From 350c40ebfb80357973fc7de453c919c2a7279b11 Mon Sep 17 00:00:00 2001 From: Aaron Ball Date: Sun, 15 Oct 2017 17:11:58 -0600 Subject: Rename of .ascii files to .adoc Originally, .ascii was used because .asciidoc was far too long. The .adoc extension is more standard, shorter, and vim syntax highlighting recognizes it. --- src/A_Usual_Opening.adoc | 57 ++++ src/A_Usual_Opening.ascii | 57 ---- src/AdBlock_Only_kind_of_Blocks_Ads.adoc | 30 +++ src/AdBlock_Only_kind_of_Blocks_Ads.ascii | 30 --- src/Android:Configuring_Hotmail_Exchange.adoc | 88 ++++++ src/Android:Configuring_Hotmail_Exchange.ascii | 88 ------ src/Android:My_Phone_Configuration.adoc | 147 ++++++++++ src/Android:My_Phone_Configuration.ascii | 147 ---------- ...oid_Client_and_Sync_with_ownCloud_on_NGINX.adoc | 61 +++++ ...id_Client_and_Sync_with_ownCloud_on_NGINX.ascii | 61 ----- src/Android_Screen_Density.adoc | 90 +++++++ src/Android_Screen_Density.ascii | 90 ------- src/Aol_Email_Hacked.adoc | 237 ++++++++++++++++ src/Aol_Email_Hacked.ascii | 237 ---------------- src/Apache:Listening_Port.adoc | 60 +++++ src/Apache:Listening_Port.ascii | 60 ----- ...hed_Devices_and_VPS_(OpenVZ_and_Virtuozzo).adoc | 21 ++ ...ed_Devices_and_VPS_(OpenVZ_and_Virtuozzo).ascii | 21 -- ..._a_Server_Remotely_Using_Minimal_Bandwidth.adoc | 66 +++++ ...a_Server_Remotely_Using_Minimal_Bandwidth.ascii | 66 ----- src/Bash:Lesser_Known_Bits.adoc | 139 ++++++++++ src/Bash:Lesser_Known_Bits.ascii | 139 ---------- src/Benchmarks:Toshiba_Canvio_Slim.adoc | 60 +++++ src/Benchmarks:Toshiba_Canvio_Slim.ascii | 60 ----- src/Benchmarks:WD_Elements.adoc | 115 ++++++++ src/Benchmarks:WD_Elements.ascii | 115 -------- src/Blog_Resurrection.adoc | 48 ++++ src/Blog_Resurrection.ascii | 48 ---- src/Btrfs:Balancing.adoc | 87 ++++++ src/Btrfs:Balancing.ascii | 87 ------ src/Btrfs:RAID_5_Rsync_Freeze.adoc | 91 +++++++ src/Btrfs:RAID_5_Rsync_Freeze.ascii | 91 ------- src/Btrfs:RAID_Setup.adoc | 165 ++++++++++++ src/Btrfs:RAID_Setup.ascii | 165 ------------ src/Building_an_Ejabberd_Server_with_MySql.adoc | 135 ++++++++++ src/Building_an_Ejabberd_Server_with_MySql.ascii | 135 ---------- src/Cell_Provider_Comparison.adoc | 44 +++ src/Cell_Provider_Comparison.ascii | 44 --- src/Changing_the_Hostname_on_a_Linux_Box.adoc | 58 ++++ src/Changing_the_Hostname_on_a_Linux_Box.ascii | 58 ---- src/Church_Media_Computer_Setup.adoc | 108 ++++++++ src/Church_Media_Computer_Setup.ascii | 108 -------- src/Command_Line_Auto-Complete.adoc | 52 ++++ src/Command_Line_Auto-Complete.ascii | 52 ---- ...ring_Remote_Files_Without_Breaking_a_Sweat.adoc | 57 ++++ ...ing_Remote_Files_Without_Breaking_a_Sweat.ascii | 57 ---- ...iling_KeePassX_2_from_Source_with_Qt_4.8.0.adoc | 78 ++++++ ...ling_KeePassX_2_from_Source_with_Qt_4.8.0.ascii | 78 ------ ...t_find_ncurses:_File_format_not_recognized.adoc | 38 +++ ..._find_ncurses:_File_format_not_recognized.ascii | 38 --- ...is_10_-_Configure:_test:_argument_expected.adoc | 54 ++++ ...s_10_-_Configure:_test:_argument_expected.ascii | 54 ---- ...ing_Status.Net_for_NGINX_in_a_Subdirectory.adoc | 63 +++++ ...ng_Status.Net_for_NGINX_in_a_Subdirectory.ascii | 63 ----- src/Converting_Disks_in_Hyper-V.adoc | 65 +++++ src/Converting_Disks_in_Hyper-V.ascii | 65 ----- src/Converting_Hyper-V_VHDs.adoc | 53 ++++ src/Converting_Hyper-V_VHDs.ascii | 53 ---- ...and_Mostly_Useless_Things_to_do_with_Linux.adoc | 144 ++++++++++ ...nd_Mostly_Useless_Things_to_do_with_Linux.ascii | 144 ---------- src/Cool_Vim_Trickery.adoc | 115 ++++++++ src/Cool_Vim_Trickery.ascii | 115 -------- ...eating_Search_Engine_Optimized_Drupal_URLS.adoc | 55 ++++ ...ating_Search_Engine_Optimized_Drupal_URLS.ascii | 55 ---- src/Creating_Text_Outlines_in_CSS.adoc | 38 +++ src/Creating_Text_Outlines_in_CSS.ascii | 38 --- src/Cyanogenmod_7_on_the_Evo.adoc | 81 ++++++ src/Cyanogenmod_7_on_the_Evo.ascii | 81 ------ src/DD-WRT:Change_Root_SSH_Password.adoc | 35 +++ src/DD-WRT:Change_Root_SSH_Password.ascii | 35 --- src/DNS_Backup_Script.adoc | 105 ++++++++ src/DNS_Backup_Script.ascii | 105 -------- src/Default_Solaris_man_Pager.adoc | 39 +++ src/Default_Solaris_man_Pager.ascii | 39 --- src/Dell_V305_Printer_on_Linux.adoc | 190 +++++++++++++ src/Dell_V305_Printer_on_Linux.ascii | 190 ------------- src/Digraphs.adoc | 114 ++++++++ src/Digraphs.ascii | 114 -------- src/Divs_That_Move_When_Users_Scroll.adoc | 82 ++++++ src/Divs_That_Move_When_Users_Scroll.ascii | 82 ------ ...al,_Mod_rewrite,_Subdirectories,_and_Nginx.adoc | 106 ++++++++ ...l,_Mod_rewrite,_Subdirectories,_and_Nginx.ascii | 106 -------- src/Duplicating_a_USB_Stick_with_dd.adoc | 79 ++++++ src/Duplicating_a_USB_Stick_with_dd.ascii | 79 ------ src/EXE_Disassociation.adoc | 53 ++++ src/EXE_Disassociation.ascii | 53 ---- src/Empathy_Accounts_Dialog_wont_Launch.adoc | 36 +++ src/Empathy_Accounts_Dialog_wont_Launch.ascii | 36 --- src/Enabling_Colors_in_Ksh88.adoc | 38 +++ src/Enabling_Colors_in_Ksh88.ascii | 38 --- src/Encrypting_Home_Directories_with_EncFS.adoc | 84 ++++++ src/Encrypting_Home_Directories_with_EncFS.ascii | 84 ------ src/Exim_Spam_Filtering_with_Bogofilter.adoc | 289 ++++++++++++++++++++ src/Exim_Spam_Filtering_with_Bogofilter.ascii | 289 -------------------- ...Expanding_Divs_Containing_Floated_Elements.adoc | 29 ++ ...xpanding_Divs_Containing_Floated_Elements.ascii | 29 -- src/Finding_Prime_Factors.adoc | 77 ++++++ src/Finding_Prime_Factors.ascii | 77 ------ ...Finding_the_Absolute_Path_of_a_Bash_Script.adoc | 57 ++++ ...inding_the_Absolute_Path_of_a_Bash_Script.ascii | 57 ---- src/Fixing_Android_Mac_Address_Conflicts.adoc | 102 +++++++ src/Fixing_Android_Mac_Address_Conflicts.ascii | 102 ------- src/Git:Branch_Author_List.adoc | 62 +++++ src/Git:Branch_Author_List.ascii | 62 ----- src/Git:Care_Free_Committing.adoc | 97 +++++++ src/Git:Care_Free_Committing.ascii | 97 ------- src/Git:Changing_Project_Licensing.adoc | 60 +++++ src/Git:Changing_Project_Licensing.ascii | 60 ----- src/Git:Clone_All_Remote_Repos.adoc | 109 ++++++++ src/Git:Clone_All_Remote_Repos.ascii | 109 -------- src/Git_Basics.adoc | 220 +++++++++++++++ src/Git_Basics.ascii | 220 --------------- src/Git_as_a_Backup_Solution.adoc | 102 +++++++ src/Git_as_a_Backup_Solution.ascii | 102 ------- ...e_Apps_Users_:_Cannot_Use_Self-hosted_XMPP.adoc | 70 +++++ ..._Apps_Users_:_Cannot_Use_Self-hosted_XMPP.ascii | 70 ----- src/How_to_Uninterest_Me_in_Your_Job_Opening.adoc | 87 ++++++ src/How_to_Uninterest_Me_in_Your_Job_Opening.ascii | 87 ------ src/Hyper-V_and_Vista.adoc | 48 ++++ src/Hyper-V_and_Vista.ascii | 48 ---- src/Indenting_in_VI.adoc | 38 +++ src/Indenting_in_VI.ascii | 38 --- src/Install_Java_6_on_Debian_Lenny_5.0.adoc | 64 +++++ src/Install_Java_6_on_Debian_Lenny_5.0.ascii | 64 ----- ...Installation_of_Aptana_Studio_into_Eclipse.adoc | 36 +++ ...nstallation_of_Aptana_Studio_into_Eclipse.ascii | 36 --- src/Installing_Gimp_2.7_via_a_PPA.adoc | 50 ++++ src/Installing_Gimp_2.7_via_a_PPA.ascii | 50 ---- src/Installing_KDE_4.6_in_Debian.adoc | 54 ++++ src/Installing_KDE_4.6_in_Debian.ascii | 54 ---- src/Installing_Team_Foundation_Server_2008.adoc | 183 +++++++++++++ src/Installing_Team_Foundation_Server_2008.ascii | 183 ------------- ...talling_Team_Foundation_Server_2010_Beta_1.adoc | 200 ++++++++++++++ ...alling_Team_Foundation_Server_2010_Beta_1.ascii | 200 -------------- ...stalling_Visual_Studio_2008_Service_Pack_1.adoc | 43 +++ ...talling_Visual_Studio_2008_Service_Pack_1.ascii | 43 --- ...Javadoc-style_Perl_Documentation_Generator.adoc | 148 ++++++++++ ...avadoc-style_Perl_Documentation_Generator.ascii | 148 ---------- src/Kill_All_Connections_to_SQL_Database.adoc | 38 +++ src/Kill_All_Connections_to_SQL_Database.ascii | 38 --- src/Kubuntu_and_Bluetooth_Audio.adoc | 65 +++++ src/Kubuntu_and_Bluetooth_Audio.ascii | 65 ----- src/Linux:At_the_Office.adoc | 228 ++++++++++++++++ src/Linux:At_the_Office.ascii | 228 ---------------- src/Linux:Checking_CPU_Core_Usage.adoc | 55 ++++ src/Linux:Checking_CPU_Core_Usage.ascii | 55 ---- src/Linux:Comparing_Remote_with_Local.adoc | 118 ++++++++ src/Linux:Comparing_Remote_with_Local.ascii | 118 -------- src/Linux:Desktop_Sharing.adoc | 73 +++++ src/Linux:Desktop_Sharing.ascii | 73 ----- src/Linux:Formatting_a_Hard_Drive.adoc | 108 ++++++++ src/Linux:Formatting_a_Hard_Drive.ascii | 108 -------- src/Linux:Luks_Password_Changing.adoc | 43 +++ src/Linux:Luks_Password_Changing.ascii | 43 --- src/Linux:RAID_Setup.adoc | 253 +++++++++++++++++ src/Linux:RAID_Setup.ascii | 253 ----------------- src/Linux:Symantec_VIP_Access.adoc | 32 +++ src/Linux:Symantec_VIP_Access.ascii | 32 --- src/Linux:System_Encryption.adoc | 155 +++++++++++ src/Linux:System_Encryption.ascii | 155 ----------- src/Linux:Using_Bash_to_Generate_a_Wordlist.adoc | 84 ++++++ src/Linux:Using_Bash_to_Generate_a_Wordlist.ascii | 84 ------ src/Linux:Vpnc_Restart_Script.adoc | 47 ++++ src/Linux:Vpnc_Restart_Script.ascii | 47 ---- src/Linux:dm-crypt_Encrypted_Home_Directories.adoc | 212 +++++++++++++++ ...Linux:dm-crypt_Encrypted_Home_Directories.ascii | 212 --------------- ...es,_Partitions,_and_Mount_Points_Explained.adoc | 131 +++++++++ ...s,_Partitions,_and_Mount_Points_Explained.ascii | 131 --------- src/Lucid_Lynx_Release_Date.adoc | 32 +++ src/Lucid_Lynx_Release_Date.ascii | 32 --- src/MPlayer:Recursively_Play_All_Files.adoc | 75 ++++++ src/MPlayer:Recursively_Play_All_Files.ascii | 75 ------ src/Managing_Linux_with_Linux.adoc | 56 ++++ src/Managing_Linux_with_Linux.ascii | 56 ---- src/MediaWiki_vs_SharePoint.adoc | 100 +++++++ src/MediaWiki_vs_SharePoint.ascii | 100 ------- src/Migrating_SQL_Data.adoc | 110 ++++++++ src/Migrating_SQL_Data.ascii | 110 -------- src/Migrating_from_Drupal_7_to_Habari_.8.adoc | 91 +++++++ src/Migrating_from_Drupal_7_to_Habari_.8.ascii | 91 ------- src/Mounting_Drives_in_Linux_Without_Root.adoc | 50 ++++ src/Mounting_Drives_in_Linux_Without_Root.ascii | 50 ---- src/Mutt:Email_Notifications.adoc | 71 +++++ src/Mutt:Email_Notifications.ascii | 71 ----- src/Mutt:Sorting_Mail_Like_a_Boss.adoc | 61 +++++ src/Mutt:Sorting_Mail_Like_a_Boss.ascii | 61 ----- ...tt:Useful_Muttrc_Color_Regular_Expressions.adoc | 40 +++ ...t:Useful_Muttrc_Color_Regular_Expressions.ascii | 40 --- src/MySql:Find_all_Required_Columns.adoc | 43 +++ src/MySql:Find_all_Required_Columns.ascii | 43 --- src/My_.bashrc.adoc | 40 +++ src/My_.bashrc.ascii | 40 --- src/My_Favorite_Blogs.adoc | 22 ++ src/My_Favorite_Blogs.ascii | 22 -- src/My_Favorite_Open_Source_Projects.adoc | 104 +++++++ src/My_Favorite_Open_Source_Projects.ascii | 104 ------- src/Net_Neutrality.adoc | 138 ++++++++++ src/Net_Neutrality.ascii | 138 ---------- ...er_Connect_to_Wifi_in_Arch_Linux_with_SLiM.adoc | 44 +++ ...r_Connect_to_Wifi_in_Arch_Linux_with_SLiM.ascii | 44 --- src/Note-taking_with_Vim.adoc | 115 ++++++++ src/Note-taking_with_Vim.ascii | 115 -------- src/Note_to_self:Connecting_ASP.Net_to_SQL.adoc | 18 ++ src/Note_to_self:Connecting_ASP.Net_to_SQL.ascii | 18 -- src/Open_Source_Living:Browsers.adoc | 41 +++ src/Open_Source_Living:Browsers.ascii | 41 --- src/Opening_CHM_Files_in_Vista.adoc | 43 +++ src/Opening_CHM_Files_in_Vista.ascii | 43 --- src/OwnCloud_Documents_on_Arch_Linux.adoc | 38 +++ src/OwnCloud_Documents_on_Arch_Linux.ascii | 38 --- src/PHP-5.3:Class_Exception_Not_Found.adoc | 31 +++ src/PHP-5.3:Class_Exception_Not_Found.ascii | 31 --- ...Performing_a_MySql_Backup_Via_Command_Line.adoc | 42 +++ ...erforming_a_MySql_Backup_Via_Command_Line.ascii | 42 --- src/Postback_Freezes_Animated_Gifs.adoc | 60 +++++ src/Postback_Freezes_Animated_Gifs.ascii | 60 ----- src/ProPresenter:Action_Hotkeys_Not_Working.adoc | 36 +++ src/ProPresenter:Action_Hotkeys_Not_Working.ascii | 36 --- ...senter:Automatically_Advancing_Slide_Loops.adoc | 56 ++++ ...enter:Automatically_Advancing_Slide_Loops.ascii | 56 ---- src/ProPresenter:Edit_Mode.adoc | 50 ++++ src/ProPresenter:Edit_Mode.ascii | 50 ---- src/Puppet:Out_of_Range_for_Type_Integer.adoc | 116 ++++++++ src/Puppet:Out_of_Range_for_Type_Integer.ascii | 116 -------- src/Redirecting_a_WordPress_Site.adoc | 48 ++++ src/Redirecting_a_WordPress_Site.ascii | 48 ---- src/Remote_Mounting_File_Systems_Through_SSH.adoc | 69 +++++ src/Remote_Mounting_File_Systems_Through_SSH.ascii | 69 ----- ...lacing_the_Glass_on_a_Samsung_Galaxy_S_iii.adoc | 133 +++++++++ ...acing_the_Glass_on_a_Samsung_Galaxy_S_iii.ascii | 133 --------- ...mote_VSTS_Controller_and_Associated_Agents.adoc | 51 ++++ ...ote_VSTS_Controller_and_Associated_Agents.ascii | 51 ---- ...Running_Web_Services_on_Non-Standard_Ports.adoc | 66 +++++ ...unning_Web_Services_on_Non-Standard_Ports.ascii | 66 ----- src/SQL_2008_Reinstall_Errors.adoc | 91 +++++++ src/SQL_2008_Reinstall_Errors.ascii | 91 ------- src/SQL_Server_2008_Memory_Management.adoc | 72 +++++ src/SQL_Server_2008_Memory_Management.ascii | 72 ----- src/SSH_Tunnel_Forwarding.adoc | 73 +++++ src/SSH_Tunnel_Forwarding.ascii | 73 ----- src/SSH_VPN.adoc | 89 ++++++ src/SSH_VPN.ascii | 89 ------ ...ung_Epic_4g_Syndicate_Rom_:_Freeze_on_Boot.adoc | 40 +++ ...ng_Epic_4g_Syndicate_Rom_:_Freeze_on_Boot.ascii | 40 --- src/Scheduling_Jobs_in_Linux.adoc | 73 +++++ src/Scheduling_Jobs_in_Linux.ascii | 73 ----- src/Screenshots_from_Command_Line.adoc | 40 +++ src/Screenshots_from_Command_Line.ascii | 40 --- src/Scripting_Wma_to_Ogg_Conversion_in_Linux.adoc | 57 ++++ src/Scripting_Wma_to_Ogg_Conversion_in_Linux.ascii | 57 ---- src/Searching_for_a_Command_in_Linux.adoc | 97 +++++++ src/Searching_for_a_Command_in_Linux.ascii | 97 ------- src/Securing_a_Postfix_Smtp_Server.adoc | 226 ++++++++++++++++ src/Securing_a_Postfix_Smtp_Server.ascii | 226 ---------------- src/Server_Administration:Firewalls.adoc | 41 +++ src/Server_Administration:Firewalls.ascii | 41 --- src/Sidebar.adoc | 5 + src/Sidebar.ascii | 5 - src/Startup_Sounds_with_SLiM.adoc | 74 +++++ src/Startup_Sounds_with_SLiM.ascii | 74 ----- src/Streaming_Audio_Over_SSH.adoc | 71 +++++ src/Streaming_Audio_Over_SSH.ascii | 71 ----- ...aylists_with_a_Sansa_Fuze_and_Media_Monkey.adoc | 62 +++++ ...ylists_with_a_Sansa_Fuze_and_Media_Monkey.ascii | 62 ----- src/Sysprepping_Server_2008.adoc | 76 ++++++ src/Sysprepping_Server_2008.ascii | 76 ------ ...008:Permissions_for_Creating_Team_Projects.adoc | 96 +++++++ ...08:Permissions_for_Creating_Team_Projects.ascii | 96 ------- ...oundation_Server_2010_Beta_1_Configuration.adoc | 77 ++++++ ...undation_Server_2010_Beta_1_Configuration.ascii | 77 ------ src/Team_Password_Management.adoc | 112 ++++++++ src/Team_Password_Management.ascii | 112 -------- src/Theming_Gnome-Shell_Intro.adoc | 48 ++++ src/Theming_Gnome-Shell_Intro.ascii | 48 ---- src/Transferring_Files_from_Windows_to_Linux.adoc | 40 +++ src/Transferring_Files_from_Windows_to_Linux.ascii | 40 --- src/Ubuntu_-_Installing_Sun_Java.adoc | 26 ++ src/Ubuntu_-_Installing_Sun_Java.ascii | 26 -- src/Ubuntu_Bridging_Network_Interfaces.adoc | 126 +++++++++ src/Ubuntu_Bridging_Network_Interfaces.ascii | 126 --------- src/Ubuntu_Reinstall.adoc | 31 +++ src/Ubuntu_Reinstall.ascii | 31 --- ...ng_TFS_2008_Workgroup_to_TFS_2008_Standard.adoc | 54 ++++ ...g_TFS_2008_Workgroup_to_TFS_2008_Standard.ascii | 54 ---- src/Using_SpiderOak_with_Qt_4.7.2.adoc | 57 ++++ src/Using_SpiderOak_with_Qt_4.7.2.ascii | 57 ---- src/Vim:Frequently_Used_Bits_and_Doodads.adoc | 204 ++++++++++++++ src/Vim:Frequently_Used_Bits_and_Doodads.ascii | 204 -------------- ..._Studio_2010_Debugging_in_Remote_Locations.adoc | 35 +++ ...Studio_2010_Debugging_in_Remote_Locations.ascii | 35 --- src/When_Innovation_is_Appropriate.adoc | 119 ++++++++ src/When_Innovation_is_Appropriate.ascii | 119 -------- ...MediaWiki_Namespaces_with_$wgWhitelistRead.adoc | 189 +++++++++++++ ...ediaWiki_Namespaces_with_$wgWhitelistRead.ascii | 189 ------------- ...riting_an_Array_to_Sql_Conversion_Function.adoc | 35 +++ ...iting_an_Array_to_Sql_Conversion_Function.ascii | 35 --- src/XMPP_Error:_404:_Remote_Server_Not_Found.adoc | 66 +++++ src/XMPP_Error:_404:_Remote_Server_Not_Found.ascii | 66 ----- src/Xfce_4.10_Pre_2_Review.adoc | 66 +++++ src/Xfce_4.10_Pre_2_Review.ascii | 66 ----- src/Xkcd:1110.adoc | 67 +++++ src/Xkcd:1110.ascii | 67 ----- src/about.adoc | 108 ++++++++ src/about.ascii | 108 -------- src/bash_mock_objects_commands.adoc | 278 +++++++++++++++++++ src/bash_mock_objects_commands.ascii | 278 ------------------- src/benchmark:hgst_touro_s_1tb_7200rpm.adoc | 107 ++++++++ src/benchmark:hgst_touro_s_1tb_7200rpm.ascii | 107 -------- src/benchmark:pny_micro_sleek_16gb.adoc | 113 ++++++++ src/benchmark:pny_micro_sleek_16gb.ascii | 113 -------- src/case_insensitive_matching_in_c.adoc | 195 ++++++++++++++ src/case_insensitive_matching_in_c.ascii | 195 -------------- src/crux_linux:faster_builds.adoc | 44 +++ src/crux_linux:faster_builds.ascii | 44 --- src/dont_censor_me_bro.adoc | 124 +++++++++ src/dont_censor_me_bro.ascii | 124 --------- src/gentoo:converting_portage_to_git.adoc | 56 ++++ src/gentoo:converting_portage_to_git.ascii | 56 ---- src/gentoo:kernel_cleanup.adoc | 119 ++++++++ src/gentoo:kernel_cleanup.ascii | 119 -------- src/index.adoc | 300 +++++++++++++++++++++ src/index.ascii | 300 --------------------- src/lets_get_started_again.adoc | 35 +++ src/lets_get_started_again.ascii | 35 --- src/linux:manual_restart_with_sysrq-trigger.adoc | 107 ++++++++ src/linux:manual_restart_with_sysrq-trigger.ascii | 107 -------- src/linux:secure_authentication.adoc | 264 ++++++++++++++++++ src/linux:secure_authentication.ascii | 264 ------------------ ...ux:updating_ssh_keys_across_an_environment.adoc | 53 ++++ ...x:updating_ssh_keys_across_an_environment.ascii | 53 ---- src/linux_desktop:password_management.adoc | 212 +++++++++++++++ src/linux_desktop:password_management.ascii | 212 --------------- ...pment:detecting_stdout_escape_char_support.adoc | 151 +++++++++++ ...ment:detecting_stdout_escape_char_support.ascii | 151 ----------- ...er_debian_installation:pureftpd_wont_start.adoc | 93 +++++++ ...r_debian_installation:pureftpd_wont_start.ascii | 93 ------- src/process:versioning_schemes.adoc | 92 +++++++ src/process:versioning_schemes.ascii | 92 ------- src/understanding_the_bash_fork_bomb.adoc | 106 ++++++++ src/understanding_the_bash_fork_bomb.ascii | 106 -------- 340 files changed, 14910 insertions(+), 14910 deletions(-) create mode 100644 src/A_Usual_Opening.adoc delete mode 100644 src/A_Usual_Opening.ascii create mode 100644 src/AdBlock_Only_kind_of_Blocks_Ads.adoc delete mode 100644 src/AdBlock_Only_kind_of_Blocks_Ads.ascii create mode 100644 src/Android:Configuring_Hotmail_Exchange.adoc delete mode 100644 src/Android:Configuring_Hotmail_Exchange.ascii create mode 100644 src/Android:My_Phone_Configuration.adoc delete mode 100644 src/Android:My_Phone_Configuration.ascii create mode 100644 src/Android_Client_and_Sync_with_ownCloud_on_NGINX.adoc delete mode 100644 src/Android_Client_and_Sync_with_ownCloud_on_NGINX.ascii create mode 100644 src/Android_Screen_Density.adoc delete mode 100644 src/Android_Screen_Density.ascii create mode 100644 src/Aol_Email_Hacked.adoc delete mode 100644 src/Aol_Email_Hacked.ascii create mode 100644 src/Apache:Listening_Port.adoc delete mode 100644 src/Apache:Listening_Port.ascii create mode 100644 