I put a cronjob in /etc/cron.{hourly,daily,weekly,monthly} and it does not run and how can I troubleshoot it?

Posted on in Categories Cloud Computing, Howto, Open Source, Web Developer last updated August 27, 2017


Recently I created a simple shell script called backup.sh in /root/scripts directory to just backup MySQL database and dumped it to /nfs/mysql/ directory. I put a file (more like used the ln command to create a soft link ) in /etc/cron.hourly/ and it doesn’t run. There was no error in systemd log or cron log. Why is my cron job was not working, and here is how I troubleshoot it.

Linux security alert: Bug in sudo’s get_process_ttyname() [ CVE-2017-1000367 ]

Posted on in Categories Security last updated May 31, 2017

CVE-2017-1000367
There is a serious vulnerability in sudo command that grants root access to anyone with a shell account. It works on SELinux enabled systems such as CentOS/RHEL and others too. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. Patch your system as soon as possible.

How to speed up OpenSSL/GnuPG Entropy For Random Number Generation On Linux

Posted on in Categories Howto, Open Source, Security last updated November 7, 2016

Entropy is nothing but the measure of “randomness” in a sequence of bits. The PRNG ( pseudorandom number generator ) is a special device (e.g. /dev/random on Linux) to create randomness from server hardware activities. It uses interrupts generated from the keyboard, hard disk, mouse, network and other sources. The random number generator gathers environmental noise from device drivers and other sources into an entropy pool. The randomness usually used for security purposes like creating TLS/SSL keys and the quality source of random bits is critical. For example, OpenSSL APIs can use quality randomness to make your program cryptographically secure. However, a poor source of randomness could result in loss of security. In this post, I will cover haveged and rng-utils/rng-tools to generate random numbers and feed linux random device for your virtual or dedicated Linux server.

Book Review: PAM Mastery

Posted on in Categories Reviews last updated May 19, 2017

PAM Mastery Book ReviewLinux, FreeBSD, and Unix-like systems are multi-user and need some way of authenticating individual users. Back in the old days, this was done in different ways. You need to change each Unix application to use different authentication scheme. Also, authentication schemes differed between a variant of Unix systems. Porting was a nightmare. For example to use Windows Server (Active Directory) or LDAP for authentication you need to make changes to an application. Each application had its way of authenticating users. So Open Group lead to the development of PAM for the Unix-like system. Today Linux, FreeBSD, MacOS X and many other Unix-like systems are configured to use a centralized authentication mechanism called Pluggable Authentication Modules (PAM). The book “PAM Mastery” deals with the black magic of PAM.

Secure Your Linux Desktop and SSH Login Using Two Factor Google Authenticator

Posted on in Categories Open Source, Security last updated October 29, 2014

Two factor authentication is increasingly becoming a strongly recommended way of protecting user accounts in web applications from attackers by requiring a second method of authentication in addition to the standard username and password pair.

Although two factor authentication can encompass a wide range of techniques like biometrics or smart cards, the most commonly deployed technique in web applications is the one time password. If you have used applications like Gmail, you are probably familiar with the one time password generated by the Google Authenticator app that’s available on iOS or Android devices.

The algorithm used for the one time password in the Google Authenticator app is known as the Time-based One-Time Password (TOTP) algorithm. The TOTP algorithm is a standard algorithm approved by the IETF in (RFC 6238) totp-rfc.

Linux Tutorial: Install Ansible Configuration Management And IT Automation Tool

Posted on in Categories Datacenter, Hardware, Open Source, Python last updated May 28, 2017

Today I will be talking about ansible, a powerful configuration management solution written in python. There are many configuration management solutions available, all with pros and cons, ansible stands apart from many of them for its simplicity. What makes ansible different than many of the most popular configuration management systems is that its agent-less, no need to setup agents on every node you want to control. Plus, this has the benefit of being able to control you entire infrastructure from more than one place, if needed. That last point’s validity, of being a benefit, may be debatable but I find it as a positive in most cases. Enough talk, lets get started with Ansible installation and configuration on a RHEL/CentOS, and Debian/Ubuntu based systems.

Linux and Unix nload App: Monitor Network Traffic and Bandwidth Usage In Real Time

Posted on in Categories Command Line Hacks, Debian Linux, Networking last updated May 7, 2017

If you want to monitor network throughput on the command line interface, use nload application. It is a console application which monitors network traffic and bandwidth usage in real time. It visualizes the in and outgoing traffic using two graphs and provides additional info like total amount of transferred data and min/max network usage.