msgbartop
A chronological documentation test project, nothing serious, really!
msgbarbottom

27 Jan 2007 Watermark images with imagemagick ++

Script som legger til watermark tekst:

#!/bin/bash
width=`identify -format %w DSC06861.JPG`; \
        convert -background '#0008' -fill white -gravity center -size ${width}x90 \
        -pointsize 36 \
        caption:"Copyright (c) 2007 Pario.no" \
        +size DSC06861.JPG +swap -gravity north -composite  Output_image_watermarked.jpg

Vis hvilke bildeformater imagemagick støtter:
convert identify -list format

Tags: , , ,

Posted by

26 Jan 2007 Print PHP array content

echo "<pre>
print_r($_POST);
print_r($_GET);
print_r($_REQUEST);
</pre>";
?>

Tags: ,

Posted by

26 Jan 2007 USB Corsair Flash Voyager and udev rules

I had some problems making my new Corsair Flash Voyager 1Gb work under udev. Until now I used the SYSFS{serial}= part from udevinfo to distinguish my usb devices. Corsair Flash Voyager doesn’t have one. So I put the following line in /etc/udev/rules.d/10-local.rules to make it work:

KERNEL="sd*", SYSFS{vendor}="Corsair", SYSFS{model}="Flash*Voyager*", NAME{all_partitions}="corsair%n", GROUP="disk"

The first partition of the usb stick is now recognized as /dev/corsair1, and if I had more they would be named /dev/corsair2, /dev/corsair3, etc

Source: http://www.void.gr/kargig/blog/2006/03/21/usb-corsair-flash-voyager-and-udev-rules/

Tags: ,

Posted by

24 Jan 2007 How do I turn enforcing SELinux on/off at boot?

You can specify the SELinux mode using the configuration file /etc/sysconfig/selinux.

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
SELINUXTYPE=targeted

Setting the value to enforcing is the same as adding enforcing=1 to your command line when booting the kernel to turn enforcing on, while setting the value to permissive is the same as adding enforcing=0 to turn enforcing off. Note that the command line kernel parameter overrides the configuration file.

However, setting the value to disabled is not the same as the selinux=0 kernel boot parameter. Rather than fully disabling SELinux in the kernel, the disabled setting instead turns enforcing off and skips loading a policy.

Source: http://fedora.redhat.com/docs/selinux-faq-fc3/index.html#id2825945

Tags: , , ,

Posted by

24 Jan 2007 How do I allow a normal user to run commands as root and how to use the sudo command?

The sudo command allows users to do tasks on a Red Hat Enterprise Linux system as another user.

sudo is different from the su command and is more flexible and more secure. One significant advantage is that it can log usage. By default the program saves log data in the file /var/log/secure.

The sudo program uses a configuration file /etc/sudoers to store rules that are used to decide whether a command is allowed or not. It is recommended that a program visudo provided with the sudo package be used to edit the /etc/sudoers file.

Assume that we want to be able to run programs as root from a user called normaluser. First lets attempt to use sudo to run a privileged command:

$ sudo /sbin/service sendmail restart
Password:
normaluser is not in the sudoers file.  This incident will be reported.

The sudo command has logged the attempt to the log file /var/log/secure:

# tail /var/log/secure
...
Aug  2 14:37:49 somehost sudo:  normaluser : user NOT in sudoers ;
TTY=pts/2 ; PWD=/home/normaluser ; USER=root ;
COMMAND=/sbin/service sendmail restart

A special group ‘wheel’ exists on a Red Hat Enterprise Linux system that is traditionally used for privileged activity.

Add to the user the supplementary group ‘wheel’ (this command must be done as root):

# usermod -G normaluser,wheel normaluser

Verify that the user is now a member of the group wheel:

# groups normaluser
normaluser : normaluser wheel

Edit the file /etc/sudoers using the visudo command:

# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification

# Cmnd alias specification

# Defaults specification

# User privilege specification
root    ALL=(ALL) ALL

# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL)       ALL

# Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now

Notice that the /etc/sudoers file has examples and comments. To allow members of the group ‘wheel’ to run commands through sudo as root, uncomment the line:

...
# Uncomment to allow people in group wheel to run all commands
 %wheel ALL=(ALL)       ALL
...

The visudo program uses key bindings and commands within the editor from the vi editor. To make changes in the visudo program, hit the ‘i’ key (Insert mode). Use the cursor keys on your keyboard to move the cursor to the correct position, and hit ‘Delete’ key to remove the ‘#’ character.

To ‘write out’ or save the changes, hit the escape key, and then ‘:write’ and then ‘:quit’ to exit:

...
# Uncomment to allow people in group wheel to run all commands
 %wheel ALL=(ALL)       ALL

#Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now

# ALL     ALL = NOPASSWD: /usr/bin/mindspring

Now run the privileged commands again as normaluser:

$ sudo /sbin/service sendmail restart
Password:
Shutting down sendmail:                                    [  OK  ]
Shutting down sm-client:                                   [  OK  ]
Starting sendmail:                                             [  OK  ]
Starting sm-client:                                            [  OK  ]

The /var/log/secure file will also record the successfull use of sudo:

# tail /var/log/secure
...
Aug  2 15:05:49 somehost sudo:  normaluser : TTY=pts/2 ;
PWD=/home/normaluser ; USER=root ;
COMMAND=/sbin/service sendmail restart

Source: http://kbase.redhat.com/faq/FAQ_80_3474.shtm

Tags:

Posted by