src/Attached_Devices_and_VPS_(OpenVZ_and_Virtuozzo).adoc delete mode 100644 src/Attached_Devices_and_VPS_(OpenVZ_and_Virtuozzo).ascii create mode 100644 src/Backing_up_a_Server_Remotely_Using_Minimal_Bandwidth.adoc delete mode 100644 src/Backing_up_a_Server_Remotely_Using_Minimal_Bandwidth.ascii create mode 100644 src/Bash:Lesser_Known_Bits.adoc delete mode 100644 src/Bash:Lesser_Known_Bits.ascii create mode 100644 src/Benchmarks:Toshiba_Canvio_Slim.adoc delete mode 100644 src/Benchmarks:Toshiba_Canvio_Slim.ascii create mode 100644 src/Benchmarks:WD_Elements.adoc delete mode 100644 src/Benchmarks:WD_Elements.ascii create mode 100644 src/Blog_Resurrection.adoc delete mode 100644 src/Blog_Resurrection.ascii create mode 100644 src/Btrfs:Balancing.adoc delete mode 100644 src/Btrfs:Balancing.ascii create mode 100644 src/Btrfs:RAID_5_Rsync_Freeze.adoc delete mode 100644 src/Btrfs:RAID_5_Rsync_Freeze.ascii create mode 100644 src/Btrfs:RAID_Setup.adoc delete mode 100644 src/Btrfs:RAID_Setup.ascii create mode 100644 src/Building_an_Ejabberd_Server_with_MySql.adoc delete mode 100644 src/Building_an_Ejabberd_Server_with_MySql.ascii create mode 100644 src/Cell_Provider_Comparison.adoc delete mode 100644 src/Cell_Provider_Comparison.ascii create mode 100644 src/Changing_the_Hostname_on_a_Linux_Box.adoc delete mode 100644 src/Changing_the_Hostname_on_a_Linux_Box.ascii create mode 100644 src/Church_Media_Computer_Setup.adoc delete mode 100644 src/Church_Media_Computer_Setup.ascii create mode 100644 src/Command_Line_Auto-Complete.adoc delete mode 100644 src/Command_Line_Auto-Complete.ascii create mode 100644 src/Comparing_Remote_Files_Without_Breaking_a_Sweat.adoc delete mode 100644 src/Comparing_Remote_Files_Without_Breaking_a_Sweat.ascii create mode 100644 src/Compiling_KeePassX_2_from_Source_with_Qt_4.8.0.adoc delete mode 100644 src/Compiling_KeePassX_2_from_Source_with_Qt_4.8.0.ascii create mode 100644 src/Compiling_MariaDB_:_cannot_find_ncurses:_File_format_not_recognized.adoc delete mode 100644 src/Compiling_MariaDB_:_cannot_find_ncurses:_File_format_not_recognized.ascii create mode 100644 src/Compiling_nginx_for_Solaris_10_-_Configure:_test:_argument_expected.adoc delete mode 100644 src/Compiling_nginx_for_Solaris_10_-_Configure:_test:_argument_expected.ascii create mode 100644 src/Configuring_Status.Net_for_NGINX_in_a_Subdirectory.adoc delete mode 100644 src/Configuring_Status.Net_for_NGINX_in_a_Subdirectory.ascii create mode 100644 src/Converting_Disks_in_Hyper-V.adoc delete mode 100644 src/Converting_Disks_in_Hyper-V.ascii create mode 100644 src/Converting_Hyper-V_VHDs.adoc delete mode 100644 src/Converting_Hyper-V_VHDs.ascii create mode 100644 src/Cool,_Fun,_and_Mostly_Useless_Things_to_do_with_Linux.adoc delete mode 100644 src/Cool,_Fun,_and_Mostly_Useless_Things_to_do_with_Linux.ascii create mode 100644 src/Cool_Vim_Trickery.adoc delete mode 100644 src/Cool_Vim_Trickery.ascii create mode 100644 src/Creating_Search_Engine_Optimized_Drupal_URLS.adoc delete mode 100644 src/Creating_Search_Engine_Optimized_Drupal_URLS.ascii create mode 100644 src/Creating_Text_Outlines_in_CSS.adoc delete mode 100644 src/Creating_Text_Outlines_in_CSS.ascii create mode 100644 src/Cyanogenmod_7_on_the_Evo.adoc delete mode 100644 src/Cyanogenmod_7_on_the_Evo.ascii create mode 100644 src/DD-WRT:Change_Root_SSH_Password.adoc delete mode 100644 src/DD-WRT:Change_Root_SSH_Password.ascii create mode 100644 src/DNS_Backup_Script.adoc delete mode 100644 src/DNS_Backup_Script.ascii create mode 100644 src/Default_Solaris_man_Pager.adoc delete mode 100644 src/Default_Solaris_man_Pager.ascii create mode 100644 src/Dell_V305_Printer_on_Linux.adoc delete mode 100644 src/Dell_V305_Printer_on_Linux.ascii create mode 100644 src/Digraphs.adoc delete mode 100644 src/Digraphs.ascii create mode 100644 src/Divs_That_Move_When_Users_Scroll.adoc delete mode 100644 src/Divs_That_Move_When_Users_Scroll.ascii create mode 100644 src/Drupal,_Mod_rewrite,_Subdirectories,_and_Nginx.adoc delete mode 100644 src/Drupal,_Mod_rewrite,_Subdirectories,_and_Nginx.ascii create mode 100644 src/Duplicating_a_USB_Stick_with_dd.adoc delete mode 100644 src/Duplicating_a_USB_Stick_with_dd.ascii create mode 100644 src/EXE_Disassociation.adoc delete mode 100644 src/EXE_Disassociation.ascii create mode 100644 src/Empathy_Accounts_Dialog_wont_Launch.adoc delete mode 100644 src/Empathy_Accounts_Dialog_wont_Launch.ascii create mode 100644 src/Enabling_Colors_in_Ksh88.adoc delete mode 100644 src/Enabling_Colors_in_Ksh88.ascii create mode 100644 src/Encrypting_Home_Directories_with_EncFS.adoc delete mode 100644 src/Encrypting_Home_Directories_with_EncFS.ascii create mode 100644 src/Exim_Spam_Filtering_with_Bogofilter.adoc delete mode 100644 src/Exim_Spam_Filtering_with_Bogofilter.ascii create mode 100644 src/Expanding_Divs_Containing_Floated_Elements.adoc delete mode 100644 src/Expanding_Divs_Containing_Floated_Elements.ascii create mode 100644 src/Finding_Prime_Factors.adoc delete mode 100644 src/Finding_Prime_Factors.ascii create mode 100644 src/Finding_the_Absolute_Path_of_a_Bash_Script.adoc delete mode 100644 src/Finding_the_Absolute_Path_of_a_Bash_Script.ascii create mode 100644 src/Fixing_Android_Mac_Address_Conflicts.adoc delete mode 100644 src/Fixing_Android_Mac_Address_Conflicts.ascii create mode 100644 src/Git:Branch_Author_List.adoc delete mode 100644 src/Git:Branch_Author_List.ascii create mode 100644 src/Git:Care_Free_Committing.adoc delete mode 100644 src/Git:Care_Free_Committing.ascii create mode 100644 src/Git:Changing_Project_Licensing.adoc delete mode 100644 src/Git:Changing_Project_Licensing.ascii create mode 100644 src/Git:Clone_All_Remote_Repos.adoc delete mode 100644 src/Git:Clone_All_Remote_Repos.ascii create mode 100644 src/Git_Basics.adoc delete mode 100644 src/Git_Basics.ascii create mode 100644 src/Git_as_a_Backup_Solution.adoc delete mode 100644 src/Git_as_a_Backup_Solution.ascii create mode 100644 src/Google_Apps_Users_:_Cannot_Use_Self-hosted_XMPP.adoc delete mode 100644 src/Google_Apps_Users_:_Cannot_Use_Self-hosted_XMPP.ascii create mode 100644 src/How_to_Uninterest_Me_in_Your_Job_Opening.adoc delete mode 100644 src/How_to_Uninterest_Me_in_Your_Job_Opening.ascii create mode 100644 src/Hyper-V_and_Vista.adoc delete mode 100644 src/Hyper-V_and_Vista.ascii create mode 100644 src/Indenting_in_VI.adoc delete mode 100644 src/Indenting_in_VI.ascii create mode 100644 src/Install_Java_6_on_Debian_Lenny_5.0.adoc delete mode 100644 src/Install_Java_6_on_Debian_Lenny_5.0.ascii create mode 100644 src/Installation_of_Aptana_Studio_into_Eclipse.adoc delete mode 100644 src/Installation_of_Aptana_Studio_into_Eclipse.ascii create mode 100644 src/Installing_Gimp_2.7_via_a_PPA.adoc delete mode 100644 src/Installing_Gimp_2.7_via_a_PPA.ascii create mode 100644 src/Installing_KDE_4.6_in_Debian.adoc delete mode 100644 src/Installing_KDE_4.6_in_Debian.ascii create mode 100644 src/Installing_Team_Foundation_Server_2008.adoc delete mode 100644 src/Installing_Team_Foundation_Server_2008.ascii create mode 100644 src/Installing_Team_Foundation_Server_2010_Beta_1.adoc delete mode 100644 src/Installing_Team_Foundation_Server_2010_Beta_1.ascii create mode 100644 src/Installing_Visual_Studio_2008_Service_Pack_1.adoc delete mode 100644 src/Installing_Visual_Studio_2008_Service_Pack_1.ascii create mode 100644 src/Javadoc-style_Perl_Documentation_Generator.adoc delete mode 100644 src/Javadoc-style_Perl_Documentation_Generator.ascii create mode 100644 src/Kill_All_Connections_to_SQL_Database.adoc delete mode 100644 src/Kill_All_Connections_to_SQL_Database.ascii create mode 100644 src/Kubuntu_and_Bluetooth_Audio.adoc delete mode 100644 src/Kubuntu_and_Bluetooth_Audio.ascii create mode 100644 src/Linux:At_the_Office.adoc delete mode 100644 src/Linux:At_the_Office.ascii create mode 100644 src/Linux:Checking_CPU_Core_Usage.adoc delete mode 100644 src/Linux:Checking_CPU_Core_Usage.ascii create mode 100644 src/Linux:Comparing_Remote_with_Local.adoc delete mode 100644 src/Linux:Comparing_Remote_with_Local.ascii create mode 100644 src/Linux:Desktop_Sharing.adoc delete mode 100644 src/Linux:Desktop_Sharing.ascii create mode 100644 src/Linux:Formatting_a_Hard_Drive.adoc delete mode 100644 src/Linux:Formatting_a_Hard_Drive.ascii create mode 100644 src/Linux:Luks_Password_Changing.adoc delete mode 100644 src/Linux:Luks_Password_Changing.ascii create mode 100644 src/Linux:RAID_Setup.adoc delete mode 100644 src/Linux:RAID_Setup.ascii create mode 100644 src/Linux:Symantec_VIP_Access.adoc delete mode 100644 src/Linux:Symantec_VIP_Access.ascii create mode 100644 src/Linux:System_Encryption.adoc delete mode 100644 src/Linux:System_Encryption.ascii create mode 100644 src/Linux:Using_Bash_to_Generate_a_Wordlist.adoc delete mode 100644 src/Linux:Using_Bash_to_Generate_a_Wordlist.ascii create mode 100644 src/Linux:Vpnc_Restart_Script.adoc delete mode 100644 src/Linux:Vpnc_Restart_Script.ascii create mode 100644 src/Linux:dm-crypt_Encrypted_Home_Directories.adoc delete mode 100644 src/Linux:dm-crypt_Encrypted_Home_Directories.ascii create mode 100644 src/Linux_Storage_Devices,_Partitions,_and_Mount_Points_Explained.adoc delete mode 100644 src/Linux_Storage_Devices,_Partitions,_and_Mount_Points_Explained.ascii create mode 100644 src/Lucid_Lynx_Release_Date.adoc delete mode 100644 src/Lucid_Lynx_Release_Date.ascii create mode 100644 src/MPlayer:Recursively_Play_All_Files.adoc delete mode 100644 src/MPlayer:Recursively_Play_All_Files.ascii create mode 100644 src/Managing_Linux_with_Linux.adoc delete mode 100644 src/Managing_Linux_with_Linux.ascii create mode 100644 src/MediaWiki_vs_SharePoint.adoc delete mode 100644 src/MediaWiki_vs_SharePoint.ascii create mode 100644 src/Migrating_SQL_Data.adoc delete mode 100644 src/Migrating_SQL_Data.ascii create mode 100644 src/Migrating_from_Drupal_7_to_Habari_.8.adoc delete mode 100644 src/Migrating_from_Drupal_7_to_Habari_.8.ascii create mode 100644 src/Mounting_Drives_in_Linux_Without_Root.adoc delete mode 100644 src/Mounting_Drives_in_Linux_Without_Root.ascii create mode 100644 src/Mutt:Email_Notifications.adoc delete mode 100644 src/Mutt:Email_Notifications.ascii create mode 100644 src/Mutt:Sorting_Mail_Like_a_Boss.adoc delete mode 100644 src/Mutt:Sorting_Mail_Like_a_Boss.ascii create mode 100644 src/Mutt:Useful_Muttrc_Color_Regular_Expressions.adoc delete mode 100644 src/Mutt:Useful_Muttrc_Color_Regular_Expressions.ascii create mode 100644 src/MySql:Find_all_Required_Columns.adoc delete mode 100644 src/MySql:Find_all_Required_Columns.ascii create mode 100644 src/My_.bashrc.adoc delete mode 100644 src/My_.bashrc.ascii create mode 100644 src/My_Favorite_Blogs.adoc delete mode 100644 src/My_Favorite_Blogs.ascii create mode 100644 src/My_Favorite_Open_Source_Projects.adoc delete mode 100644 src/My_Favorite_Open_Source_Projects.ascii create mode 100644 src/Net_Neutrality.adoc delete mode 100644 src/Net_Neutrality.ascii create mode 100644 src/Non-Root_User_Connect_to_Wifi_in_Arch_Linux_with_SLiM.adoc delete mode 100644 src/Non-Root_User_Connect_to_Wifi_in_Arch_Linux_with_SLiM.ascii create mode 100644 src/Note-taking_with_Vim.adoc delete mode 100644 src/Note-taking_with_Vim.ascii create mode 100644 src/Note_to_self:Connecting_ASP.Net_to_SQL.adoc delete mode 100644 src/Note_to_self:Connecting_ASP.Net_to_SQL.ascii create mode 100644 src/Open_Source_Living:Browsers.adoc delete mode 100644 src/Open_Source_Living:Browsers.ascii create mode 100644 src/Opening_CHM_Files_in_Vista.adoc delete mode 100644 src/Opening_CHM_Files_in_Vista.ascii create mode 100644 src/OwnCloud_Documents_on_Arch_Linux.adoc delete mode 100644 src/OwnCloud_Documents_on_Arch_Linux.ascii create mode 100644 src/PHP-5.3:Class_Exception_Not_Found.adoc delete mode 100644 src/PHP-5.3:Class_Exception_Not_Found.ascii create mode 100644 src/Performing_a_MySql_Backup_Via_Command_Line.adoc delete mode 100644 src/Performing_a_MySql_Backup_Via_Command_Line.ascii create mode 100644 src/Postback_Freezes_Animated_Gifs.adoc delete mode 100644 src/Postback_Freezes_Animated_Gifs.ascii create mode 100644 src/ProPresenter:Action_Hotkeys_Not_Working.adoc delete mode 100644 src/ProPresenter:Action_Hotkeys_Not_Working.ascii create mode 100644 src/ProPresenter:Automatically_Advancing_Slide_Loops.adoc delete mode 100644 src/ProPresenter:Automatically_Advancing_Slide_Loops.ascii create mode 100644 src/ProPresenter:Edit_Mode.adoc delete mode 100644 src/ProPresenter:Edit_Mode.ascii create mode 100644 src/Puppet:Out_of_Range_for_Type_Integer.adoc delete mode 100644 src/Puppet:Out_of_Range_for_Type_Integer.ascii create mode 100644 src/Redirecting_a_WordPress_Site.adoc delete mode 100644 src/Redirecting_a_WordPress_Site.ascii create mode 100644 src/Remote_Mounting_File_Systems_Through_SSH.adoc delete mode 100644 src/Remote_Mounting_File_Systems_Through_SSH.ascii create mode 100644 src/Replacing_the_Glass_on_a_Samsung_Galaxy_S_iii.adoc delete mode 100644 src/Replacing_the_Glass_on_a_Samsung_Galaxy_S_iii.ascii create mode 100644 src/Running_Load_Tests_with_a_Remote_VSTS_Controller_and_Associated_Agents.adoc delete mode 100644 src/Running_Load_Tests_with_a_Remote_VSTS_Controller_and_Associated_Agents.ascii create mode 100644 src/Running_Web_Services_on_Non-Standard_Ports.adoc delete mode 100644 src/Running_Web_Services_on_Non-Standard_Ports.ascii create mode 100644 src/SQL_2008_Reinstall_Errors.adoc delete mode 100644 src/SQL_2008_Reinstall_Errors.ascii create mode 100644 src/SQL_Server_2008_Memory_Management.adoc delete mode 100644 src/SQL_Server_2008_Memory_Management.ascii create mode 100644 src/SSH_Tunnel_Forwarding.adoc delete mode 100644 src/SSH_Tunnel_Forwarding.ascii create mode 100644 src/SSH_VPN.adoc delete mode 100644 src/SSH_VPN.ascii create mode 100644 src/Samsung_Epic_4g_Syndicate_Rom_:_Freeze_on_Boot.adoc delete mode 100644 src/Samsung_Epic_4g_Syndicate_Rom_:_Freeze_on_Boot.ascii create mode 100644 src/Scheduling_Jobs_in_Linux.adoc delete mode 100644 src/Scheduling_Jobs_in_Linux.ascii create mode 100644 src/Screenshots_from_Command_Line.adoc delete mode 100644 src/Screenshots_from_Command_Line.ascii create mode 100644 src/Scripting_Wma_to_Ogg_Conversion_in_Linux.adoc delete mode 100644 src/Scripting_Wma_to_Ogg_Conversion_in_Linux.ascii create mode 100644 src/Searching_for_a_Command_in_Linux.adoc delete mode 100644 src/Searching_for_a_Command_in_Linux.ascii create mode 100644 src/Securing_a_Postfix_Smtp_Server.adoc delete mode 100644 src/Securing_a_Postfix_Smtp_Server.ascii create mode 100644 src/Server_Administration:Firewalls.adoc delete mode 100644 src/Server_Administration:Firewalls.ascii create mode 100644 src/Sidebar.adoc delete mode 100644 src/Sidebar.ascii create mode 100644 src/Startup_Sounds_with_SLiM.adoc delete mode 100644 src/Startup_Sounds_with_SLiM.ascii create mode 100644 src/Streaming_Audio_Over_SSH.adoc delete mode 100644 src/Streaming_Audio_Over_SSH.ascii create mode 100644 src/Synchronizing_Playlists_with_a_Sansa_Fuze_and_Media_Monkey.adoc delete mode 100644 src/Synchronizing_Playlists_with_a_Sansa_Fuze_and_Media_Monkey.ascii create mode 100644 src/Sysprepping_Server_2008.adoc delete mode 100644 src/Sysprepping_Server_2008.ascii create mode 100644 src/TFS_2008:Permissions_for_Creating_Team_Projects.adoc delete mode 100644 src/TFS_2008:Permissions_for_Creating_Team_Projects.ascii create mode 100644 src/Team_Foundation_Server_2010_Beta_1_Configuration.adoc delete mode 100644 src/Team_Foundation_Server_2010_Beta_1_Configuration.ascii create mode 100644 src/Team_Password_Management.adoc delete mode 100644 src/Team_Password_Management.ascii create mode 100644 src/Theming_Gnome-Shell_Intro.adoc delete mode 100644 src/Theming_Gnome-Shell_Intro.ascii create mode 100644 src/Transferring_Files_from_Windows_to_Linux.adoc delete mode 100644 src/Transferring_Files_from_Windows_to_Linux.ascii create mode 100644 src/Ubuntu_-_Installing_Sun_Java.adoc delete mode 100644 src/Ubuntu_-_Installing_Sun_Java.ascii create mode 100644 src/Ubuntu_Bridging_Network_Interfaces.adoc delete mode 100644 src/Ubuntu_Bridging_Network_Interfaces.ascii create mode 100644 src/Ubuntu_Reinstall.adoc delete mode 100644 src/Ubuntu_Reinstall.ascii create mode 100644 src/Upgrading_TFS_2008_Workgroup_to_TFS_2008_Standard.adoc delete mode 100644 src/Upgrading_TFS_2008_Workgroup_to_TFS_2008_Standard.ascii create mode 100644 src/Using_SpiderOak_with_Qt_4.7.2.adoc delete mode 100644 src/Using_SpiderOak_with_Qt_4.7.2.ascii create mode 100644 src/Vim:Frequently_Used_Bits_and_Doodads.adoc delete mode 100644 src/Vim:Frequently_Used_Bits_and_Doodads.ascii create mode 100644 src/Visual_Studio_2010_Debugging_in_Remote_Locations.adoc delete mode 100644 src/Visual_Studio_2010_Debugging_in_Remote_Locations.ascii create mode 100644 src/When_Innovation_is_Appropriate.adoc delete mode 100644 src/When_Innovation_is_Appropriate.ascii create mode 100644 src/Whitelist_MediaWiki_Namespaces_with_$wgWhitelistRead.adoc delete mode 100644 src/Whitelist_MediaWiki_Namespaces_with_$wgWhitelistRead.ascii create mode 100644 src/Writing_an_Array_to_Sql_Conversion_Function.adoc delete mode 100644 src/Writing_an_Array_to_Sql_Conversion_Function.ascii create mode 100644 src/XMPP_Error:_404:_Remote_Server_Not_Found.adoc delete mode 100644 src/XMPP_Error:_404:_Remote_Server_Not_Found.ascii create mode 100644 src/Xfce_4.10_Pre_2_Review.adoc delete mode 100644 src/Xfce_4.10_Pre_2_Review.ascii create mode 100644 src/Xkcd:1110.adoc delete mode 100644 src/Xkcd:1110.ascii create mode 100644 src/about.adoc delete mode 100644 src/about.ascii create mode 100644 src/bash_mock_objects_commands.adoc delete mode 100644 src/bash_mock_objects_commands.ascii create mode 100644 src/benchmark:hgst_touro_s_1tb_7200rpm.adoc delete mode 100644 src/benchmark:hgst_touro_s_1tb_7200rpm.ascii create mode 100644 src/benchmark:pny_micro_sleek_16gb.adoc delete mode 100644 src/benchmark:pny_micro_sleek_16gb.ascii create mode 100644 src/case_insensitive_matching_in_c.adoc delete mode 100644 src/case_insensitive_matching_in_c.ascii create mode 100644 src/crux_linux:faster_builds.adoc delete mode 100644 src/crux_linux:faster_builds.ascii create mode 100644 src/dont_censor_me_bro.adoc delete mode 100644 src/dont_censor_me_bro.ascii create mode 100644 src/gentoo:converting_portage_to_git.adoc delete mode 100644 src/gentoo:converting_portage_to_git.ascii create mode 100644 src/gentoo:kernel_cleanup.adoc delete mode 100644 src/gentoo:kernel_cleanup.ascii create mode 100644 src/index.adoc delete mode 100644 src/index.ascii create mode 100644 src/lets_get_started_again.adoc delete mode 100644 src/lets_get_started_again.ascii create mode 100644 src/linux:manual_restart_with_sysrq-trigger.adoc delete mode 100644 src/linux:manual_restart_with_sysrq-trigger.ascii create mode 100644 src/linux:secure_authentication.adoc delete mode 100644 src/linux:secure_authentication.ascii create mode 100644 src/linux:updating_ssh_keys_across_an_environment.adoc delete mode 100644 src/linux:updating_ssh_keys_across_an_environment.ascii create mode 100644 src/linux_desktop:password_management.adoc delete mode 100644 src/linux_desktop:password_management.ascii create mode 100644 