To automate some of the deployment steps on my personal server, I needed a tool which can be triggered by a webhook and does execute some pre-defined commands.

A classic solution for this would be to have a simple PHP script with a call to system(...). But I don't have PHP installed on the server itself and wanted this to be more lightweight than a full Apache+PHP installation.

Thus exec-hookd was born. It is a small Go daemon which listens to HTTP POST requests and runs pre-defined commands when a matching path is requested.

Its configuration lives in a small JSON file, which lists the port to listen on and the paths together with their commands to execute:

{
  "Port": 8059,
  "HookList": [
    {
      "Path": "/myhook",
      "Exec": [
        {
          "Cmd": "/usr/bin/somecmd",
          "Args": [
            "--some",
            "arguments"
          ],
          "Timeout": "5s"
        }
      ]
    }
  ]
}

The commands are called with a timeout after which they are stopped to avoid that things hang around forever.

Found this inspiring blog post about how to use your own domain for Docker images. (via HN)

It explains how to use your own domain with redirects such that the Docker registry hosting the images can be changed easily. Your domain is only used for issueing HTTP redirects, so that the actual data storage and transfer happens directly with the Docker registry.

The blog post comes with a sample implementation for Caddy. As my server is running nginx, I used the following config snippet to achieve the same result:

server {
	listen 443 ssl;
	listen [::]:443 ssl;

	server_name	docker.x-way.org;

	access_log	/var/log/nginx/docker.x-way.org.access.log;
	error_log	/var/log/nginx/docker.x-way.org.error.log;

	ssl_certificate		/etc/letsencrypt/live/docker.x-way.org/fullchain.pem;
	ssl_certificate_key	/etc/letsencrypt/live/docker.x-way.org/privkey.pem;

	location / {
		return 403;
	}

	location = /v2 {
		add_header Cache-Control 'max-age=300, must-revalidate';
		return 307 https://registry.hub.docker.com$request_uri;
	}
	location = /v2/ {
		add_header Cache-Control 'max-age=300, must-revalidate';
		return 307 https://registry.hub.docker.com$request_uri;
	}
	location = /v2/xway {
		add_header Cache-Control 'max-age=300, must-revalidate';
		return 307 https://registry.hub.docker.com$request_uri;
	}
	location /v2/xway/ {
		add_header Cache-Control 'max-age=300, must-revalidate';
		return 307 https://registry.hub.docker.com$request_uri;
	}
}

Quickly tested it with some docker pull commands and already integrated it into the build process of dnsupd.

For a temporary log analysis task, I wanted to get the last 24h of logs from a Postfix logfile.
To achieve this I came up with the following AWK oneliner (which fails in spectacular ways around new years):

This is then used in a cronjob to get a pflogsumm summary of the last 24h:

(via)

To add a new node to an existing MongoDB cluster, login to the mongo shell on the primary node and run the following command:

rs.add({host:"mongodb3.example.net:27017"})

Similar to remove a node from the cluster, use:

rs.remove("mongodb3.example.net:27017")

The default configuration of snmpd on Debian has debug level logging enabled and thus we end up with a constant flood of these messages in /var/log/syslog

snmpd[19784]: error on subcontainer 'ia_addr' insert (-1)

The fix is to lower the logging level, which can be accomplished like this on systems with systemd:

cp /lib/systemd/system/snmpd.service /etc/systemd/system/snmpd.service
sed -i 's/Lsd/LS6d/' /etc/systemd/system/snmpd.service
systemctl daemon-reload
systemctl restart snmpd

On systems without systemd, the logging level is set by the init script (unless explicitly configured in /etc/default/snmpd), and can be changed like this:

sed -i 's/Lsd/LS6d/g' /etc/default/snmpd
sed -i 's/Lsd/LS6d/g' /etc/init.d/snmpd
service snmpd restart

Recently the disk holding the root (/) filesystem on one of my linux systems started to report increased SMART raw read error rates, seek error rates and ECC recovered hardware errors.

