machine.

From inside your Rails project directory call regularly:

geordi remove-executable-flags

Runs chmod -x on Ruby, HTML, CSS, image, Rake and similar files.


This script is part of our geordi gem on github.

Linux: create a symbolic link

You may omit the /path/to/link_name to have a link with the same filename appear in the current directory

ln -s /path/to/file /path/to/link_name

unlink link_name       // to remove the link and not where it is pointing at

Task Switch in Linux Console

To pause and send a task to the background
ctrl+z

to reactivate the task
fg

to run task in background
bg

to see a list of so running tasks
jobs

Change default size of Gnome terminal

Open the configuration file:

gksudo gedit /usr/share/vte/termcap/xterm

Find a line like this:

:co#80:it#8:li#24:\

Change the first and last number to your desired columns and rows:

:co#160:it#8:li#40:\

Save your changes and close all open terminals. New terminals should now open with the new size.