src/linux_development:detecting_stdout_escape_char_support.adoc delete mode 100644 src/linux_development:detecting_stdout_escape_char_support.ascii create mode 100644 src/perfect_server_debian_installation:pureftpd_wont_start.adoc delete mode 100644 src/perfect_server_debian_installation:pureftpd_wont_start.ascii create mode 100644 src/process:versioning_schemes.adoc delete mode 100644 src/process:versioning_schemes.ascii create mode 100644 src/understanding_the_bash_fork_bomb.adoc delete mode 100644 src/understanding_the_bash_fork_bomb.ascii (limited to 'src') diff --git a/src/A_Usual_Opening.adoc b/src/A_Usual_Opening.adoc new file mode 100644 index 0000000..9585bcd --- /dev/null +++ b/src/A_Usual_Opening.adoc @@ -0,0 +1,57 @@ +A Usual Opening +=============== +:author: Aaron Ball +:email: nullspoon@iohq.net + +== {doctitle} + +Hello All, + +For a typical opening post to a new blog, I shall describe in a typical, +boring, and mundane way my purposes and intentions for this blog. + +If any of you have been using Linux for a duration shorter than that of your +own life (or post-womb), you have undoubtedly realized that documentation on +most Linux products is not readily available (nor is it even available in most +cases). You also understand that when being inquisitive, the "RTFM" response +usually leaves in one's own heart an empty hole roughly the size and shape of a +loved one. + +While frustrating and repelling as these hindrances can be, Linux remains to be +a distant and strangely enticing operating system. The notion of free software +for all just seems too amazing to drop $2,500 on an apple (yes, I am absolutely +biased). Despite the shortcomings that come with software less-tested than +software with a revenue stream (in most cases at least), most people are +willing to forgive a little more in the absence of a price tag. After all, a +fully operational and functional computer that costs only what was paid for the +hardware is hardly an offer to be scoffed at. + +[[who-am-i]] +== Who am I? + +_Professionally,_ I am a systems admin (Windows and Linux) as well as a +developer (PHP, Javascript, C# and ASP.Net, Joomla, Drupal, and SharePoint). + +__Personally__, I am a spoiled Windows user that near the beginning of 2009 +decided to give Linux a chance at being my primary operating system. I have +since then settled on Ubuntu Linux and have yet to look back for anything other +than good documentation. + +I understand that the mentality of much of the Linux community is that if you +don't know how to use it now, you're not smart enough to figure it out and +therefore should not use it at all. Ubuntu/Canonical seeks to have a different +view on these things. They understand that if Linux is ever to have a market +share close to that of even Apple, it must be user friendly and have some way +for the end-user to get tech support somewhere other than online forums +(outside of the Ubuntu forums of course). + +_Through this blog I hope to express the troubles I have run into in my +transition from Windows to Linux as well as the solutions/substitutes I have +found while researching said troubles._ Should anyone have any questions, +please contact me via the comments section or via my e-mail. I will happily +assist if I can (remember, I am still a sub-par Linux user). + +Thanks for reading everyone. + + +// vim: set syntax=asciidoc: diff --git a/src/A_Usual_Opening.ascii b/src/A_Usual_Opening.ascii deleted file mode 100644 index 9585bcd..0000000 --- a/src/A_Usual_Opening.ascii +++ /dev/null @@ -1,57 +0,0 @@ -A Usual Opening -=============== -:author: Aaron Ball -:email: nullspoon@iohq.net - -== {doctitle} - -Hello All, - -For a typical opening post to a new blog, I shall describe in a typical, -boring, and mundane way my purposes and intentions for this blog. - -If any of you have been using Linux for a duration shorter than that of your -own life (or post-womb), you have undoubtedly realized that documentation on -most Linux products is not readily available (nor is it even available in most -cases). You also understand that when being inquisitive, the "RTFM" response -usually leaves in one's own heart an empty hole roughly the size and shape of a -loved one. - -While frustrating and repelling as these hindrances can be, Linux remains to be -a distant and strangely enticing operating system. The notion of free software -for all just seems too amazing to drop $2,500 on an apple (yes, I am absolutely -biased). Despite the shortcomings that come with software less-tested than -software with a revenue stream (in most cases at least), most people are -willing to forgive a little more in the absence of a price tag. After all, a -fully operational and functional computer that costs only what was paid for the -hardware is hardly an offer to be scoffed at. - -[[who-am-i]] -== Who am I? - -_Professionally,_ I am a systems admin (Windows and Linux) as well as a -developer (PHP, Javascript, C# and ASP.Net, Joomla, Drupal, and SharePoint). - -__Personally__, I am a spoiled Windows user that near the beginning of 2009 -decided to give Linux a chance at being my primary operating system. I have -since then settled on Ubuntu Linux and have yet to look back for anything other -than good documentation. - -I understand that the mentality of much of the Linux community is that if you -don't know how to use it now, you're not smart enough to figure it out and -therefore should not use it at all. Ubuntu/Canonical seeks to have a different -view on these things. They understand that if Linux is ever to have a market -share close to that of even Apple, it must be user friendly and have some way -for the end-user to get tech support somewhere other than online forums -(outside of the Ubuntu forums of course). - -_Through this blog I hope to express the troubles I have run into in my -transition from Windows to Linux as well as the solutions/substitutes I have -found while researching said troubles._ Should anyone have any questions, -please contact me via the comments section or via my e-mail. I will happily -assist if I can (remember, I am still a sub-par Linux user). - -Thanks for reading everyone. - - -// vim: set syntax=asciidoc: diff --git a/src/AdBlock_Only_kind_of_Blocks_Ads.adoc b/src/AdBlock_Only_kind_of_Blocks_Ads.adoc new file mode 100644 index 0000000..ddaf4e1 --- /dev/null +++ b/src/AdBlock_Only_kind_of_Blocks_Ads.adoc @@ -0,0 +1,30 @@ +AdBlock Only kind of Blocks Ads +=============================== +:author: Aaron Ball +:email: nullspoon@iohq.net + +== {doctitle} + +Today I was toying around with netstat to see what incoming connections I had +to my Linux box and noticed that for the pages you're on, your browser makes a +connection to each of the ad's providers linked to on the given page. What's +best (or worst) about this is the connection isn't broken until you close your +browser (at least that I noticed). + +I mentioned this to my girlfriend who is a big fan of adblock and she asked (of +course) if that happened when adblock was running. So, off I went to install +adblock to test and sure enough, it still made the connections to the ad +providers' servers. Obviously the ads are hidden, it just still grabs the +resources for the ads but obscures their html. That means you're still being +tracked by the ad providers, you just don't see it. + +This isn't necessarily a bad thing. I mean, before adblock they were still +getting your information. Now it's the same, you're just not seeing animated +gifs and full screen flash ads all over. I'm not knocking adblock at all (in +fact, please support them in their worthy cause). I just thought I'd mention +this for anyone wondering. + +Category:Adblock + + +// vim: set syntax=asciidoc: diff --git a/src/AdBlock_Only_kind_of_Blocks_Ads.ascii b/src/AdBlock_Only_kind_of_Blocks_Ads.ascii deleted file mode 100644 index ddaf4e1..0000000 --- a/src/AdBlock_Only_kind_of_Blocks_Ads.ascii +++ /dev/null @@ -1,30 +0,0 @@ -AdBlock Only kind of Blocks Ads -=============================== -:author: Aaron Ball -:email: nullspoon@iohq.net - -== {doctitle} - -Today I was toying around with netstat to see what incoming connections I had -to my Linux box and noticed that for the pages you're on, your browser makes a -connection to each of the ad's providers linked to on the given page. What's -best (or worst) about this is the connection isn't broken until you close your -browser (at least that I noticed). - -I mentioned this to my girlfriend who is a big fan of adblock and she asked (of -course) if that happened when adblock was running. So, off I went to install -adblock to test and sure enough, it still made the connections to the ad -providers' servers. Obviously the ads are hidden, it just still grabs the -resources for the ads but obscures their html. That means you're still being -tracked by the ad providers, you just don't see it. - -This isn't necessarily a bad thing. I mean, before adblock they were still -getting your information. Now it's the same, you're just not seeing animated -gifs and full screen flash ads all over. I'm not knocking adblock at all (in -fact, please support them in their worthy cause). I just thought I'd mention -this for anyone wondering. - -Category:Adblock - - -// vim: set syntax=asciidoc: diff --git a/src/Android:Configuring_Hotmail_Exchange.adoc b/src/Android:Configuring_Hotmail_Exchange.adoc new file mode 100644 index 0000000..79170ba --- /dev/null +++ b/src/Android:Configuring_Hotmail_Exchange.adoc @@ -0,0 +1,88 @@ +Android:Configuring Hotmail Exchange +==================================== +:author: Aaron Ball +:email: nullspoon@iohq.net + + +== {doctitle} + +*EDIT:* I tested it for a day now and up to this point, email works great. I +got a contact to sync from my phone to my online address book as well. It did +however take almost a day for it to appear online.  Also, a calendar entry made +on my phone synced in under a minute to the online calendar. The other way +around, a calendar entry made online synced to my phone in about two minutes. + +Yesterday (August 30) Microsoft released a new functionality for Windows Live +Hotmail that many have been waiting for for some time: Exchange capabilities. + +*If you want to skip all the background stuff, you may now head down the the +bolded section titled "Now let's get started...".* + +This year Microsoft has released a lot of new functionality for Hotmail that +has really changed its quality. With GMail being arguably the best web-based +email service, Hotmail has a lot of catching up to do.  Thankfully, the first +thing Hotmail started with was allowing pop3 access for free. The next step to +compete with GMail was obviously free IMAP, which GMail released two years ago +I believe. Instead though, Microsoft gives us exchange for Hotmail. How cool is +that?! + +What's significant about exchange versus IMAP you ask? Well, exchange allows +for the synchronization of more than just mail, unlike IMAP. With exchange you +can sync your mail, your calendar, and your contacts. Not only does it +synchronize your mail though, it utilizes something called "push mail". This +means your phone doesn't check for updates ever five, ten,, or thirty minutes; +rather, the mail is "pushed" to your email client allowing for instantaneous +delivery. Cool, yeah? + +One thing before doing this though. + +.Obligatory Disclaimer +~~~~ +Microsoft has not officially said that this works with Android. Many people +have reported that it mostly works though. According to Microsoft, "Hotmail +team will add Android to list of supported devices in the coming months after +testing is completed." +~~~~ + + +[[now-lets-get-started]] +== Now, Let's Get Started + +First, launch your mail application called...you guessed it!..."Email" From +there, chances are your Accounts screen will come up. If this is the case, hit +the menu button on your phone and select "Add Account". + +____ +image:files/A-hotmail01.jpg[height=400] + +From there, type in your email address and password. In my case, this was +"username@live.com", though "username@hotmail.com" should have no problem as +well. Now, select "Manual Setup".,title="From there, type in your email address +and password. In my case, this was "username@live.com", though +"username@hotmail.com" should have no problem as well. Now, select "Manual +Setup". +____ + +At this point the application will ask you what kind of mail connection this +will be. You should see POP, IMAP, and Exchange. Select "Exchange". + +On the window you're taken to, most of the lines should be filled in for you. +We do have to make a few changes though. + +____ +image:files/A-hotmail02.jpg[height=400] + +First off, your "DomainUsername" will be slightly incorrect. What you probably +see is "username".,title="First off, your "DomainUsername" will be slightly +incorrect. What you probably see is "username". +____ + + +And that's it! + + +Category:Android +Category:Email + + +// vim: set syntax=asciidoc: diff --git a/src/Android:Configuring_Hotmail_Exchange.ascii b/src/Android:Configuring_Hotmail_Exchange.ascii deleted file mode 100644 index 79170ba..0000000 --- a/src/Android:Configuring_Hotmail_Exchange.ascii +++ /dev/null @@ -1,88 +0,0 @@ -Android:Configuring Hotmail Exchange -==================================== -:author: Aaron Ball -:email: nullspoon@iohq.net - - -== {doctitle} - -*EDIT:* I tested it for a day now and up to this point, email works great. I -got a contact to sync from my phone to my online address book as well. It did -however take almost a day for it to appear online.  Also, a calendar entry made -on my phone synced in under a minute to the online calendar. The other way -around, a calendar entry made online synced to my phone in about two minutes. - -Yesterday (August 30) Microsoft released a new functionality for Windows Live -Hotmail that many have been waiting for for some time: Exchange capabilities. - -*If you want to skip all the background stuff, you may now head down the the -bolded section titled "Now let's get started...".* - -This year Microsoft has released a lot of new functionality for Hotmail that -has really changed its quality. With GMail being arguably the best web-based -email service, Hotmail has a lot of catching up to do.  Thankfully, the first -thing Hotmail started with was allowing pop3 access for free. The next step to -compete with GMail was obviously free IMAP, which GMail released two years ago -I believe. Instead though, Microsoft gives us exchange for Hotmail. How cool is -that?! - -What's significant about exchange versus IMAP you ask? Well, exchange allows -for the synchronization of more than just mail, unlike IMAP. With exchange you -can sync your mail, your calendar, and your contacts. Not only does it -synchronize your mail though, it utilizes something called "push mail". This -means your phone doesn't check for updates ever five, ten,, or thirty minutes; -rather, the mail is "pushed" to your email client allowing for instantaneous -delivery. Cool, yeah? - -One thing before doing this though. - -.Obligatory Disclaimer -~~~~ -Microsoft has not officially said that this works with Android. Many people -have reported that it mostly works though. According to Microsoft, "Hotmail -team will add Android to list of supported devices in the coming months after -testing is completed." -~~~~ - - -[[now-lets-get-started]] -== Now, Let's Get Started - -First, launch your mail application called...you guessed it!..."Email" From -there, chances are your Accounts screen will come up. If this is the case, hit -the menu button on your phone and select "Add Account". - -____ -image:files/A-hotmail01.jpg[height=400] - -From there, type in your email address and password. In my case, this was -"username@live.com", though "username@hotmail.com" should have no problem as -well. Now, select "Manual Setup".,title="From there, type in your email address -and password. In my case, this was "username@live.com", though -"username@hotmail.com" should have no problem as well. Now, select "Manual -Setup". -____ - -At this point the application will ask you what kind of mail connection this -will be. You should see POP, IMAP, and Exchange. Select "Exchange". - -On the window you're taken to, most of the lines should be filled in for you. -We do have to make a few changes though. - -____ -image:files/A-hotmail02.jpg[height=400] - -First off, your "DomainUsername" will be slightly incorrect. What you probably -see is "username".,title="First off, your "DomainUsername" will be slightly -incorrect. What you probably see is "username". -____ - - -And that's it! - - -Category:Android -Category:Email - - -// vim: set syntax=asciidoc: diff --git a/src/Android:My_Phone_Configuration.adoc b/src/Android:My_Phone_Configuration.adoc new file mode 100644 index 0000000..50dbedc --- /dev/null +++ b/src/Android:My_Phone_Configuration.adoc @@ -0,0 +1,147 @@ +Android:My Phone Configuration +============================== +:author: Aaron Ball +:email: nullspoon@iohq.net + +== {doctitle} + +I rebuilt my phone this weekend so I could test out http://aospa.co/[AOSPA] +(Paranoid Android) for my phone, since unofficial support was just released a +few days ago. + +During my rebuild, it occured to me that I haven't seen much documentation on +people's processes and software sets, especially for the folks who want to run +a phone on as much open source software as possible. I have found +https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy[one +post] written by the nice folks over at the Tor project, which discusses how to +harden an Android device and provides a similar set of information I am about +to provide, but it's slightly out of date. That said, here's how I run my +phone. + + +[[disabled-applications]] +== Disabled Applications + +The first thing I do when booting my phone for the first time, is +disable several applications that come preinstalled on most roms or come +as a part of Google Apps. + + +[[android-applications]] +== Android Applications + +* **Browser**: I disable this one becasue with Google Apps installed and +an account set up, it forces you to log in to all of Google's services. I use +https://github.com/anthonycr/Lightning-Browser[Lightning Browser] instead (it's +available on the f-droid market). + +* **Email**: Disabled because I use https://github.com/k9mail/k-9/[k-9 +mail] instead, due to its support for account backups, source code being +readily available, not being developed mainly by Google, etc. K-9 is also +available on the f-droid market. + +* **Exchange Services**: This one I disable because I don't have any +exchange accounts on my phone. No sense in having it enabled if you aren't +using it. + +* **One Time Init**: This is executed one time, on first boot, or so its +name indicates. If it's running more than that, I don't want it running, so it +is disabled. + +* **Sound Recorder**: I disable this one mostly because I don't use it, +and disabling it removes its icon from my application drawer, thus saving +space. + + +[[google-appls-services]] +== Google Appls Services + +* **Google Backup Transport**: I don't