As these are early indications of a failing disk, it became time to replace the disk.

Normally replacing a disk comes down to plugging in the new one, coyping over the data, umount the old disk, mount the new one in place, unplug the old disk.
But when it is the disk with the root filesystem a couple extra steps are needed.

The steps below worked for my Debian system without problems (even used the opportunity to upgrade to an SSD :-)

(source is this thread on StackExchange)

The following makes some assumptions:

• All commands ran as root when possible
• You are on a physical console to the host (need to type in grub commands to boot up the new disk!)
• You want an ext4 files system
• You are loosely familiar on a basic level with all commands run
• You are NOT booting from a RAID device

So here we go.

1. Physically install new disk into computer and connect to available port leaving old disk in existing position.
2. Boot computer into old OS.
3. Prepare and mount new disk; first identify new disk
   fdisk -l
4. Partition new disk
   fdisk /dev/(newdisk)
   Make partition primary partition with type "83" file system type.
5. Create filesystem
   mkfs.ext4 /dev/(newpartition)
6. Mount new filesystem
   mkdir /mnt/(newpartitionmountpoint)
   mount /dev/(newpartition) /mnt/(newpartitionmountpoint)
7. Copy disk:
   /sbin/init 1 (drop to single user mode)
   rsync -avxHAX / /mnt/(newpartitionmountpoint)
8. Update FSTAB on newdisk
   blkid (note UUID of new partition)
   vi /mnt/(newpartitionmountpoint)/etc/fstab
   Replace existing UUID of / in FSTAB to new disk UUID
9. Configure grub and install to new disk boot loader:
   grub-mkconfig
   update-grub
   grub-install /dev/(newdisk)
10. Copy grub.cfg from old disk to new
    cp -ax /boot/grub/grub.cfg /mnt/(newpartitionmountpoint)/boot/grub/grub.cfg
11. Open grub.cfg on new disk and replace all UUIDs with new disk
    vi /mnt/(newpartitionmountpoint)/boot/grub/grub.cfg
    Replace all old UUIDs with the UUID of the new disk
12. Shut down computer
    shutdown
13. Physically move the new drive to the 1st drive location and remove old drive
14. Start computer and grub should present:
    

    error: no such device: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
    
    GRUB rescue>

15. Manually boot new OS from grub; first identify the drive and partition of the boot files
    ls [to identify your drive and partition options]
    ls (hdx,p)/ [to identify which partition has the /boot folder]
16. Then, you can load the boot menu manually from the drive and partition you found above. Typically this would be (hd0,msdos1).
    set prefix="(hdx,p)/boot/grub"
    set root="(hdx,p)"
    insmod normal
    normal
17. Login to OS on new drive
18. Configure grub again
    fdisk -l (note dev of newdisk)
    grub-mkconfig
    update-grub
    grub-install /dev/newdisk

And that should be it!

On my Linux hosts I'm running rkhunter. On a newly configured host it lately reported the following warning:

Warning: The SSH and rkhunter configuration options should be the same:
        SSH configuration option 'PermitRootLogin': no
	Rkhunter configuration option 'ALLOW_SSH_ROOT_USER': no

On first sight the warning does not seem to make much sense, as both configuration options seem to be set to the same value (no).
But digging further reveals that they are stored slightly different:

# file /etc/rkhunter.conf
/etc/rkhunter.conf: ASCII text
# file /etc/ssh/sshd_config
/etc/ssh/sshd_config: ASCII text, with CRLF line terminators

Turns out that rkhunter is also checking the line terminators as part of the configuration values, and warns because they are different.

Knowing this, the fix is simple: run dos2unix on the CRLF file

Sometimes you need to be notified about reboots of a machine without having the luxury of a proper monitoring system.

The following crontab entry triggers an e-mail when the host has been rebooted in the last 5 minutes.