back up my phone to Google's +services. + +* **Google Calendar Sync**: I don't sync my calendar through Google +anymore. + +* **Google Contacts Sync**: I don't sync my contacts through Google +anymore. + +* **Google One Time Init**: It's a one time init. No sense in leaving it +enabled once it has run once. + +* **Market Feedback Agent**: I don't give market feedback on my phone. + + +[[installed-applications]] +== Installed Applications + +These are the applications I have installed on my phone. The majority of them +are open source and can be found on the https://f-droid.org/[f-droid market]. + +* **And Bible**: Open source Christian Bible for android. + +* **Barcode Scanner**: Useful for scanning all kind of barcodes. Open +source and available on f-droid. + +* **Conversations**: This is my chat client. It supports encryption end +to end, and has a very friendly interface. Open source and available on +f-droid. + +* **DAVdroid**: I currently host all of my contacts and calendars on my +own hosted Owncloud instance. This provides support for caldave and carddav +syncing, which allows me to no longer keep my contacts or calendars on Google's +services. + +* **Duolingo**: One of my favorite language-learning tools. Closed +source though (I wish they'd change that, but oh well). + +* **f-droid**: Exclusively open source Android market. I have to +download all these applications somehow after all. + +* **spaRSS**: Open source rss stream reader based on Flym and Sparse rss. + +* **K-9 Mail**: Open source fork of the stock Android email client. +Supports backup of all accounts so they can later be re-imported (useful for us +flash junkies) + +* **Kore**: Open source Kodi (or xbmc) remote control client. Available +on f-droid. + +* **Lightning**: Open source and lightweight browser. Very smooth and +fast. Available on f-droid market. + +* **oandbackup**: Application backup software. I don't flash a new rom +without first using this to back up each individual application. Available on +the f-droid market. + +* **Open Camera**: With the introduction of the lolipop camera, it has +gotten much "dumber". I like all the advanced settings, so I have this +installed. + +* **OpenKeychain**: Imports pgp keys. Integrates into Password Store and +K-9 mail for encrypting/decrypting passwords, and encrypting/decrypting and +signing emails, respective. + +* **Orbot**: Open source Tor client. Available on the f-droid market. + +* **OsmAnd~**: Open source map application. Fair replacement for Google +Maps. Available on f-droid market. + +* **Password Store**: Password manager. Uses pgp to encrypt/decrypt +password entries. Also has clients for Linux, Windows, and OsX. Available on +f-droid market. + +* **Syncthing**: How I backup my phone, off-phone. Open source +peer-to-peer synchronization client. I have mine set up to sync +/storage/sdcard0 and /storage/sdcard1, which gets all the necessary data from +my phone, onto my laptop. Available on f-droid market. + +* **Google Voice**: This is the one last Google application I haven't +been able to replace yet, open source or no, free or no. It seems the majority +of competing services in this arena are all tailored to business voip +customers. I just want one phone number with text messaging support, and thus +can't justify $40 or more per month for this kind of service. I'm still on the +hunt though and will update this post if I ever manage to replace this +application. + + +// vim: set syntax=asciidoc: diff --git a/src/Android:My_Phone_Configuration.ascii b/src/Android:My_Phone_Configuration.ascii deleted file mode 100644 index 50dbedc..0000000 --- a/src/Android:My_Phone_Configuration.ascii +++ /dev/null @@ -1,147 +0,0 @@ -Android:My Phone Configuration -============================== -:author: Aaron Ball -:email: nullspoon@iohq.net - -== {doctitle} - -I rebuilt my phone this weekend so I could test out http://aospa.co/[AOSPA] -(Paranoid Android) for my phone, since unofficial support was just released a -few days ago. - -During my rebuild, it occured to me that I haven't seen much documentation on -people's processes and software sets, especially for the folks who want to run -a phone on as much open source software as possible. I have found -https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy[one -post] written by the nice folks over at the Tor project, which discusses how to -harden an Android device and provides a similar set of information I am about -to provide, but it's slightly out of date. That said, here's how I run my -phone. - - -[[disabled-applications]] -== Disabled Applications - -The first thing I do when booting my phone for the first time, is -disable several applications that come preinstalled on most roms or come -as a part of Google Apps. - - -[[android-applications]] -== Android Applications - -* **Browser**: I disable this one becasue with Google Apps installed and -an account set up, it forces you to log in to all of Google's services. I use -https://github.com/anthonycr/Lightning-Browser[Lightning Browser] instead (it's -available on the f-droid market). - -* **Email**: Disabled because I use https://github.com/k9mail/k-9/[k-9 -mail] instead, due to its support for account backups, source code being -readily available, not being developed mainly by Google, etc. K-9 is also -available on the f-droid market. - -* **Exchange Services**: This one I disable because I don't have any -exchange accounts on my phone. No sense in having it enabled if you aren't -using it. - -* **One Time Init**: This is executed one time, on first boot, or so its -name indicates. If it's running more than that, I don't want it running, so it -is disabled. - -* **Sound Recorder**: I disable this one mostly because I don't use it, -and disabling it removes its icon from my application drawer, thus saving -space. - - -[[google-appls-services]] -== Google Appls Services - -* **Google Backup Transport**: I don't back up my phone to Google's -services. - -* **Google Calendar Sync**: I don't sync my calendar through Google -anymore. - -* **Google Contacts Sync**: I don't sync my contacts through Google -anymore. - -* **Google One Time Init**: It's a one time init. No sense in leaving it -enabled once it has run once. - -* **Market Feedback Agent**: I don't give market feedback on my phone. - - -[[installed-applications]] -== Installed Applications - -These are the applications I have installed on my phone. The majority of them -are open source and can be found on the https://f-droid.org/[f-droid market]. - -* **And Bible**: Open source Christian Bible for android. - -* **Barcode Scanner**: Useful for scanning all kind of barcodes. Open -source and available on f-droid. - -* **Conversations**: This is my chat client. It supports encryption end -to end, and has a very friendly interface. Open source and available on -f-droid. - -* **DAVdroid**: I currently host all of my contacts and calendars on my -own hosted Owncloud instance. This provides support for caldave and carddav -syncing, which allows me to no longer keep my contacts or calendars on Google's -services. - -* **Duolingo**: One of my favorite language-learning tools. Closed -source though (I wish they'd change that, but oh well). - -* **f-droid**: Exclusively open source Android market. I have to -download all these applications somehow after all. - -* **spaRSS**: Open source rss stream reader based on Flym and Sparse rss. - -* **K-9 Mail**: Open source fork of the stock Android email client. -Supports backup of all accounts so they can later be re-imported (useful for us -flash junkies) - -* **Kore**: Open source Kodi (or xbmc) remote control client. Available -on f-droid. - -* **Lightning**: Open source and lightweight browser. Very smooth and -fast. Available on f-droid market. - -* **oandbackup**: Application backup software. I don't flash a new rom -without first using this to back up each individual application. Available on -the f-droid market. - -* **Open Camera**: With the introduction of the lolipop camera, it has -gotten much "dumber". I like all the advanced settings, so I have this -installed. - -* **OpenKeychain**: Imports pgp keys. Integrates into Password Store and -K-9 mail for encrypting/decrypting passwords, and encrypting/decrypting and -signing emails, respective. - -* **Orbot**: Open source Tor client. Available on the f-droid market. - -* **OsmAnd~**: Open source map application. Fair replacement for Google -Maps. Available on f-droid market. - -* **Password Store**: Password manager. Uses pgp to encrypt/decrypt -password entries. Also has clients for Linux, Windows, and OsX. Available on -f-droid market. - -* **Syncthing**: How I backup my phone, off-phone. Open source -peer-to-peer synchronization client. I have mine set up to sync -/storage/sdcard0 and /storage/sdcard1, which gets all the necessary data from -my phone, onto my laptop. Available on f-droid market. - -* **Google Voice**: This is the one last Google application I haven't -been able to replace yet, open source or no, free or no. It seems the majority -of competing services in this arena are all tailored to business voip -customers. I just want one phone number with text messaging support, and thus -can't justify $40 or more per month for this kind of service. I'm still on the -hunt though and will update this post if I ever manage to replace this -application. - - -// vim: set syntax=asciidoc: diff --git a/src/Android_Client_and_Sync_with_ownCloud_on_NGINX.adoc b/src/Android_Client_and_Sync_with_ownCloud_on_NGINX.adoc new file mode 100644 index 0000000..359de3c --- /dev/null +++ b/src/Android_Client_and_Sync_with_ownCloud_on_NGINX.adoc @@ -0,0 +1,61 @@ +Android Client and Sync with OwnCloud on NGINX +============================================== +:author: Aaron Ball +:email: nullspoon@iohq.net + + +== {doctitle} + +I have been looking for a good way to move completely from Google for quite +some time. Many of the things I am dependant upon them for are pretty vital for +day to day operations. One of these is of course contact and calendar syncing. +Currently, my solution to that problem is http://www.egroupware.org[EGroupware] +for my server using syncml through http://funambol.com[Funambol] to synchronize +my contacts from my web server to my Android phone. This solution is bulky +taking about 80 MB on my server for the PHP code. Though this works, it is +hardly ideal. That's why I was so excited to try out +http://owncloud.org[ownCloud]. Their Android client is still definitely a work +in progress, but at least it's something (not to mention that they use +standards-based services, so several other sync apps for Android can work with +ownCloud). + +Now, I run http://nginx.org[NGINX] on my web server which does things a little +differently than Apache, especially in regards to .htaccess files. Despite that +though, out of the box (or tarball) ownCloud seems to work perfectly. However, +when you try to sync up your Android phone via +http://owncloud.org/support/android/[their dandy client], you get this obscure +error + +---- +Wrong path given +---- + +Additionally, when you check your server access logs, you'll see + +---- +Requested uri (/remote.php/webdav.php) is out of base uri (/remote.php/webdav/) +---- + +This is most likely because you need two location directives in your NGINX conf +file (or vhost file if you're doing things that way). To fix this just put the +following two things in your said config file (This assumes your own cloud +server is running at + +---- +location /owncloud { + index index.php; + try_files $uri $uri/ @owncloud +} +location @owncloud { + rewrite ^/owncloud/(.*)$ /owncloud.php/index.php?p=$1 last; +} +---- + +And that should do it for you! + + +Category:Nginx +Category:Android + + +// vim: set syntax=asciidoc: diff --git a/src/Android_Client_and_Sync_with_ownCloud_on_NGINX.ascii b/src/Android_Client_and_Sync_with_ownCloud_on_NGINX.ascii deleted file mode 100644 index 359de3c..0000000 --- a/src/Android_Client_and_Sync_with_ownCloud_on_NGINX.ascii +++ /dev/null @@ -1,61 +0,0 @@ -Android Client and Sync with OwnCloud on NGINX -============================================== -:author: Aaron Ball -:email: nullspoon@iohq.net - - -== {doctitle} - -I have been looking for a good way to move completely from Google for quite -some time. Many of the things I am dependant upon them for are pretty vital for -day to day operations. One of these is of course contact and calendar syncing. -Currently, my solution to that problem is http://www.egroupware.org[EGroupware] -for my server using syncml through http://funambol.com[Funambol] to synchronize -my contacts from my web server to my Android phone. This solution is bulky -taking about 80 MB on my server for the PHP code. Though this works, it is -hardly ideal. That's why I was so excited to try out -http://owncloud.org[ownCloud]. Their Android client is still definitely a work -in progress, but at least it's something (not to mention that they use -standards-based services, so several other sync apps for Android can work with -ownCloud). - -Now, I run http://nginx.org[NGINX] on my web server which does things a little -differently than Apache, especially in regards to .htaccess files. Despite that -though, out of the box (or tarball) ownCloud seems to work perfectly. However, -when you try to sync up your Android phone via -http://owncloud.org/support/android/[their dandy client], you get this obscure -error - ----- -Wrong path given ----- - -Additionally, when you check your server access logs, you'll see - ----- -Requested uri (/remote.php/webdav.php) is out of base uri (/remote.php/webdav/) ----- - -This is most likely because you need two location directives in your NGINX conf -file (or vhost file if you're doing things that way). To fix this just put the -following two things in your said config file (This assumes your own cloud -server is running at - ----- -location /owncloud { - index index.php; - try_files $uri $uri/ @owncloud -} -location @owncloud { - rewrite ^/owncloud/(.*)$ /owncloud.php/index.php?p=$1 last; -} ----- - -And that should do it for you! - - -Category:Nginx -Category:Android - - -// vim: set syntax=asciidoc: diff --git a/src/Android_Screen_Density.adoc b/src/Android_Screen_Density.adoc new file mode 100644 index 0000000..2d18cc1 --- /dev/null +++ b/src/Android_Screen_Density.adoc @@ -0,0 +1,90 @@ +Android Screen Density +====================== +:author: Aaron Ball +:email: nullspoon@iohq.net + + +== {doctitle} + +Recently a Droid X owner I know showed me a software that can change the screen +density on Android phones (I can't remember if it was a part of his rom or +not). I thought it was cool, so I set out to find a way to manually change +screen density without installing any additional software since I try to run as +minimalistic an install on my phone as possible (my fellow Evo users out there, +you know why). + +Just before we start things off here, I'd like to put a disclaimer on this one. +You likely won't brick your phone (you'd have to try really hard or have really +bad luck), but you can mess it up pretty bad as we will be editing a system +configuration file. If you cause some problems, please feel free to ask +questions about it and I will try my best to help, but I offer no warranty or +guarantee on this. + +With that out of the way, let's get started! + +As many things do in Android, this requires root as we will have to remount the +/system partition. + +First things first, crack open your terminal emulator. If you don't have this, +you can find it on the market, however most roms includes this application by +default. + +Once in terminal emulator, run the following command: + +---- +su +---- + +This logs your terminal session in as root(or **S**uper **U**ser so we can +perform the various operations needed to make the change. Obviously, your +superuser software will kick in here. Just select Allow. + +Now that we are logged in as root, run the following command. + +---- +mount -o remount,rw /system +---- + +This will remount the /system partition with read/write permissions. Without +running this command, we can't save the config file we will be editing in a +few. The default android has for this on boot is read only permissions, as this +partition contains some pretty critical stuff (it isn't called system for +nothing). This is a good security measure to keep programs from changing all +kinds of stuff on your phone. No worries however, we will only have write +permissions set up for a few minutes. + +Now, open up the build properties file located at /system/build.prop I +am assuming here that you know how to use VI. If you don't, I am in the +process of writing up a post on using VI in Android terminal emulator. +If you know how to use it on a desktop, VI on Android is very similar +and you should be able to proceed as I detail later how to hit the +escape key when you don't have one on your phone. + +---- +vi /system/build.prop +---- + +Scroll down until you see **ro.sf.lcd_density = 160**. If you change this +number and reboot your phone, your screen density will change on startup. I +typically use 120. + +Finally, save the file and reboot. For you EVO users who don't have a qwerty +keyboard with an escape key (who has one of those anyways), press **volume up + +e**. I believe volume up is the terminal emulator equivalent of ctrl. + +Reboot phone for your changes to take effect. + +*WARNING (Wik)* : Don't change this value to too small or you won't be able to +use your phone because everything will be tiny. You have been warned. + +*WARNING WARNING (Also Wik)* : When I discovered the build.prop file, I was +most excited and started poking around. I noticed a lot in there that could +cause problems for your phone. Be careful when changing the values in this +file. It can be fun, but you might end up with an unusable phone until you +reflash it. + + +Category:Android + + +// vim: set syntax=asciidoc: diff --git a/src/Android_Screen_Density.ascii b/src/Android_Screen_Density.ascii deleted file mode 100644 index 2d18cc1..0000000 --- a/src/Android_Screen_Density.ascii +++ /dev/null @@ -1,90 +0,0 @@ -Android Screen Density -====================== -:author: Aaron Ball -:email: nullspoon@iohq.net - - -== {doctitle} - -Recently a Droid X owner I know showed me a software that can change the screen -density on Android phones (I can't remember if it was a part of his rom or -not). I thought it was cool, so I set out to find a way to manually change -screen density without installing any additional software since I try to run as -minimalistic an install on my phone as possible (my fellow Evo users out there, -you know why). - -Just before we start things off here, I'd like to put a disclaimer on this one. -You likely won't brick your phone (you'd have to try really hard or have really -bad luck), but you can mess it up pretty bad as we will be editing a system -configuration file. If you cause some problems, please feel free to ask -questions about it and I will try my best to help, but I offer no warranty or -guarantee on this. - -With that out of the way, let's get started! - -As many things do in Android, this requires root as we will have to remount the -/system partition. - -First things first, crack open your terminal emulator. If you don't have this, -you can find it on the market, however most roms includes this application by -default. - -Once in terminal emulator, run the following command: - ----- -su ----- - -This logs your terminal session in as root(or **S**uper **U**ser so we can -perform the various operations needed to make the change. Obviously, your -superuser software will kick in here. Just select Allow. - -Now that we are logged in as root, run the following command. - ----- -mount -o remount,rw /system ----- - -This will remount the /system partition with read/write permissions. Without -running this command, we can't save the config file we will be editing in a -few. The default android has for this on boot is read only permissions, as this -partition contains some pretty critical stuff (it isn't called system for -nothing). This is a good security measure to keep programs from changing all -kinds of stuff on your phone. No worries however, we will only have write -permissions set up for a few minutes. - -Now, open up the build properties file located at /system/build.prop I -am assuming here that you know how to use VI. If you don't, I am in the -process of writing up a post on using VI in Android terminal emulator. -If you know how to use it on a desktop, VI on Android is very similar -and you should be able to proceed as I detail later how to hit the -escape key when you don't have one on your phone. - ----- -vi /system/build.prop ----- - -Scroll down until you see **ro.sf.lcd_density = 160**. If you change this -number and reboot your phone, your screen density will change on startup. I -typically use 120. - -Finally, save the file and reboot. For you EVO users who don't have a qwerty -keyboard with an escape key (who has one of those anyways), press **volume up + -e**. I believe volume up is the terminal emulator equivalent of ctrl. - -Reboot phone for your changes to take effect. - -*WARNING (Wik)* : Don't change this value to too small or you won't be able to -use your phone because everything will be tiny. You have been warned. - -*WARNING WARNING (Also Wik)* : When I discovered the build.prop file, I was -most excited and started poking around. I noticed a lot in there that could -cause problems for your phone. Be careful when changing the values in this -file. It can be fun, but you might end up with an unusable phone until you -reflash it. - - -Category:Android - - -// vim: set syntax=asciidoc: diff --git a/src/Aol_Email_Hacked.adoc b/src/Aol_Email_Hacked.adoc new file mode 100644 index 0000000..a5121a3 --- /dev/null +++ b/src/Aol_Email_Hacked.adoc @@ -0,0 +1,237 @@ +Aol Email Hacked +================== +:author: Aaron Ball +:email: nullspoon@iohq.net + +== {doctitle} + +About four days ago, my dad's email account began spamming me. I initially +thought the email looked fishy, but it had a few things about it that made it +seem relatively legitemate. The first reason being that my dad frequently sends +me news articles (the email had a link to a "news" article, albeit a suspicious +one). The second was that the people included on the email were all people he +knows. And thus, I clicked the link on my phone and it promptly took me to a +website that downloaded the file "security.update.apk" to my phone. I said to +myself, "Self, that looks like something bad. Better not install that." + +And so I didn't. After seeing the malicious file download though, I went back +to my "dad's" email and had a good look at the headers and there it was: +several non-Aol mail servers in line, ending with my server which didn't mark +it as spam for a very key reason. + + +== The Problem + +Most people don't know that the to, cc, bcc, subject, and body are not the only +fields you can change in an email. Many who run their own mail servers for the +first time have an epiphany that they can change any field on an email, +including the *from* field. So what's to keep us from framing Roger Rabbit? +It's very easy to send an email from someone else without actually being logged +in to their account. The server conversation for that scenario would go roughly +like this... + +[quote] +____ +**super_sketchymail.info**: Pssst. Hey you over there...I have a letter for +you. _*sulks into the shadows*_ + +**gmail.com**: Okay? Lemme see... Oh look. It's a letter to +frank15689@gmail.com and it's from james19875@aol.com. Okay! I'll go deliver +this to him. + +**super_sketchymail.info**: _*continues handing out false letters*_ +____ + +There might be a subtle something you missed in that conversation just now. The +email is coming from __super_sketchymail.info__, but the letter itself says +it's from aol.com. The point here is that Gmail missed that it was a fraudulent +email and now Frank has it in his inbox. + + +== The Solution: SPF + +There are many methods to detect and respond to fraudulent emails. One of them +(the topic of this post) is this great thing invented by the elders of the +internet called SPF, or **s**ender **p**olicy **f**ramework. In a scenario +where SPF was implemented, the mail server conversation would go roughly like +this... + +[quote] +____ +**super_sketchymail.info**: Pssst. Hey you over there...I have a letter for +you. _*sulks into the shadows*_ + +**gmail.com**: Okay? Lemme see... Oh look. It's a letter to +frank15689@gmail.com and it's from james19875@aol.com. Lemme check with aol.com +first to make sure they say _super_sketchymail.info_ can send email on their +behalf + +**gmail.com**: Hey **aol.com**, can *super_sketchymail.info* send email on your +behalf? + +**AOL.com**: No they cannot! + +**gmail.com**: Nope! They say you can't. Sorry pal, I'm not going to +deliver this. +____ + +Effectively what SPF provides is a way for a mail server to verify that the +server delivering the mail is approved to do so for the given email address +(the _from_ field). In the previous conversation, super_sketchymail.info was +trying to deliver mail on behalf of Aol. Gmail then checked with Aol (their +SPF records) and saw that their list of approved mail servers did not include +super_sketchymail.info, and thus the email would not be delivered. + +Isn't that a great little bit of functionality? + + +[[where-aol-went-wrong]] +== Where AOL Went Wrong + +[[the-technical-version]] +=== The Technical Version + +The functionality I just described is really great...if you have it in +place. Aol _does_ have it in place, just not correctly. A quick lookup +of their DNS and we'll see why. + +**Note** that this DNS lookup is as of 2014.04.21. + +---- +$ dig -t txt aol.com + +; <<>> DiG 9.9.2-P2 <<>> -t txt aol.com +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32129 +;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 + +;; OPT PSEUDOSECTION: +; EDNS: version: 0, flags:; udp: 4000 +;; QUESTION SECTION: +;aol.com. IN TXT + +;; ANSWER SECTION: +aol.com. 3600 IN TXT "v=spf1 ptr:mx.aol.com ?all" +aol.com. 3600 IN TXT "spf2.0/pra ptr:mx.aol.com ?all" + +;; Query time: 62 msec +;; SERVER: 172.20.0.40#53(172.20.0.40) +;; WHEN: Wed Apr 23 08:39:02 2014 +;; MSG SIZE rcvd: 228 +---- + + +The key bits in there are the two lines that have "spf1" and spf2.0" and +end with "?all". Thos two DNS entries say a bit more than we'll discuss +here, so the most important bit in there for the purposes of this post +is the **?all**. What that says is that any host who doesn't match any +of the previous policies in any way, mark as neutral. When a server +checks Aol's DNS entries to confirm if a server is approved to send +emails, instead of saying an emphatic __no__, it says "__Yeah, sure. +Whatever__". I think that flag could be better described as the +ambivolent flag. + +The bit that ends an spf record (the _all_ bit) can have one of four +qualifiers: +, ?, \~, and -. Most SPF records (arguably all) should end +with _-all_ because that disowns all mail servers that don't match the +previous policies. Aol uses the __?all__, which is neutral (as +mentioned). + + +[[the-less-technical-version]] +=== The Less Technical Version + +Basically, the way AOL has their DNS SPF records configured, they almost +approve anyone to send mail as Aol. I say _almost approve_ because they take +only a neutral standpoint on any server that tries to send mail as them. This +is a huge problem because anyone who runs a mail server can spoof headers, send +mail as Aol users, and services like Gmail can't verify that it's not from Aol, +because Aol says that it's okay for any server to send mail as them. + +The quick solution here for Aol is to flip that *?all* to a **-all**. My guess +is that Aol has some vendors sending mail as them and they haven't taken the +time to put their vendors servers in DNS (easily fixable with the INCLUDE +mechanism). Other than that though, there's really no reason to have the ?all +in place that I can think of (besides just not knowing how spf works). + + +[[one-final-issue]] +== One Final Issue + +Despite Aol's DNS mis-configuration, there is one final issue that I can't +really speak much to. It goes back to the emails I've been receiving from my +"dad's" email account. Each of those is written to people from his contact +list, which indicates that someone was able to get in to Aol (or their user +data got out) and acquire user's contact lists. If they got their contact lists +though, who knows what else they were able to get. + +How big was this breach? I can't say. Aol +http://techcrunch.com/2014/04/21/aol-mail-hacked-with-spoofed-accounts-sending-spam/[confirmed +the breach] just two days ago. Hopefully Aol doesn't play this out poorly and +try to keep everyone in the dark. I'll post back here as I learn more. + + +[[update-2014.05.11]] +== Update: 2014.05.11 + +It's actually been a while since the issue was "resolved", I just haven't had a +chance yet to post back on it. Now though, it's snowing outside (in spring), I +have a hot mug of coffee, and my cat is sleeping on the recliner instead of my +keyboard. Let's get started. First, let's have a look at AOL's DNS to see how +they've done fixing it up. + + +---- +$ dig -t txt aol.com + +... +;; ANSWER SECTION: +aol.com. 1942 IN TXT "v=spf1 ptr:mx.aol.com include:spf.constantcontact.com include:aspmx.sailthru.com include:zendesk.com ~all" +aol.com. 1942 IN TXT "spf2.0/pra ptr:mx.aol.com include:spf.constantcontact.com include:aspmx.sailthru.com include:zendesk.com ~all" +... +---- + + +It looks like they've certainly thoroughly updated their DNS. In application, +their fix _should_ prevent folks from being able to spoof legitemate AOL +accounts, but that's actually only because of their vendors having their DNS +configured properly. To be extra clear, the reason the problem is fixed is not +because AOL has actually implemented a solid fix. As mentioned earlier in +link:#The_Technical_Version[ the technical version section], there are four +qualifiers for the trailing _all_ bit, AOL chose to use the **~**, a soft fail. +This will still not disown non-AOL server sending mail as AOL. It will only +"raise suspicion" for those emails. However, thanks to their vendors knowing +what they're doing (aspmx.sailthru.com and at least), their spf records +actually end with a __-all__, or a hard fail. + +To give a simple overview of how AOL's DNS works now, they basically include +all of their vendor's spf records in their own spf record. That means that if +any of their vendors break their own DNS to allow anyone to spoof the vendor, +the "spoofers" can also apoof AOL users because AOL's DNS is including the +vendor's bad DNS configuration. In this case though, one of AOL's vendors +(aspmx.sailthru.com), ends with a __'-all__, causing AOL's DNS configuration to +be secure becuase one of their vendors made an alright decision in their +configuration. Dear AOL... + +One final thing to note regarding the remainder of the breach. +http://www.pcworld.com/article/2148523/aol-traces-mystery-spam-to-security-breach.html[AOL +has confirmed] that there was indeed a security breach wherein the attackers +gained access to user's complete address books (email address, names, physical +mailing addresses, etc) as well as encrypted security questions/answers and +encrypted passwords (gosh I hope they mean hashed instead of encrypted +passwords). I hope that AOL comes out with a detailed report as to how the +attackers gained access to their systems. Given their mishap with DNS (benefit +of the doubt), I hope the hack on their servers wasn't nearly as obvious. Also +I'd like to know for my own edification. Due to this leak, I have begun +receiving an increased amount of non-AOL spam as if my email address was +released to more spammers. Thanks AOL. I guess though that it was bound to +happen sometime by someone. Why not AOL.. At least I got to learn +link:Exim_Spam_Filtering_with_Bogofilter[how to set up a spam filter for Exim]. + +Category:Aol +Category:Security +Category:DNS + + +// vim: set syntax=asciidoc: diff --git a/src/Aol_Email_Hacked.ascii b/src/Aol_Email_Hacked.ascii deleted file mode 100644 index a5121a3..0000000 --- a/src/Aol_Email_Hacked.ascii +++ /dev/null @@ -1,237 +0,0 @@ -Aol Email Hacked -================== -:author: Aaron Ball -:email: nullspoon@iohq.net - -== {doctitle} - -About four days ago, my dad's email account began spamming me. I initially -thought the email looked fishy, but it had a few things about it that made it -seem relatively legitemate. The first reason being that my dad frequently sends -me news articles (the email had a link to a "news" article, albeit a suspicious -one). The second was that the people included on the email were all people he -knows. And thus, I clicked the link on my phone and it promptly took me to a -website that downloaded the file "security.update.apk" to my phone. I said to -myself, "Self, that looks like something bad. Better not install that." - -And so I didn't. After seeing the malicious file download though, I went back -to my "dad's" email and had a good look at the headers and there it was: -several non-Aol mail servers in line, ending with my server which didn't mark -it as spam for a very key reason. - - -== The Problem - -Most people don't know that the to, cc, bcc, subject, and body are not the only -fields you can change in an email. Many who run their own mail servers for the -first time have an epiphany that they can change any field on an email, -including the *from* field. So what's to keep us from framing Roger Rabbit? -It's very easy to send an email from someone else without actually being logged -in to their account. The server conversation for that scenario would go roughly -like this... - -[quote] -____ -**super_sketchymail.info**: Pssst. Hey you over there...I have a letter for -you. _*sulks into the shadows*_ - -**gmail.com**: Okay? Lemme see... Oh look. It's a letter to -frank15689@gmail.com and it's from james19875@aol.com. Okay! I'll go deliver -this to him. - -**super_sketchymail.info**: _*continues handing out false letters*_ -____ - -There might be a subtle something you missed in that conversation just now. The -email is coming from __super_sketchymail.info__, but the letter itself says -it's from aol.com. The point here is that Gmail missed that it was a fraudulent -email and now Frank has it in his inbox. - - -== The Solution: SPF - -There are many methods to detect and respond to fraudulent emails. One of them -(the topic of this post) is this great thing invented by the elders of the -internet called SPF, or **s**ender **p**olicy **f**ramework. In a scenario -where SPF was implemented, the mail server conversation would go roughly like -this... - -[quote] -____ -**super_sketchymail.info**: Pssst. Hey you over there...I have a letter for -you. _*sulks into the shadows*_ - -**gmail.com**: Okay? Lemme see... Oh look. It's a letter to -frank15689@gmail.com and it's from james19875@aol.com. Lemme check with aol.com -first to make sure they say _super_sketchymail.info_ can send email on their -behalf - -**gmail.com**: Hey **aol.com**, can *super_sketchymail.info* send email on your -behalf? - -**AOL.com**: No they cannot! - -**gmail.com**: Nope! They say you can't. Sorry pal, I'm not going to -deliver this. -____ - -Effectively what SPF provides is a way for a mail server to verify that the -server delivering the mail is approved to do so for the given email address -(the _from_ field). In the previous conversation, super_sketchymail.info was -trying to deliver mail on behalf of Aol. Gmail then checked with Aol (their -SPF records) and saw that their list of approved mail servers did not include -super_sketchymail.info, and thus the email would not be delivered. - -Isn't that a great little bit of functionality? - - -[[where-aol-went-wrong]] -== Where AOL Went Wrong - -[[the-technical-version]] -=== The Technical Version - -The functionality I just described is really great...if you have it in -place. Aol _does_ have it in place, just not correctly. A quick lookup -of their DNS and we'll see why. - -**Note** that this DNS lookup is as of 2014.04.21. - ----- -$ dig -t txt aol.com - -; <<>> DiG 9.9.2-P2 <<>> -t txt aol.com -;; global options: +cmd -;; Got answer: -;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32129 -;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 - -;; OPT PSEUDOSECTION: -; EDNS: version: 0, flags:; udp: 4000 -;; QUESTION SECTION: -;aol.com. IN TXT - -;; ANSWER SECTION: -aol.com. 3600 IN TXT "v=spf1 ptr:mx.aol.com ?all" -aol.com. 3600 IN TXT "spf2.0/pra ptr:mx.aol.com ?all" - -;; Query time: 62 msec -;; SERVER: 172.20.0.40#53(172.20.0.40) -;; WHEN: Wed Apr 23 08:39:02 2014 -;; MSG SIZE rcvd: 228 ----- - - -The key bits in there are the two lines that have "spf1" and spf2.0" and -end with "?all". Thos two DNS entries say a bit more than we'll discuss -here, so the most important bit in there for the purposes of this post -is the **?all**. What that says is that any host who doesn't match any -of the previous policies in any way, mark as neutral. When a server -checks Aol's DNS entries to confirm if a server is approved to send -emails, instead of saying an emphatic __no__, it says "__Yeah, sure. -Whatever__". I think that flag could be better described as the -ambivolent flag. - -The bit that ends an spf record (the _all_ bit) can have one of four -qualifiers: +, ?, \~, and -. Most SPF records (arguably all) should end -with _-all_ because that disowns all mail servers that don't match the -previous policies. Aol uses the __?all__, which is neutral (as -mentioned). - - -[[the-less-technical-version]] -=== The Less Technical Version - -Basically, the way AOL has their DNS SPF records configured, they almost -approve anyone to send mail as Aol. I say _almost approve_ because they take -only a neutral standpoint on any server that tries to send mail as them. This -is a huge problem because anyone who runs a mail server can spoof headers, send -mail as Aol users, and services like Gmail can't verify that it's not from Aol, -because Aol says