*/5 * * * * [ $(sed -e 's/\..*//' /proc/uptime) -lt 540 ] && echo "Host has been rebooted! Uptime: $(uptime)"

Postfix provides the reject_unknown_sender_domain check which allows to only accept incoming e-mails sent from domains which actually exist.

Unfortunately there exists this one external service which uses a non-existing subdomain to send their notification e-mails. Thus all their notifications get rejected.

The following configuration allows to keep the reject_unknown_sender_domain check in place, but to exclude a specific domain from this check.

# snippet in main.cf
smtpd_sender_restrictions = check_sender_access pcre:/etc/postfix/sender_domain_verification

# exclude regex in sender_domain_verification
!/@domain\.to\.exclude\.com$/ reject_unknown_sender_domain

Your distribution might ship Postfix support for pcre matches in a dedicated package which needs to be installed separately (in the case of Debian you need to install the postfix-pcre package).

I've just added the indexcolor patch to my Mutt 1.5.24 Homebrew Formula.

To use this Formula just type brew tap x-way/mutt followed by brew install x-way/mutt/mutt --with-trash-patch --with-indexcolor-patch to install Mutt 1.5.24 with trash_folder and indexcolor support.

At work I'm a quite avid user of Mutt. Unfortunately the upgrade to the recently released version 1.5.24 did not go over as smooth as expected.

I'm using Homebrew to install Mutt on Mac OS X, and even though there is an updated version in the official Homebrew repository, it no longer comes with the trash_folder patch (it fails to apply against the 1.5.24 source tree and was thus removed).

In order to build the new Mutt version with the trash_folder support, I updated the patch for version 1.5.24: mutt-1.5.24-trash_folder.diff.

The official Homebrew repository prefers unpatched packages and encourages the creation of independent "Taps" (package repositories) for patched packages. Thus I also created my own Homebrew Tap which contains the 1.5.24 version of Mutt with the updated trash_folder patch: x-way/homebrew-mutt.

To use this Tap just type brew tap x-way/mutt followed by brew install x-way/mutt/mutt --with-trash-patch to install Mutt 1.5.24 with trash_folder support. Cheers!

Puppet Infrastructure 2015

The Quagga version in Debian 8 (v0.99.23.1) suffers from a bug in ospf6d, which causes that no IPv6 routes are exchanged via point-to-point interfaces.

In order to workaround this problem (and re-establish IPv6 connectivity), a downgrade of the quagga package can be done.
For this we add the 'oldstable' entry to sources.list and pin the quagga package to the old version.

Entry to add to /etc/apt/sources.list:

deb http://mirror.switch.ch/ftp/mirror/debian/ oldstable main

Entry to add to /etc/apt/preferences:

Package: quagga
Pin: version 0.99.22.*
Pin-Priority: 1001

After the entries have been added, run apt-get update followed by apt-get install quagga to downgrade to the old quagga package.

To avoid the automatic installation/switch to systemd during the upgrade to Debian 8, it is enough to prevent the installation of the systemd-sysv package.

This can be done by creating a file /etc/apt/preferences.d/no-systemd-sysv with the following content:

Package: systemd-sysv
Pin: release o=Debian
Pin-Priority: -1

(via)

The UNIX System: Making Computers More Productive, 1982, Bell Laboratories

Before sending a CSR off to your CA, it is worth checking that all parameters are correct.
Especially you should make sure that the requested signature algorithm is SHA256 and not the deprecated SHA1.

This can be done with the following OpenSSL command:

openssl req -noout -text -in <your_CSR_file>

1. Properly shutdown the guest:

   guest# poweroff

2. Create an LVM volume of the same size on the new machine:

   newmachine# lvcreate -L 120G -n myguest myvolgroup

3. Copy the disk from the old machine over to the new one:

   oldmachine# dd if=/dev/vg_foo/lv_bar | ssh newmachine dd of=/dev/volgroup/myguest

4. Wait for the transfer to complete (on a 100Mbit/s connection it took about 3.5 hours to transfer the 120GB).
5. Copy /etc/libvirt/qemu/myguest.xml from the old machine over to the new machine and adapt the LVM path for the disk.
6. Reload the libvirt configuration:

   newmachine# /etc/init.d/libvirt-bin reload

7. Start up the guest on the new machine:

   newmachine# virsh start myguest

1. Boot from a helper system and get a root shell (I used the rescue mode of the Debian installer)
2. Check the filesystem of the partition to resize:

   e2fsck -f /dev/vg_foo/lv_bar

3. Resize the filesystem (make it a bit smaller than the target size, to have a safety margin when resizing the logical volume):

   resize2fs /dev/vg_foo/lv_bar 180G

4. Reduce size of the logical volume:

   lvreduce -L 190G /dev/vg_foo/lv_bar

5. Grow the filesystem to the new size of the logical volume:

   resize2fs /dev/vg_foo/lv_bar

6. For good measure run another filesystem check:

   e2fsck -f /dev/vg_foo/lv_bar

Found this neat trick in Brendan Gregg's Blazing Performance with Flame Graphs talk.

Switching to LANG=C improved performance by 2000x

In a quick test I directly got a performance gain of factor 50.22.
This is quite an achievement for only changing one environment variable.

real:~# du -sh /var/log/querylog 
148M	/var/log/querylog
real:~# time grep -i e /var/log/querylog > /dev/null 

real	0m12.807s
user	0m12.437s
sys	0m0.068s
real:~# time LANG=C grep -i e /var/log/querylog > /dev/null

real	0m0.255s
user	0m0.196s
sys	0m0.052s

I suspect that the performance gain may vary quite a lot depending on the search pattern. Also, please note that this trick only works when you know that the involved files and search patterns are ASCII only.

(via Standalone Sysadmin)

For a long time it annoyed me everytime that less only showed ASCII codes instead of colors when piping some 'color-enabled' output into it.

Turns out there is an easy fix for that:

colordiff a/foo b/foo | less -R

Thanks to Major Hayden for this very useful tip!

openssl gendh -out dh4096.pem 4096

The HAVP blacklist script chocked on some entries from PhishTank. These issues have been fixed with some more sed magic and I've put and updated version of the script on Github.

When working with virtualization technologies like KVM on Debian, you might need to configure bridge interfaces which are not attached to a physical interfaces (for example for a non-routed management network or similar).
Debian uses the directive bridge_ports in /etc/network/interfaces to indicate whether an interface is a bridge interface or not. The syntax checker does not accept an empty bridge_ports directive since he expects a list of physical interfaces to attach to the bridge interface.

When needing a bridge interface without any physical interfaces attached, usually people configure this interface by hand or with a special script.
Since I manage /etc/network/interfaces with my Puppet module, I would like to use it to configure all network interfaces including the unattached bridge interfaces.
It turns out that this can be done by passing none as parameter for the bridge_ports directive like this:

interface br0 inet static
	address 192.0.2.1
	netmask 255.255.255.0
	bridge_ports none

Since the default templates of HAVP look like being stuck in the 90's, I created some nice-looking templates.
You can download them from GitHub: https://github.com/x-way/havp-templates
Currently there is only the german version, feel free to send me a pull-request with another translation :-)

For basic virus protection I'm running a proxy with HAVP and ClamAV.
Since some time I was using HAVPs blacklist functionality to block Ads (by blacklisting *.doubleclick.net and *.ivwbox.de). As such a manual blacklist is not very efficient I wanted to have an auto-updating list of adservers, thus I started to write the shellscript below which generates an up-to-date blacklist based on the adserverlist from pgl.yoyo.org.

Shortly after this I extended the script to also incorporate a Phising blacklist based on the data from PhishTank.
Currently I'm using the version below which runs in a cronjob every two hours and keeps the HAVP blacklist up-to-date. Please note that you need to insert your own free PhishTank API key when using this script.