that it's okay for any server to send mail as them. - -The quick solution here for Aol is to flip that *?all* to a **-all**. My guess -is that Aol has some vendors sending mail as them and they haven't taken the -time to put their vendors servers in DNS (easily fixable with the INCLUDE -mechanism). Other than that though, there's really no reason to have the ?all -in place that I can think of (besides just not knowing how spf works). - - -[[one-final-issue]] -== One Final Issue - -Despite Aol's DNS mis-configuration, there is one final issue that I can't -really speak much to. It goes back to the emails I've been receiving from my -"dad's" email account. Each of those is written to people from his contact -list, which indicates that someone was able to get in to Aol (or their user -data got out) and acquire user's contact lists. If they got their contact lists -though, who knows what else they were able to get. - -How big was this breach? I can't say. Aol -http://techcrunch.com/2014/04/21/aol-mail-hacked-with-spoofed-accounts-sending-spam/[confirmed -the breach] just two days ago. Hopefully Aol doesn't play this out poorly and -try to keep everyone in the dark. I'll post back here as I learn more. - - -[[update-2014.05.11]] -== Update: 2014.05.11 - -It's actually been a while since the issue was "resolved", I just haven't had a -chance yet to post back on it. Now though, it's snowing outside (in spring), I -have a hot mug of coffee, and my cat is sleeping on the recliner instead of my -keyboard. Let's get started. First, let's have a look at AOL's DNS to see how -they've done fixing it up. - - ----- -$ dig -t txt aol.com - -... -;; ANSWER SECTION: -aol.com. 1942 IN TXT "v=spf1 ptr:mx.aol.com include:spf.constantcontact.com include:aspmx.sailthru.com include:zendesk.com ~all" -aol.com. 1942 IN TXT "spf2.0/pra ptr:mx.aol.com include:spf.constantcontact.com include:aspmx.sailthru.com include:zendesk.com ~all" -... ----- - - -It looks like they've certainly thoroughly updated their DNS. In application, -their fix _should_ prevent folks from being able to spoof legitemate AOL -accounts, but that's actually only because of their vendors having their DNS -configured properly. To be extra clear, the reason the problem is fixed is not -because AOL has actually implemented a solid fix. As mentioned earlier in -link:#The_Technical_Version[ the technical version section], there are four -qualifiers for the trailing _all_ bit, AOL chose to use the **~**, a soft fail. -This will still not disown non-AOL server sending mail as AOL. It will only -"raise suspicion" for those emails. However, thanks to their vendors knowing -what they're doing (aspmx.sailthru.com and at least), their spf records -actually end with a __-all__, or a hard fail. - -To give a simple overview of how AOL's DNS works now, they basically include -all of their vendor's spf records in their own spf record. That means that if -any of their vendors break their own DNS to allow anyone to spoof the vendor, -the "spoofers" can also apoof AOL users because AOL's DNS is including the -vendor's bad DNS configuration. In this case though, one of AOL's vendors -(aspmx.sailthru.com), ends with a __'-all__, causing AOL's DNS configuration to -be secure becuase one of their vendors made an alright decision in their -configuration. Dear AOL... - -One final thing to note regarding the remainder of the breach. -http://www.pcworld.com/article/2148523/aol-traces-mystery-spam-to-security-breach.html[AOL -has confirmed] that there was indeed a security breach wherein the attackers -gained access to user's complete address books (email address, names, physical -mailing addresses, etc) as well as encrypted security questions/answers and -encrypted passwords (gosh I hope they mean hashed instead of encrypted -passwords). I hope that AOL comes out with a detailed report as to how the -attackers gained access to their systems. Given their mishap with DNS (benefit -of the doubt), I hope the hack on their servers wasn't nearly as obvious. Also -I'd like to know for my own edification. Due to this leak, I have begun -receiving an increased amount of non-AOL spam as if my email address was -released to more spammers. Thanks AOL. I guess though that it was bound to -happen sometime by someone. Why not AOL.. At least I got to learn -link:Exim_Spam_Filtering_with_Bogofilter[how to set up a spam filter for Exim]. - -Category:Aol -Category:Security -Category:DNS - - -// vim: set syntax=asciidoc: diff --git a/src/Apache:Listening_Port.adoc b/src/Apache:Listening_Port.adoc new file mode 100644 index 0000000..e7281f1 --- /dev/null +++ b/src/Apache:Listening_Port.adoc @@ -0,0 +1,60 @@ +Apache:Listening Port +======================== +:author: Aaron Ball +:email: nullspoon@iohq.net + + +== {doctitle} + +I recently had a web server behind a load balancer that needed to listen on a +different port because the load balancer was translating port 80 traffic for +security. Thankfully, changing the ports that HTTPd listens on is relatively +simple. + +Crack open your favorite command line editor. For the purposes of this example, +I'll be using vim. + +---- +vim /etc/httpd/conf/httpd.conf +---- + +This is a relatively large file, so you'll have to scroll for some time +to find what we're looking for. Otherwise, you can use search. Scroll +down until you find a section that looks like + +---- +# +# Listen: Allows you to bind Apache to specific IP addresses and/or +# ports, in addition to the default. See also the +# directive. +# +# Change this to Listen on specific IP addresses as shown below to +# prevent Apache from glomming onto all bound IP addresses (0.0.0.0) +# +# Listen 12.34.56.78:80 +# +Listen 80 +---- + +Depending on your needs, whatever ports you need, add "Listen " in this +section. If for instance you need httpd to listen for an ssl (https) encrypted +connection, you can add + +---- +Listen 443 +---- + +Once you've made the changes you want, save and close the file and run the +command + +---- +/etc/init.d/httpd restart +---- + +That's all there is to it! Now for lunch. + + +Category:Apache + + +// vim: set syntax=asciidoc: diff --git a/src/Apache:Listening_Port.ascii b/src/Apache:Listening_Port.ascii deleted file mode 100644 index e7281f1..0000000 --- a/src/Apache:Listening_Port.ascii +++ /dev/null @@ -1,60 +0,0 @@ -Apache:Listening Port -======================== -:author: Aaron Ball -:email: nullspoon@iohq.net - - -== {doctitle} - -I recently had a web server behind a load balancer that needed to listen on a -different port because the load balancer was translating port 80 traffic for -security. Thankfully, changing the ports that HTTPd listens on is relatively -simple. - -Crack open your favorite command line editor. For the purposes of this example, -I'll be using vim. - ----- -vim /etc/httpd/conf/httpd.conf ----- - -This is a relatively large file, so you'll have to scroll for some time -to find what we're looking for. Otherwise, you can use search. Scroll -down until you find a section that looks like - ----- -# -# Listen: Allows you to bind Apache to specific IP addresses and/or -# ports, in addition to the default. See also the -# directive. -# -# Change this to Listen on specific IP addresses as shown below to -# prevent Apache from glomming onto all bound IP addresses (0.0.0.0) -# -# Listen 12.34.56.78:80 -# -Listen 80 ----- - -Depending on your needs, whatever ports you need, add "Listen " in this -section. If for instance you need httpd to listen for an ssl (https) encrypted -connection, you can add - ----- -Listen 443 ----- - -Once you've made the changes you want, save and close the file and run the -command - ----- -/etc/init.d/httpd restart ----- - -That's all there is to it! Now for lunch. - - -Category:Apache - - -// vim: set syntax=asciidoc: diff --git a/src/Attached_Devices_and_VPS_(OpenVZ_and_Virtuozzo).adoc b/src/Attached_Devices_and_VPS_(OpenVZ_and_Virtuozzo).adoc new file mode 100644 index 0000000..93c668d --- /dev/null +++ b/src/Attached_Devices_and_VPS_(OpenVZ_and_Virtuozzo).adoc @@ -0,0 +1,21 @@ +Attached Devices and VPS (OpenVZ and Virtuozzo) +=============================================== +:author: Aaron Ball +:email: nullspoon@iohq.net + + +== {doctitle} + +*Note to self:* When hosting on a VPS using OpenVZ or Virtuozzo, to list +attached devices and their mount points, "fdisk -l" doesn't work ("cannot open +/proc/partitions") and "/proc/partitions" doesn't exist. To list all mount +points, run *df -h* : lists all drives and their free space + +/etc/fstab still works as it should. + + +Category:Linux +Category:Virtualization + + +// vim: set syntax=asciidoc: diff --git a/src/Attached_Devices_and_VPS_(OpenVZ_and_Virtuozzo).ascii b/src/Attached_Devices_and_VPS_(OpenVZ_and_Virtuozzo).ascii deleted file mode 100644 index 93c668d..0000000 --- a/src/Attached_Devices_and_VPS_(OpenVZ_and_Virtuozzo).ascii +++ /dev/null @@ -1,21 +0,0 @@ -Attached Devices and VPS (OpenVZ and Virtuozzo) -=============================================== -:author: Aaron Ball -:email: nullspoon@iohq.net - - -== {doctitle} - -*Note to self:* When hosting on a VPS using OpenVZ or Virtuozzo, to list -attached devices and their mount points, "fdisk -l" doesn't work ("cannot open -/proc/partitions") and "/proc/partitions" doesn't exist. To list all mount -points, run *df -h* : lists all drives and their free space - -/etc/fstab still works as it should. - - -Category:Linux -Category:Virtualization - - -// vim: set syntax=asciidoc: diff --git a/src/Backing_up_a_Server_Remotely_Using_Minimal_Bandwidth.adoc b/src/Backing_up_a_Server_Remotely_Using_Minimal_Bandwidth.adoc new file mode 100644 index 0000000..1b1e944 --- /dev/null +++ b/src/Backing_up_a_Server_Remotely_Using_Minimal_Bandwidth.adoc @@ -0,0 +1,66 @@ +Backing up a Server Remotely Using Minimal Bandwidth +==================================================== +:author: Aaron Ball +:email: nullspoon@iohq.net + +The server that runs this website (and a lot of others) also runs a lot of +other services such as an IRC server, a Jabber server, NGINX (of course), and +various other things. I like to take a lot of backups, especially since I'm not +the best person in the area of security. With that, my old way of backing my my +server was relatively painful. I had a script that tarred and compressed each +service directory individually and move it to a secure location on my web +server for download. After download, the script would remove the backup, and +continue to the next. + +The problem with this method is that it consumes a lot of bandwidth and time. +By the time I have downloaded everything, I have used up several gigabytes of +bandwidth. I don't mind so much about the bandwidth though. What's important +is the time and interraction it takes. + + +[[enter-the-light-bulb...]] +== Enter the Light Bulb... + +I've been using rsync for some time now to mirror my laptop to my server +at home. For some reason, it never occurred to me to use rsync with a +private key to log in to my server and download the deltas to my local +machine. If I want a single compressed tar file for a backup, all I have +to do is backup my local server's copy of everything rather than doing +it on my web server and downloading that. Ending this already too long +blog post on this simple topic, here's the rsync command I'm using... + +---- +sync -avP --delete --chmod=g+rx --rsh="ssh -p1234 -i ~/.ssh/id_rsa.pdeb.user" user@server.net:/dir1 /home/server/dir1 +---- + + +[[a-quick-explanation]] +== A Quick Explanation + +* *rsync -avP* uses default rsync settings (-a), specifies verbose mode +(-v) and sets rsync to display its progress on each individual file as it goes +(-P). + +* *--delete* option, rsync will delete files on the destination if they +deleted on the source (this isn't default). + +* *--chmod=g+rx* sets the group settings on the destination to group +with read and write. This is handy if you want to access the backups from +another account that doesn't have access on the server too. This switch is not +necessary. + +* *--rsh="ssh -p1234 -i ~/.ssh/id_rsa.user"* specifies a custom port to +connect on (port 1234 in this case) and specifies a private key to use when +attempting to log in. + +* *user@server.net:dir1 /home/server/dir1* is the host (server) to +connect to along with the user to try (user), the source directory (:/dir) and +the destination directory (/home/server/dir1). + + +Category:Linux +Category:Backups +Category:SSH + + +// vim: set syntax=asciidoc: diff --git a/src/Backing_up_a_Server_Remotely_Using_Minimal_Bandwidth.ascii b/src/Backing_up_a_Server_Remotely_Using_Minimal_Bandwidth.ascii deleted file mode 100644 index 1b1e944..0000000 --- a/src/Backing_up_a_Server_Remotely_Using_Minimal_Bandwidth.ascii +++ /dev/null @@ -1,66 +0,0 @@ -Backing up a Server Remotely Using Minimal Bandwidth -==================================================== -:author: Aaron Ball -:email: nullspoon@iohq.net - -The server that runs this website (and a lot of others) also runs a lot of -other services such as an IRC server, a Jabber server, NGINX (of course), and -various other things. I like to take a lot of backups, especially since I'm not -the best person in the area of security. With that, my old way of backing my my -server was relatively painful. I had a script that tarred and compressed each -service directory individually and move it to a secure location on my web -server for download. After download, the script would remove the backup, and -continue to the next. - -The problem with this method is that it consumes a lot of bandwidth and time. -By the time I have downloaded everything, I have used up several gigabytes of -bandwidth. I don't mind so much about the bandwidth though. What's important -is the time and interraction it takes. - - -[[enter-the-light-bulb...]] -== Enter the Light Bulb... - -I've been using rsync for some time now to mirror my laptop to my server -at home. For some reason, it never occurred to me to use rsync with a -private key to log in to my server and download the deltas to my local -machine. If I want a single compressed tar file for a backup, all I have -to do is backup my local server's copy of everything rather than doing -it on my web server and downloading that. Ending this already too long -blog post on this simple topic, here's the rsync command I'm using... - ----- -sync -avP --delete --chmod=g+rx --rsh="ssh -p1234 -i ~/.ssh/id_rsa.pdeb.user" user@server.net:/dir1 /home/server/dir1 ----- - - -[[a-quick-explanation]] -== A Quick Explanation - -* *rsync -avP* uses default rsync settings (-a), specifies verbose mode -(-v) and sets rsync to display its progress on each individual file as it goes -(-P). - -* *--delete* option, rsync will delete files on the destination if they -deleted on the source (this isn't default). - -* *--chmod=g+rx* sets the group settings on the destination to group -with read and write. This is handy if you want to access the backups from -another account that doesn't have access on the server too. This switch is not -necessary. - -* *--rsh="ssh -p1234 -i ~/.ssh/id_rsa.user"* specifies a custom port to -connect on (port 1234 in this case) and specifies a private key to use when -attempting to log in. - -* *user@server.net:dir1 /home/server/dir1* is the host (server) to -connect to along with the user to try (user), the source directory (:/dir) and -the destination directory (/home/server/dir1). - - -Category:Linux -Category:Backups -Category:SSH - - -// vim: set syntax=asciidoc: diff --git a/src/Bash:Lesser_Known_Bits.adoc b/src/Bash:Lesser_Known_Bits.adoc new file mode 100644 index 0000000..859da71 --- /dev/null +++ b/src/Bash:Lesser_Known_Bits.adoc @@ -0,0 +1,139 @@ +Bash:Lesser Known Bits +====================== +:author: Aaron Ball +:email: nullspoon@iohq.net + +== {doctitle} + +I won't lie, bash is my shell of choice (as if that's not obvious). Sure, the +ability to handle arrow keys, a command history, colors, and escape sequences +for terminal formatting are all great pieces, but most other shells can do +those things as well. What really makes bash stand out? There's a pretty good +list of things that are lesser known but are super useful, albeit not always +often though. All of these are well documented in the bash man page, but that +one is not exactly easy to find stuff in unless you know what you're looking +for. Running it through the wc command, the bash man page apparently has 41,452 +words. All that aside though, this is a list of some lesser known things I use +occasionally (about once a week-ish) from our friend bash. + + +[[one-liner-loops]] +== One-liner Loops + +This is one that is supported by most if not all of the other shells out there, +but it is still super useful and I don't see it used often. A one-liner loop is +effectively a very short (one line in fact) script used to perform a small +number of operations (it gets confusing if you do too many) in bulk. A good +example here is with a server environment of any size greater than I'd say two. +I frequently need to check lots of servers for something, be it the existence +of a file, the status of a file in comparison with a local copy (diffs), bulk +modifying remote files using sed, etc. + +Recently though, I needed to verify the installed version of sudo +specifically on a list of about 50 servers. I sent the list of servers +to a text file, one server per line, and did the following and had my +answer within about 30 seconds (it takes a few hundred milliseconds for +ssh connections to establish on our atrociou...er...awesome network). + +---- +for i in $(cat ./servers.list); do echo $i; ssh user@$i 'sudo -V | grep "I/O plugin version"'; done +---- + +Presto! A big list of sudo versions across the entire environment. + + +[[process-substitution]] +== Process Substitution + +This one is really great. Some commands require one or more file paths +to do what they need to do. A good example is diff. The diff command +requires two file path parameters: file a and file b. What if you want +to diff the outputs of two remote files though? Using process +substitution, we can cat out a remote file using the typical command, ++ssh user@server 'cat /etc/something'+, and have the output +go to a local temp file for the life of the command calling it so we +have something to work on. For example... + +---- +diff /etc/something <(ssh user@server 'cat /etc/something') +---- + +What we have here is a diff of the local /etc/something file and the remote +/etc/something. The ssh connection string is encapsulated in a +<()+. This is +the process substitution. This doesn't just work with remote files though. Say +for instance you wanted to diff the contents of a directory on a local system +and a remote system. Here's how you'd do that. + +... or comparing the output of two remote commands... + +---- +diff <(ls -1 /var/log/) <(ssh user@server 'ls -1 /var/log/') +---- + +Here we used process substitution to write the output of +ls -l /var/log+ to a +temp file, then write the output of the same command run on another system over +ssh to yet another temp file, then we use diff as usual to show us what is +different. If you really wanted to get crazy, you could throw this into a bash +one-liner loop and run the diff on multiple systems. + + +[[brace-expansion]] +== Brace Expansion + +Brace expansion is really neat and I think super handy. This is the one I don't +have a lot of use for though. It gets used about once every few scripts or +about once or twice a month. Brace expansion is effectively on-the-fly array +loops for commands. For a simple example, say you wanted to create three +directories: dev, test, and prod. To create these without brace expansion, +you'd have to run _mkdir_ three times. With brace expansion, you can do this + +---- +mkdir {dev,test,prod} +---- + +That's cool, but what's REALLY cool is that you can use this with nested +directories. Say for isntance we are creating a small (and poorly designed) dev +environment. Inside of each we want the directories bin, etc, lib, var (we're +just making 'em up now). Here's how you'd do that in one command + +---- +mkdir {dev,test,prod}/{bin,etc,lib,var} +---- + +That is the equivelant of mkdir dev/bin +mkdir dev/etc mkdir dev/lib mkdir dev/var mkdir test/bin mkdir test/etc +mkdir test/lib mkdir test/var mkdir prod/bin mkdir prod/etc mkdir +prod/lib mkdir prod/var + +Another application for this is if you want to cat out a big list of +specific files without catting out the entire directory (I did this one +earlier this morning actually). Say you have 20 files called +*list.