#!/bin/sh

cd /etc/havp

OUTFILE=/etc/havp/blacklist

ADSERVERLIST=/etc/havp/adserverlist
PHISHTANK=/etc/havp/phishtank
MYBLACKLIST=/etc/havp/myblacklist

wget -q -N "http://pgl.yoyo.org/adservers/serverlist.php?hostformat=webwasher;showintro=0;mimetype=plaintext"
sed -e 's_^//_#_g' serverlist.php* | sort | uniq > $ADSERVERLIST

wget -q -N http://data.phishtank.com/data/<PhishTank API key>/online-valid.csv.bz2
bzcat online-valid.csv.bz2 | sed \
	-e 's/^[0-9]*,//' \
	-e 's@,http://www.phishtank.com/phish_detail.php?phish_id=[0-9]*,.*$@@' \
	-e 's/^"\(.*\)"$/\1/'  \
	-e 's_^https\?://__' \
	-e 's_/$_/*_' \
	-e 's_^\([^/]*\)$_\1/*_' \
	-e 's/?.*/*/' | \
grep -vF 'phish_id,url,phish_detail_url,submission_time,verified,verification_time,online,target' | \
iconv -f utf8 -t ascii -c - | sort | uniq > $PHISHTANK


echo "# blacklist file generated by $0, `date`" > $OUTFILE

echo "\n# MYBLACKLIST:" >> $OUTFILE
cat $MYBLACKLIST >> $OUTFILE

echo "\n# ADSERVERLIST:" >> $OUTFILE
cat $ADSERVERLIST >> $OUTFILE

echo "\n# PHISHTANK:" >> $OUTFILE
cat $PHISHTANK >> $OUTFILE

Thanks to the ngx_echo module, it is trivially easy to build a clone of the icanhazip.com service with nginx:

server {
	listen 80; 
	listen [::]:80;

	location / { 
		echo $remote_addr;
	}   
}

While playing around with my Puppet configuration I discovered that the 'system facts' returned by the Facter helper tool were not consistent on my Debian boxes.

On some machines Facter properly reported all LSB related facts of the system, while on other machines it did not report any such information.
The problem occurred on about 50% of the hosts, so I excluded a bug introduced by manual over-tuning of the system configuration.

Further investigation showed that Facter uses the lsb_release command to collect the LSB information of the system.
On Debian this command is provided by the lsb-release package which was only installed on half of my systems...

Now my Puppet manifests include the following configuration directive which should prevent this problem in the future :-)

package { 'lsb-release':
	ensure => installed,
}

Quick and dirty way to get an alert before your server starts to go crazy because of a full disk.

This script checks if a disk is more than 75% full.

#!/bin/bash

df -h | awk '/%/ {
        limit = 75
        percent = sprintf("%d",$5)
        if ( percent > limit ) {
                print "Warning: ",$6," (",$1,") is to ",percent,"% full:"
                print $0
        }
}'

Save it under /root/check_disk_usage.sh and create the following crontab entry to check the disk usage every day at half past midnight.

30  0  *   *   *     /root/check_disk_usage.sh

Assuming your host has configured an MTA and defined a recipient for root@<yourhost>, you should get an e-mail whenever a disk is more than 75% full.

To process all **frozen** messages in the Exim queue use this command:

mailq | grep frozen | awk '{print $3}' | xargs exim -v -M

To whipe the Exim message queue use the following command:

exim -bp | exiqgrep -i | xargs exim -Mrm

Adding the following line to the Exim4 configuration prevents that all the disk space is used up by the messages in the spool folder:

check_spool_space=100M

This refuses incoming messages with a "452 Space shortage, please try later" message when less than 100 megabytes of disk space are available on the partition where the spool folder resides.

• VIM as a Diff/Merge Tool
• 10 Easy Steps to Becoming a Vim Expert
• vim As A Personal Wiki

1. sudo apt-get install kaffeine dvb-utils mercurial linux-headers-$(uname -r) build-essential
2. hg clone http://linuxtv.org/hg/v4l-dvb
3. cd v4l-dvb
4. sudo make
5. sudo make install

If you're using another flavor of Linux or Ubuntu you may be missing the firmware file, you can get it here.

XSel gives easy commandline access to the X11 clipboard (primary & secondary).

Unix Toolbox, a nice collection of Unix/Linux/BSD commands, may be useful for advanced users.

• Learn 10 good UNIX usage habits
• Productivity tips
• Become a better blogger with UNIX

Instead of learning for the exams, I mess around with strange things:

arkanoid.sed is a breakout-game written entirely in sed. Download the sed-file and use sed -f arkanoid.sed to start the game. (via)

NameVirtualHost *:443
NameVirtualHost *:80

<VirtualHost *:80>
	ServerName example.org
	RewriteEngine on
	RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R]
</VirtualHost>

<VirtualHost *:443>
	ServerName example.org
	DocumentRoot /var/www/example.org
	...
</VirtualHost>

Thanks to this (really simple) tutorial from debian-administration.org I managed to enable SSL on my server. Thus links.x-way.org is available via HTTPS.

If you run a server without SSL, please take two minutes and enable it.
Your users will be thankfull for their protected privacy.

Today I finally installed a mail transfer agent/mail delivery agent on my server.

I quickly looked at the most popular applications for such a job (Exim, Postfix and qmail) and choosed Exim 4 (especially because it's the only one which is 'real' opensource).

Then I searched a Howto or tutorial on Google, but most results were not really useful. For example the Exim 4 Howto from debianhowto.de like many others disappointed me a bit since they don't give any advice on configuring Exim. But after some evolution and mutation of the search string I finally found a very good guide.

Configuring Exim4 and Courier IMAP under Debian GNU/Linux from Jason Boxman helped me to set up Exim step by step. Not also he explains how to install Exim but he also shows how to interact with Courier IMAP and how to secure all transfers with SSL.

I can only recommend you this guide if you want to install Exim 4 on a Debian system.

Linux wurde erfolgreich auf dem Intel-iMac gebootet! :-)

Mit Hilfe des EFI Linux Bootloaders elilo, eines modifizierten Kernels und eines gehackten Vesa-Framebuffer Treibers ist es dem Xbox-Linux Entwickler Edgar Hucek aka gimli gelungen den Linux Kernel und anschliessend auch Gentoo Linux auf einem 17-Zoll iMac mit Intel Core Duo Prozessor zum Laufen zu bringen.

Im Mactel-Linux Wiki finden sich schon ein paar Screenshots sowie die Ausgaben von dmesg und lspci.
Momentan konnte die graphische Oberfläche (aka X) noch nicht zum Starten gebracht werden. Anhand der Zeile

01:00.0 VGA compatible controller: ATI Technologies Inc Unknown device 71c5

in der Ausgabe von lspci vermute ich, dass die ATI Graphikkarte nicht erkannt/unterstützt wird und deshalb X noch nicht gestartet werden kann. Aber wie vom Entwickler gesagt, ist Mactel-Linux vorerst nur ein grosser Hack, und es wird noch etwas Zeit benötigen bis Linux stabil auf den Intel Macs läuft.

Bei der Namenswahl hätten sich die Entwickler von mir aus lieber etwas anderes einfallen lassen können. 'Mactel' assoziere ich mit Telefon und nicht mit Computer. Aber daran werde ich mich wohl gewöhnen müssen, genauso wie an das unmögliche 'MacBook Pro'.

via symlink.ch

Update 18.02.06:

Mittlerweile existiert auch ein HOWTO und eine Memory Map des EFI. Der gehackte Vesa-Framebuffer Treiber funktioniert bis jetzt aber ausschliesslich mit dem 17-Zoll iMac.

Da gerade mein Kernel "geupdatet" wird, habe ich den Patch zur Unterstützung der PowerBook Buttons an die aktuelle Kernelversion angepasst.