* (0-19) and you want to cat out numbers 1-9. Now, there are +a lot of ways to do this of course, but this is how you can do it with +brace expansion. + +---- +cat list.{1,2,3,4,5,6,7,8,9} +---- + +...or even shorter... + +---- +cat list.{1..9} +---- + +Those are the equivelant of + +---- +cat list.1 list.2 list.3 list.4 list.5 list.6 list.7 list.8 list.9 +---- + +How's that for time saving. + + +Category:Bash +Category:Shells +Category:Linux + + +// vim: set syntax=asciidoc: diff --git a/src/Bash:Lesser_Known_Bits.ascii b/src/Bash:Lesser_Known_Bits.ascii deleted file mode 100644 index 859da71..0000000 --- a/src/Bash:Lesser_Known_Bits.ascii +++ /dev/null @@ -1,139 +0,0 @@ -Bash:Lesser Known Bits -====================== -:author: Aaron Ball -:email: nullspoon@iohq.net - -== {doctitle} - -I won't lie, bash is my shell of choice (as if that's not obvious). Sure, the -ability to handle arrow keys, a command history, colors, and escape sequences -for terminal formatting are all great pieces, but most other shells can do -those things as well. What really makes bash stand out? There's a pretty good -list of things that are lesser known but are super useful, albeit not always -often though. All of these are well documented in the bash man page, but that -one is not exactly easy to find stuff in unless you know what you're looking -for. Running it through the wc command, the bash man page apparently has 41,452 -words. All that aside though, this is a list of some lesser known things I use -occasionally (about once a week-ish) from our friend bash. - - -[[one-liner-loops]] -== One-liner Loops - -This is one that is supported by most if not all of the other shells out there, -but it is still super useful and I don't see it used often. A one-liner loop is -effectively a very short (one line in fact) script used to perform a small -number of operations (it gets confusing if you do too many) in bulk. A good -example here is with a server environment of any size greater than I'd say two. -I frequently need to check lots of servers for something, be it the existence -of a file, the status of a file in comparison with a local copy (diffs), bulk -modifying remote files using sed, etc. - -Recently though, I needed to verify the installed version of sudo -specifically on a list of about 50 servers. I sent the list of servers -to a text file, one server per line, and did the following and had my -answer within about 30 seconds (it takes a few hundred milliseconds for -ssh connections to establish on our atrociou...er...awesome network). - ----- -for i in $(cat ./servers.list); do echo $i; ssh user@$i 'sudo -V | grep "I/O plugin version"'; done ----- - -Presto! A big list of sudo versions across the entire environment. - - -[[process-substitution]] -== Process Substitution - -This one is really great. Some commands require one or more file paths -to do what they need to do. A good example is diff. The diff command -requires two file path parameters: file a and file b. What if you want -to diff the outputs of two remote files though? Using process -substitution, we can cat out a remote file using the typical command, -+ssh user@server 'cat /etc/something'+, and have the output -go to a local temp file for the life of the command calling it so we -have something to work on. For example... - ----- -diff /etc/something <(ssh user@server 'cat /etc/something') ----- - -What we have here is a diff of the local /etc/something file and the remote -/etc/something. The ssh connection string is encapsulated in a +<()+. This is -the process substitution. This doesn't just work with remote files though. Say -for instance you wanted to diff the contents of a directory on a local system -and a remote system. Here's how you'd do that. - -... or comparing the output of two remote commands... - ----- -diff <(ls -1 /var/log/) <(ssh user@server 'ls -1 /var/log/') ----- - -Here we used process substitution to write the output of +ls -l /var/log+ to a -temp file, then write the output of the same command run on another system over -ssh to yet another temp file, then we use diff as usual to show us what is -different. If you really wanted to get crazy, you could throw this into a bash -one-liner loop and run the diff on multiple systems. - - -[[brace-expansion]] -== Brace Expansion - -Brace expansion is really neat and I think super handy. This is the one I don't -have a lot of use for though. It gets used about once every few scripts or -about once or twice a month. Brace expansion is effectively on-the-fly array -loops for commands. For a simple example, say you wanted to create three -directories: dev, test, and prod. To create these without brace expansion, -you'd have to run _mkdir_ three times. With brace expansion, you can do this - ----- -mkdir {dev,test,prod} ----- - -That's cool, but what's REALLY cool is that you can use this with nested -directories. Say for isntance we are creating a small (and poorly designed) dev -environment. Inside of each we want the directories bin, etc, lib, var (we're -just making 'em up now). Here's how you'd do that in one command - ----- -mkdir {dev,test,prod}/{bin,etc,lib,var} ----- - -That is the equivelant of mkdir dev/bin -mkdir dev/etc mkdir dev/lib mkdir dev/var mkdir test/bin mkdir test/etc -mkdir test/lib mkdir test/var mkdir prod/bin mkdir prod/etc mkdir -prod/lib mkdir prod/var - -Another application for this is if you want to cat out a big list of -specific files without catting out the entire directory (I did this one -earlier this morning actually). Say you have 20 files called -*list.* (0-19) and you want to cat out numbers 1-9. Now, there are -a lot of ways to do this of course, but this is how you can do it with -brace expansion. - ----- -cat list.{1,2,3,4,5,6,7,8,9} ----- - -...or even shorter... - ----- -cat list.{1..9} ----- - -Those are the equivelant of - ----- -cat list.1 list.2 list.3 list.4 list.5 list.6 list.7 list.8 list.9 ----- - -How's that for time saving. - - -Category:Bash -Category:Shells -Category:Linux - - -// vim: set syntax=asciidoc: diff --git a/src/Benchmarks:Toshiba_Canvio_Slim.adoc b/src/Benchmarks:Toshiba_Canvio_Slim.adoc new file mode 100644 index 0000000..9651cc5 --- /dev/null +++ b/src/Benchmarks:Toshiba_Canvio_Slim.adoc @@ -0,0 +1,60 @@ +Benchmarks:Toshiba Canvio Slim +============================== +:author: Aaron Ball +:email: nullspoon@iohq.net + + +== {doctitle} + +If you're considering purchasing an external hard drive, :Category:Benchmarks[ +these benchmarks] should hopefully help clear up some questions you might have. +In this post, I benchmark my http://www.toshiba.com/us/canvio-slim[Toshiba +Canvio Slim] hard drive. I've been using this drive for about a year now and +it has performed well for me. It has even taken a drop while it was plugged in +(it disconnected from the cable even). Here are the IO metrics from the great +https://www.gnu.org/[GNU] utility, dd + +image:files/Toshiba_Canvio_Slim.png[height=300] + +* *Manufacturer*: http://www.toshiba.com/us/[Toshiba] +* *Name*: http://www.toshiba.com/us/canvio-slim[Canvio Slim] +* *Made in*: Philippines +* *Size*: 500GB +* *Interface*: USB 3.0/2.0 +* *Average Write Speed*: 99.0 MB/s +* *Average Read Speed*: 93.5 MB/s + +[[benchmarks]] +=== Benchmarks + +[[usb3-devzero-write]] +==== USB3 /dev/zero Write + +Writing 16 gigabytes of zeros. + +---- +dd if=/dev/zero of=/dev/sdc bs=1M count=16384 +16384+0 records in +16384+0 records out +17179869184 bytes (17 GB) copied, 173.495 s, 99.0 MB/s +---- + + +[[usb3-read-to-devnull]] +==== USB3 Read to /dev/null + +Reading 16 gigabytes to /dev/null. + +---- +dd if=/dev/sdc of=/dev/null bs=1M count=16384 +16384+0 records in +16384+0 records out +17179869184 bytes (17 GB) copied, 183.838 s, 93.5 MB/s +---- + +Category:Hard_Drives +Category:Benchmarks +Category:Toshiba + + +// vim: set syntax=asciidoc: diff --git a/src/Benchmarks:Toshiba_Canvio_Slim.ascii b/src/Benchmarks:Toshiba_Canvio_Slim.ascii deleted file mode 100644 index 9651cc5..0000000 --- a/src/Benchmarks:Toshiba_Canvio_Slim.ascii +++ /dev/null @@ -1,60 +0,0 @@ -Benchmarks:Toshiba Canvio Slim -============================== -:author: Aaron Ball -:email: nullspoon@iohq.net - - -== {doctitle} - -If you're considering purchasing an external hard drive, :Category:Benchmarks[ -these benchmarks] should hopefully help clear up some questions you might have. -In this post, I benchmark my http://www.toshiba.com/us/canvio-slim[Toshiba -Canvio Slim] hard drive. I've been using this drive for about a year now and -it has performed well for me. It has even taken a drop while it was plugged in -(it disconnected from the cable even). Here are the IO metrics from the great -https://www.gnu.org/[GNU] utility, dd - -image:files/Toshiba_Canvio_Slim.png[height=300] - -* *Manufacturer*: http://www.toshiba.com/us/[Toshiba] -* *Name*: http://www.toshiba.com/us/canvio-slim[Canvio Slim] -* *Made in*: Philippines -* *Size*: 500GB -* *Interface*: USB 3.0/2.0 -* *Average Write Speed*: 99.0 MB/s -* *Average Read Speed*: 93.5 MB/s - -[[benchmarks]] -=== Benchmarks - -[[usb3-devzero-write]] -==== USB3 /dev/zero Write - -Writing 16 gigabytes of zeros. - ----- -dd if=/dev/zero of=/dev/sdc bs=1M count=16384 -16384+0 records in -16384+0 records out -17179869184 bytes (17 GB) copied, 173.495 s, 99.0 MB/s ----- - - -[[usb3-read-to-devnull]] -==== USB3 Read to /dev/null - -Reading 16 gigabytes to /dev/null. - ----- -dd if=/dev/sdc of=/dev/null bs=1M count=16384 -16384+0 records in -16384+0 records out -17179869184 bytes (17 GB) copied, 183.838 s, 93.5 MB/s ----- - -Category:Hard_Drives -Category:Benchmarks -Category:Toshiba - - -// vim: set syntax=asciidoc: diff --git a/src/Benchmarks:WD_Elements.adoc b/src/Benchmarks:WD_Elements.adoc new file mode 100644 index 0000000..ac3b128 --- /dev/null +++ b/src/Benchmarks:WD_Elements.adoc @@ -0,0 +1,115 @@ +Benchmarks:WD Elements +====================== +:author: Aaron Ball +:email: nullspoon@iohq.net + +== Benchmarks:WD Elements + +For my work computer, I installed https://archlinux.org[Arch Linux] on an +external USB hard drive. My idea behind that is that if I'm ever working from +home and forget to bring my charger with me, I can just plug the drive into +another computer and I'm back up and running. So far it's worked great. A few +months back though, I dropped the drive while it was running and while it was +surprisingly okay (despite being read-only until reboot), it was a bit slower. +I would assume a head crash, but thus far I have noticed no data corruption. + +All that said, I want to get another drive that I can mirror with (software +raid 1 anybody?), just in case something happens. I've been hunting around +online for the last few days and have found it to be impressively difficult to +find real specs on external USB hard drives. Sure, you can get that it's USB3 +and maybe even its rpm, but you're almost guaranteed not to find cache size or +even what drive is inside the enclosure, metrics I consider to be very +important. That's why I've decided to post the IO metrics for this drive. +Hopefully someone will find these metrics useful. + +image:files/WD_Elements.jpg[height=300] + +* *Manufacturer*: http://www.wdc.com/en/[Western Digital] +* *Name*: Elements +* *Made in*: Malaysia +* *Size*: 1TB +* *Interface*: USB 3.0/2.0 +* *Average Write Speed*: 104 MB/s +* *Average Read Speed*: 107 MB/s + + +[[benchmarks]] +=== Benchmarks + +[[usb3-devzero-write]] +==== USB3 /dev/zero Write + +The fastest place I can think of to get data from and avoid any bottlenecks +outside of the drive is to write from /dev/zero. The amount of processing power +that goes into writing all zeros __is insignificant next to the power of the +force__...er...reading data from another drive, potentially introducing more +bottlenecks and not getting good measurements. Let us begin... + +---- +dd if=/dev/zero of=/dev/sdc bs=1M count=8192 +8191+1 records in +8191+1 records out +8589131776 bytes (8.6 GB) copied, 82.9999 s, 103 MB/s +---- + +Double the amount of data being written... + +---- +dd if=/dev/zero of=/dev/sdc bs=1M count=16384 +16384+0 records in +16384+0 records out +17179869184 bytes (17 GB) copied, 161.13 s, 107 MB/s +---- + +Looks like overall this drive consistently averages just over 100 MB/s plugged +in to USB3. + + +[[usb3-read-to-devnull]] +==== USB3 Read to /dev/null + +Here we're basically doing the same as writing from /dev/zero, but instead +we're reading verbatim the first _x_ consecutive number of bytes and sending +them to a device that literally can't be a bottleneck: /dev/null. It's like +sending dead satellites floating into space +(https://www.youtube.com/watch?v=rWVGupqvCL8[spaaaaacce]) instead of spending +the time to land them (if they don't burn up) and disassembling. If I had to +pick somewhere to send something fast where there wouldn't be any bottlenecks, +the vast void of space is where I'd send it - that is equivelant to /dev/null. +Not a great analogy, I know, but honestly, I just wanted to reference +https://www.youtube.com/watch?v=rWVGupqvCL8[that Portal] video. + +---- +dd if=/dev/sdc of=/dev/null bs=1M count=8192 +8192+0 records in +8192+0 records out +8589934592 bytes (8.6 GB) copied, 80.5907 s, 107 MB/s +---- + + +[[conclusion]] +=== Conclusion + +* **Average write speed**: 104 MBps (832 Mbps = .832 Gbps) +* **Average read speed**: 107 MBps (856 Mbps = .856 Gbps) + +Overall I'd say this drive is okay. As mentioned, the maximum speed of the +https://en.wikipedia.org/wiki/USB_3.0[USB3 spec] is 5 Gbps and this is getting +just shy of 1/5 that. I won't balk at that because a 100 megabytes per second +transfer rate is still pretty impressive for an external hard drive (that's +838,860,800 bits per second!). + +One final thing to note, I ran these benchmarks on two systems, my laptop and +my server, to make sure the USB3 port, processor, bus, etc. weren't themselves +bottlenecks. The transfer rates were nearly identical (insignificantly +different). + + +Category:Western_Digital + +Category:Hard_Drives + +Category:Benchmarks + + +// vim: set syntax=asciidoc: diff --git a/src/Benchmarks:WD_Elements.ascii b/src/Benchmarks:WD_Elements.ascii deleted file mode 100644 index ac3b128..0000000 --- a/src/Benchmarks:WD_Elements.ascii +++ /dev/null @@ -1,115 +0,0 @@ -Benchmarks:WD Elements -====================== -:author: Aaron Ball -:email: nullspoon@iohq.net - -== Benchmarks:WD Elements - -For my work computer, I installed https://archlinux.org[Arch Linux] on an -external USB hard drive. My idea behind that is that if I'm ever working from -home and forget to bring my charger with me, I can just plug the drive into -another computer and I'm back up and running. So far it's worked great. A few -months back though, I dropped the drive while it was running and while it was -surprisingly okay (despite being read-only until reboot), it was a bit slower. -I would assume a head crash, but thus far I have noticed no data corruption. - -All that said, I want to get another drive that I can mirror with (software -raid 1 anybody?), just in case something happens. I've been hunting around -online for the last few days and have found it to be impressively difficult to -find real specs on external USB hard drives. Sure, you can get that it's USB3 -and maybe even its rpm, but you're almost guaranteed not to find cache size or -even what drive is inside the enclosure, metrics I consider to be very -important. That's why I've decided to post the IO metrics for this drive. -Hopefully someone will find these metrics useful. - -image:files/WD_Elements.jpg[height=300] - -* *Manufacturer*: http://www.wdc.com/en/[Western Digital] -* *Name*: Elements -* *Made in*: Malaysia -* *Size*: 1TB -* *Interface*: USB 3.0/2.0 -* *Average Write Speed*: 104 MB/s -* *Average Read Speed*: 107 MB/s - - -[[benchmarks]] -=== Benchmarks - -[[usb3-devzero-write]] -==== USB3 /dev/zero Write - -The fastest place I can think of to get data from and avoid any bottlenecks -outside of the drive is to write from /dev/zero. The amount of processing power -that goes into writing all zeros __is insignificant next to the power of the -force__...er...reading data from another drive, potentially introducing more -bottlenecks and not getting good measurements. Let us begin... - ----- -dd if=/dev/zero of=/dev/sdc bs=1M count=8192 -8191+1 records in -8191+1 records out -8589131776 bytes (8.6 GB) copied, 82.9999 s, 103 MB/s ----- - -Double the amount of data being written... - ----- -dd if=/dev/zero of=/dev/sdc bs=1M count=16384 -16384+0 records in -16384+0 records out -17179869184 bytes (17 GB) copied, 161.13 s, 107 MB/s ----- - -Looks like overall this drive consistently averages just over 100 MB/s plugged -in to USB3. - - -[[usb3-read-to-devnull]] -==== USB3 Read to /dev/null - -Here we're basically doing the same as writing from /dev/zero, but instead -we're reading verbatim the first _x_ consecutive number of bytes and sending -them to a device that literally can't be a bottleneck: /dev/null. It's like -sending dead satellites floating into space -(https://www.youtube.com/watch?v=rWVGupqvCL8[spaaaaacce]) instead of spending -the time to land them (if they don't burn up) and disassembling. If I had to -pick somewhere to send something fast where there wouldn't be any bottlenecks, -the vast void of space is where I'd send it - that is equivelant to /dev/null. -Not a great analogy, I know, but honestly, I just wanted to reference -https://www.youtube.com/watch?v=rWVGupqvCL8[that Portal] video. - ----- -dd if=/dev/sdc of=/dev/null bs=1M count=8192 -8192+0 records in -8192+0 records out -8589934592 bytes (8.6 GB) copied, 