Bei dieser Gelegenheit habe ich den neuen Patch an ein paar Kernelentwickler geschickt, vielleicht schafft er's diesmal bis in den "offiziellen" Kernel.

Update:
Der Patch hat's bis zu Linus geschafft ([PATCH] macintosh/adbhid.c: adb buttons support for aluminium PowerBook G4), wird also in der nächsten Kernelversion dabei sein :-)

Heute habe ich beim Einkaufen diese 'Webcam' entdeckt. Für 29.90 CHF (~20€) bietet sie bis zu 30 640×480 Pixel grosse Bilder pro Sekunde. Mit dabei eine CD mit Treiber für Windows 98 bis XP.

Als ich sie an mein Linux-PowerBook anschloss sagte mir dmesg nur gerade diese zwei Zeilen:

ohci_hcd 0001:01:1b.0: remote wakeup
usb 3-1: new full speed USB device using address 2

Von usbview wurde die Webcam auch nicht erkannt. Also super Voraussetzungen für einen Betrieb mit Linux.

Nach etwas googeln fand ich spca50x.sf.net und das entsprechende 2.6er-Kernerlmodul. Erfreulicherweise ist das auch im Portage-Tree von Gentoo. Also schnell ein emerge spca5xx. Ein modprobe spca5xx lässt einige Fehlermeldungen erscheinen (Unresolved Symbols). Abhilfe schafft das Aktivieren der Video for Linux Unterstützung im Kernel. Nach make, make modules und make modules_install lädt das spca5xx Modul problemlos (eigentlich sollte man nach einem Neukompilieren des Kernels auch den neuen Kernel laden und nicht nur die neuen Module!).

Ein chmod a+rx /dev/video0 als root behebt Berechtigunsprobleme, welche beim Zugriff als normaler Benutzer auftreten können.

Fazit:

• Die Webcam bietet IMHO mehr als man für 30 CHF erwarten kann
• Mit Linux kann man ohne Neustart Peripheriegeräte von 'unbekannt' zu 'vollständig unterstützt' ändern

Von Vim ist Version 6.3 erschienen.

Via theflow

Seit ein paar Monaten, benutze ich GnuCash um mein "Vermögen" zu verwalten.

GnuCash wurde in erster Linie für Privatanwender und KMUs entwickelt und bringt entsprechende Features mit:

• Doppelte Buchhaltung mit allem was dazugehört: Journal, Tansaktionen etc.
• OFX Import (was leider in der Schweiz von keiner Bank angeboten wird)
• HBCI-Untersützung (welche bisher vor allem in Deutschland angeboten wird)
• QIF-Unterstützung
• Generierung von Berichten
• Aktienkurse aus dem Internet
• Devisenkurse aus dem Internet
• Handling von Aktien- und Fonds Portfolios
• Kunden- und Lieferanten Verwaltung
• Rechnungsverwaltung
• Steuerverwaltung
• Fristenverwaltung

Wie ich nach einem Update erfreut festgestellt habe, kann Dillo jetzt auch mit Tabs umgehen.

Momentan machen wir im Programmieren ein Projekt in Zweierteams. Um die ganze Codehandhabung zu vereinfachen, hat sich unser Team entschieden, CVS einzusetzen. CVS bietet eine zentrale Codeverwaltung mit Versions- und Konfliktsmanagement.

Da ich als CVS-Neuling das CLI-Interface nur grundlegend kenne, habe ich mich nach einem GUI-Interface umgeschaut. Dabei habe ich zwei überzeugende Programme gefunden: TkCVS und LinCVS, das auch auf Windows portiert wurde.

#!/usr/bin/perl
#
# 2003 by x-way - http://waterwave.ch/weblog
#
# Add this to your menu, if you have pekwm's dynamic menu support:
#
# SubMenu = "Backgrounds" {
#   Entry { Actions = "Dynamic /path/to/this/file /path/to/your/wallpapers" }
# }
#

use warnings "all";
use strict;

if($ARGV[0] eq '-set') {
        my $wallpaper = $ARGV[1];
        
        open(PKCONF, "<$ENV{HOME}/.pekwm/start") or die "Can't open ~/.pekwm/start";
        my @file = ;
        close(PKCONF);

        my @file2 = ();
        my $set = '';

        foreach (@file) {
                s/^xsetbg -center ".*"/xsetbg -center "$wallpaper"/gi;
                push(@file2, $_);
                
                if(index($_, 'xsetbg -center') == 0) {
                        $set = $_;
                }
        };
        
        if($set eq "") {
                push(@file2, "xsetbg -center \"".$wallpaper."\"");
        }
        
        open(PKCONF, ">$ENV{HOME}/.pekwm/start") or die "Can't write ~/.pekwm/start";
        print(PKCONF @file2);
        close(PKCONF);
} else {

        print("Dynamic {\n");

        for(my $i = 0; $i < scalar(@ARGV); $i++) {
                my $dir = $ARGV[$i];

                opendir(DIR, "$dir") || die "Can't opendir $dir: $!";
                my @backgrounds = grep { (! /^\./) } readdir(DIR);
                closedir DIR; 

                foreach my $x (@backgrounds) {
                        my $y = $x;
                        $y =~ s+.*/++g;

                        if(! -d "$dir/$x") {
                                $y =~ s/\.[^\.]*$//g;
                                $y =~ s/(_|-)[0-9]{3,4}(x[0-9]{3,4}|)//g;
                                $y =~ s/_/ /g;
                                $y =~ s/%20/ /g;
                                print("Entry = \"$y\" { Actions = \"Exec xsetbg -center \\\"$dir/$x\\\" && $0 -set \\\"$dir/$x\\\" \" }\n");
                        } else {
                                print("Submenu = \"$y\" {\nEntry { Actions = \"Dynamic $0 \\\"$dir/$x\\\" \" }\n}");
                        }
                }
        }

        print("}\n");
}

aterm -tr -sh 75 -rv +sb -tint blue

PS1='\[\033[1;30m\][ \[\033[01;32m\]\u\[\033[0;37m\] @ \[\033[01;32m\]\h \[\033[0;37m\]: \[\033[01;34m\]\w\[\033[1;30m\] ] \[\033[0;37m\]\$ \[\033[01;00m\]'

alias ls="ls --color=auto"

PROMPT_COMMAND='echo -ne "\033]2;$USER@$HOSTNAME: $PWD ($_)\007"'

today=`date +%d%b%Y`
backup_path=/backup
tar -cvf $backup_path/backup_$today.tar `find /home /www /root -newer $backup_path ! -name *~ ! -type d -print` > $backup_path/backup_$today.toc

su
root-passwort
cat /dev/mouse > /dev/Pfad zum Drucker

emerge -u world

mke2fs -j /dev/hda6

/dev/hda6 /usr/local/games ext3 noatime,user 0 0

!!! ERROR: The ebuild did not complete successfully.
!!! Function src_compile, Line 12, Exitcode 2
!!! (no error message)

emerge sync

/dev/hda1  ntfs    w2k-system
/dev/hda5  ntfs    w2k-programme
/dev/hda6  fat32   w2k-games
/dev/hda7  fat32   www
/dev/hda8  ext2/3  /boot gentoo
/dev/hda9  ext2/3  /     debian
/dev/hda10 ext2/3  /usr  debian
/dev/hda11 ext2/3  /var  debian
/dev/hda12 ext2/3  /tmp  debian
/dev/hda13 ext2/3  /     gentoo
/dev/hda14 ext2/3  /home
/dev/hda15 swap    swap
/dev/hda16 fat32   backup www
/dev/hda17 fat32   backup eigene dateien
/dev/hda18 fat32   eigene dateien
/dev/hda19 fat32   media

bash: make: command not found