80.5907 s, 107 MB/s ----- - - -[[conclusion]] -=== Conclusion - -* **Average write speed**: 104 MBps (832 Mbps = .832 Gbps) -* **Average read speed**: 107 MBps (856 Mbps = .856 Gbps) - -Overall I'd say this drive is okay. As mentioned, the maximum speed of the -https://en.wikipedia.org/wiki/USB_3.0[USB3 spec] is 5 Gbps and this is getting -just shy of 1/5 that. I won't balk at that because a 100 megabytes per second -transfer rate is still pretty impressive for an external hard drive (that's -838,860,800 bits per second!). - -One final thing to note, I ran these benchmarks on two systems, my laptop and -my server, to make sure the USB3 port, processor, bus, etc. weren't themselves -bottlenecks. The transfer rates were nearly identical (insignificantly -different). - - -Category:Western_Digital - -Category:Hard_Drives - -Category:Benchmarks - - -// vim: set syntax=asciidoc: diff --git a/src/Blog_Resurrection.adoc b/src/Blog_Resurrection.adoc new file mode 100644 index 0000000..7a822dd --- /dev/null +++ b/src/Blog_Resurrection.adoc @@ -0,0 +1,48 @@ +Blog Ressurection +================= +:author: Aaron Ball +:email: nullspoon@iohq.net + +Hello all, + +A few months back I moved jobs. At my last job (as you all well know from this +blog), I was a server administrator and .Net programmer on the side. At the new +job, I was hired primarily as a web developer (PHP, JavaScript, Joomla dev, +etc.). Naturally, because of the position change, I was no longer doing server +administration and consequentially had nothing new to post on this blog. + +That has changed now. The company I now work for didn't have much of a server +infrastructure (a non-server edition mac that stored files), so they asked me +to design and build a new one. + +All that being said, I now have new content to post here. You Linux users will +be happy to hear that I am now using Linux for some of our servers (virtual +host and file server). To you Windows users, I will be building an Exchange +server, terminal server, and a backup server (this might be done on Linux +though). Most likely things in that list will be shifted around a bit in the +next two or so weeks so please bare with me. + +Some of the technologies I will be using in the upcoming posts will be + +* Windows Small Business Server 2008 (x64) +* Ubuntu Server 9.10 +* VMWare Server 2 +* Microsoft Outlook Exchange +* TightVNC +* SSH + +On one final note, I would like to put out a shameless plug for my other blog, +http://timexwebdev.blogspot.com[Musings of a Web Developer]. It covers the +issues and fixes I have found throughout my adventures of coding websites. +Essentially, it's the same thing as this blog but for web development rather +than server administration. + +I look forward to the upcoming comments about how depressing IT work can be +*AHEM*... I, uh, I mean the joys of IT work. Who's kidding though. Everyone +knows that we IT people love our jobs, especially the Dilbert comics that +document our endeavors. + +:P + + +// vim: set syntax=asciidoc: diff --git a/src/Blog_Resurrection.ascii b/src/Blog_Resurrection.ascii deleted file mode 100644 index 7a822dd..0000000 --- a/src/Blog_Resurrection.ascii +++ /dev/null @@ -1,48 +0,0 @@ -Blog Ressurection -================= -:author: Aaron Ball -:email: nullspoon@iohq.net - -Hello all, - -A few months back I moved jobs. At my last job (as you all well know from this -blog), I was a server administrator and .Net programmer on the side. At the new -job, I was hired primarily as a web developer (PHP, JavaScript, Joomla dev, -etc.). Naturally, because of the position change, I was no longer doing server -administration and consequentially had nothing new to post on this blog. - -That has changed now. The company I now work for didn't have much of a server -infrastructure (a non-server edition mac that stored files), so they asked me -to design and build a new one. - -All that being said, I now have new content to post here. You Linux users will -be happy to hear that I am now using Linux for some of our servers (virtual -host and file server). To you Windows users, I will be building an Exchange -server, terminal server, and a backup server (this might be done on Linux -though). Most likely things in that list will be shifted around a bit in the -next two or so weeks so please bare with me. - -Some of the technologies I will be using in the upcoming posts will be - -* Windows Small Business Server 2008 (x64) -* Ubuntu Server 9.10 -* VMWare Server 2 -* Microsoft Outlook Exchange -* TightVNC -* SSH - -On one final note, I would like to put out a shameless plug for my other blog, -http://timexwebdev.blogspot.com[Musings of a Web Developer]. It covers the -issues and fixes I have found throughout my adventures of coding websites. -Essentially, it's the same thing as this blog but for web development rather -than server administration. - -I look forward to the upcoming comments about how depressing IT work can be -*AHEM*... I, uh, I mean the joys of IT work. Who's kidding though. Everyone -knows that we IT people love our jobs, especially the Dilbert comics that -document our endeavors. - -:P - - -// vim: set syntax=asciidoc: diff --git a/src/Btrfs:Balancing.adoc b/src/Btrfs:Balancing.adoc new file mode 100644 index 0000000..c5a60b6 --- /dev/null +++ b/src/Btrfs:Balancing.adoc @@ -0,0 +1,87 @@ +Btrfs:Balancing +=============== +:author: Aaron Ball +:email: nullspoon@iohq.net + +== {doctitle} + +I've been using https://btrfs.wiki.kernel.org[Btrfs] on all of my systems for a +couple of years now. Thus far, it's be surprisingly stable. In those two years +I only had link:Btrfs:RAID_5_Rsync_Freeze[one real issue]. However, today I ran into +a new problem. Now that I know what the issue is, it's hardly a problem, but +hey, semantics. + +For my setup at home, I have a Linux server running all the time which hosts my +backups. My backups are copied via rsync. For security, my home directories on +all systems are encrypted block devices using +https://code.google.com/p/cryptsetup/wiki/DMCrypt[dm-crypt] with a +https://code.google.com/p/cryptsetup/[LUKS header]. To force myself to clean up +my files occasionally, I only give myself some 5 gigs of leeway. If I manage to +remove for example 10 gigs of files, I reduce the size of the filesystem and +block device container so I still only have about 2-5 gigs free (depends on +what I'm doing hobby-wise at the time). This is where my problem with Btrfs +comes in. + + +[[the-really-excitingboring-details]] +== The Really (Exciting|Boring) Details + +This section might be super boring for some or most folks because it talks +about the innards of Btrfs. If you aren't interested, make like a Tatooine +speeder and move along... move along. + +As more storage is needed for the filesystem, chunks of raw storage are +consumed by default 1 gigabyte at a time. As the +https://btrfs.wiki.kernel.org/index.php/SysadminGuide#Data_usage_and_allocation[kernel.org +page] describes, these chunks are used for file data and/or metadata storage. +As more files are written to the filesystem, more metadata chunks are required +to describe the additional files (data to metadata ratios can be specified at +filesystem creation). By default, a metadata chunk cannot be used for data and +a data chunk cannot be used for metadata (kind of - there is a mixed mode which +is tremendously slow on filesystems larger than 1G). On a large storage device +this is fine, but if you are constantly deleting files like me, you may run +into the issue I ran into where the available space value is incorrect because +the various space checking commands check for available _data_ space, not +taking into account metadata. Because I delete so many files so often, there is +a lot of metadata storage that is allocated but is no longer used because the +files that the metadata were describing no longer exist, and thus the metadata +for those files do not either. Consequently, the metadata chunks are no longer +fully used (remember, they are allocated 1 G at a time). Due to the fact that +metadata and data chunks cannot be mixed by default, the underused metadata +chunks just consume storage from the overall available, reducing the amount of +available storage for data. + +_*takes a deep breath*_ + + +[[the-solution]] +== The Solution + +The solution to this issue is called a rebalance (or balance as the btrfs +subcommand is called). What it will do is rewrite all of the data on the given +block device, sending it through the allocator algorithm before being rewritten +to the storage. This will cause the datas' metadata to be reallocated and +rewritten. What results is your metadata being "restacked", potentially causing +you to end up with completely empty 1G metadata chunks, thus freeing that +storage space for data. This isn't a complete analogy, but you can think of +this a [very] little like a defragment and cleanup process for metadata. Here's +the command. + +---- +btrfs balance start /path/to/mount +---- + +If you're interested in metrics, run + +---- +btrfs filesystem df /path/to/mount +---- + +before and after you run the balance and compare your metadata values. + +Category:Btrfs +Category:Linux +Category:Filesystems + + +// vim: set syntax=asciidoc: diff --git a/src/Btrfs:Balancing.ascii b/src/Btrfs:Balancing.ascii deleted file mode 100644 index c5a60b6..0000000 --- a/src/Btrfs:Balancing.ascii +++ /dev/null @@ -1,87 +0,0 @@ -Btrfs:Balancing -=============== -:author: Aaron Ball -:email: nullspoon@iohq.net - -== {doctitle} - -I've been using https://btrfs.wiki.kernel.org[Btrfs] on all of my systems for a -couple of years now. Thus far, it's be surprisingly stable. In those two years -I only had link:Btrfs:RAID_5_Rsync_Freeze[one real issue]. However, today I ran into -a new problem. Now that I know what the issue is, it's hardly a problem, but -hey, semantics. - -For my setup at home, I have a Linux server running all the time which hosts my -backups. My backups are copied via rsync. For security, my home directories on -all systems are encrypted block devices using -https://code.google.com/p/cryptsetup/wiki/DMCrypt[dm-crypt] with a -https://code.google.com/p/cryptsetup/[LUKS header]. To force myself to clean up -my files occasionally, I only give myself some 5 gigs of leeway. If I manage to -remove for example 10 gigs of files, I reduce the size of the filesystem and -block device container so I still only have about 2-5 gigs free (depends on -what I'm doing hobby-wise at the time). This is where my problem with Btrfs -comes in. - - -[[the-really-excitingboring-details]] -== The Really (Exciting|Boring) Details - -This section might be super boring for some or most folks because it talks -about the innards of Btrfs. If you aren't interested, make like a Tatooine -speeder and move along... move along. - -As more storage is needed for the filesystem, chunks of raw storage are -consumed by default 1 gigabyte at a time. As the -https://btrfs.wiki.kernel.org/index.php/SysadminGuide#Data_usage_and_allocation[kernel.org -page] describes, these chunks are used for file data and/or metadata storage. -As more files are written to the filesystem, more metadata chunks are required -to describe the additional files (data to metadata ratios can be specified at -filesystem creation). By default, a metadata chunk cannot be used for data and -a data chunk cannot be used for metadata (kind of - there is a mixed mode which -is tremendously slow on filesystems larger than 1G). On a large storage device -this is fine, but if you are constantly deleting files like me, you may run -into the issue I ran into where the available space value is incorrect because -the various space checking commands check for available _data_ space, not -taking into account metadata. Because I delete so many files so often, there is -a lot of metadata storage that is allocated but is no longer used because the -files that the metadata were describing no longer exist, and thus the metadata -for those files do not either. Consequently, the metadata chunks are no longer -fully used (remember, they are allocated 1 G at a time). Due to the fact that -metadata and data chunks cannot be mixed by default, the underused metadata -chunks just consume storage from the overall available, reducing the amount of -available storage for data. - -_*takes a deep breath*_ - - -[[the-solution]] -== The Solution - -The solution to this issue is called a rebalance (or balance as the btrfs -subcommand is called). What it will do is rewrite all of the data on the given -block device, sending it through the allocator algorithm before being rewritten -to the storage. This will cause the datas' metadata to be reallocated and -rewritten. What results is your metadata being "restacked", potentially causing -you to end up with completely empty 1G metadata chunks, thus freeing that -storage space for data. This isn't a complete analogy, but you can think of -this a [very] little like a defragment and cleanup process for metadata. Here's -the command. - ----- -btrfs balance start /path/to/mount ----- - -If you're interested in metrics, run - ----- -btrfs filesystem df /path/to/mount ----- - -before and after you run the balance and compare your metadata values. - -Category:Btrfs -Category:Linux -Category:Filesystems - - -// vim: set syntax=asciidoc: diff --git a/src/Btrfs:RAID_5_Rsync_Freeze.adoc b/src/Btrfs:RAID_5_Rsync_Freeze.adoc new file mode 100644 index 0000000..bcdcb84 --- /dev/null +++ b/src/Btrfs:RAID_5_Rsync_Freeze.adoc @@ -0,0 +1,91 @@ +Btrfs:RAID 5 Rsync Freeze +========================= +:author: Aaron Ball +:email: nullspoon@iohq.net + + +== {doctitle} + +My server's _/home/_ directory is a btrfs RAID 5, spanning three drives (I did +a blog post about it Btrfs:RAID_Setup[here]). Everything worked fine, until I +used rsync to sync my files from my laptop to my server. At that point, the +sync would go well for a little while and then slow to a crawl. I couldn't +cancel the sync with a ctrl+c. If I could get on my server over ssh, I'd find +that one of my cpus was pegged at 100%. Sometimes though it got so bogged down +I couldn't even get to the server at all. If I were already on the server and I +did a kill -9 on rsync, it'd go defunct. + +I checked my logs after trying to umount /home/ and found... + +---- +Nov 03 12:01:18 zion kernel: device label home devid 1 transid 1173 /dev/sdb +Nov 03 12:01:19 zion kernel: btrfs: disk space caching is enabled +Nov 03 12:11:53 zion kernel: INFO: task umount:1668 blocked for more than 120 seconds. +Nov 03 12:11:53 zion kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. +Nov 03 12:11:53 zion kernel: umount D ffff880037afbc60 0 1668 1653 0x00000000 +Nov 03 12:11:53 zion kernel: ffff880037afbbd0 0000000000000086 0000000000014500 ffff880037afbfd8 +Nov 03 12:11:53 zion kernel: ffff880037afbfd8 0000000000014500 ffff8800aa0caa30 0000000000000010 +Nov 03 12:11:53 zion kernel: 000000000d6fffff ffff880037afbb98 ffffffff8113a911 ffff8800afedb728 +Nov 03 12:11:53 zion kernel: Call Trace: +Nov 03 12:11:53 zion kernel: [] ? free_pcppages_bulk+0x3b1/0x3f0 +Nov 03 12:11:53 zion kernel: [] ? filemap_fdatawait+0x30/0x30 +Nov 03 12:11:53 zion kernel: [] schedule+0x29/0x70 +Nov 03 12:11:53 zion kernel: [] io_schedule+0x8f/0xe0 +Nov 03 12:11:53 zion kernel: [] sleep_on_page+0xe/0x20 +Nov 03 12:11:53 zion kernel: [] __wait_on_bit_lock+0x5b/0xc0 +Nov 03 12:11:53 zion kernel: [] __lock_page+0x6a/0x70 +Nov 03 12:11:53 zion kernel: [] ? wake_atomic_t_function+0x40/0x40 +Nov 03 12:11:53 zion kernel: [] truncate_inode_pages_range+0x613/0x660 +Nov 03 12:11:53 zion kernel: [] truncate_inode_pages+0x15/0x20 +Nov 03 12:11:53 zion kernel: [] btrfs_evict_inode+0x42/0x380 [btrfs] +Nov 03 12:11:53 zion kernel: [] evict+0xb0/0x1b0 +Nov 03 12:11:53 zion kernel: [] dispose_list+0x39/0x50 +Nov 03 12:11:53 zion kernel: [] evict_inodes+0x11c/0x130 +Nov 03 12:11:53 zion kernel: [] generic_shutdown_super+0x48/0xe0 +Nov 03 12:11:53 zion kernel: [] kill_anon_super+0x12/0x20 +Nov 03 12:11:53 zion kernel: [] btrfs_kill_super+0x16/0x90 [btrfs] +Nov 03 12:11:53 zion kernel: [] deactivate_locked_super+0x3d/0x60 +Nov 03 12:11:53 zion kernel: [] deactivate_super+0x46/0x60 +Nov 03 12:11:53 zion kernel: [] mntput_no_expire+0xef/0x150 +Nov 03 12:11:53 zion kernel: [] SyS_umount+0x91/0x3b0 +Nov 03 12:11:53 zion kernel: [] system_call_fastpath+0x1a/0x1f +---- + +The only way to solve the problem was to perform a restart. After that, the +problem would come back as soon as I started rsync again. + + +[[the-solution]] +== The Solution + +I hunted around for a while until I finally just searched for the name of the +pegged process, **btrfs-endio-wri**, and cpu time. It turns out, the btrfs +folks have https://btrfs.wiki.kernel.org/index.php/Gotchas[a page] detailing a +list of current "gotchas" btrfs has. This issue was one of them. They describe +it as 
 Files with a lot of random writes can become heavily fragmented
+(10000+ extents) causing trashing on HDDs and excessive multi-second spikes of
+CPU load on systems with an SSD or large amount a RAM. ... Symptoms include
+btrfs-transacti and btrfs-endio-wri taking up a lot of CPU time (in spikes,
+possibly triggered by syncs). You can use filefrag to locate heavily fragmented
+files.
+ +One of the best parts of rsync is that is syncs deltas instead of resyncing the +entire file. What does that result in? Lots of little random writes. Sounds +like a match to me. + +**To fix this**, I defragged all of /home/ (with _compression=lzo_ of course :) +), and remounted using the *autodefrag* option. + +Now I can run rsync with no problems. + +One last thing to note. Their gotchas page says that once they've worked out a +few potential kinks with the autodefrag mount option, they'll make it the +default, which should prevent this from being an issue in future versions. + +Category:Linux +Category:Btrfs +Category:Storage +Category:RAID + + +// vim: set syntax=asciidoc: diff --git a/src/Btrfs:RAID_5_Rsync_Freeze.ascii b/src/Btrfs:RAID_5_Rsync_Freeze.ascii deleted file mode 100644 index bcdcb84..0000000 --- a/src/Btrfs:RAID_5_Rsync_Freeze.ascii +++ /dev/null @@ -1,91 +0,0 @@ -Btrfs:RAID 5 Rsync Freeze -========================= -:author: Aaron Ball -:email: nullspoon@iohq.net - - -== {doctitle} - -My server's _/home/_ directory is a btrfs RAID 5, spanning three drives (I did -a blog post about it Btrfs:RAID_Setup[here]). Everything worked fine, until I -used rsync to sync my files from my laptop to my server. At that point, the -sync would go well for a little while and then slow to a crawl. I couldn't -cancel the sync with a ctrl+c. If I could get on my server over ssh, I'd find -that one of my cpus was pegged at 100%. Sometimes though it got so bogged down -I couldn't even get to the server at all. If I were already on the server and I -did a kill -9 on rsync, it'd go defunct. - -I checked my logs after trying to umount /home/ and found... - ----- -Nov 03 12:01:18 zion kernel: device label home devid 1 transid 1173 /dev/sdb -Nov 03 12:01:19 zion kernel: btrfs: disk space caching is enabled -Nov 03 12:11:53 zion kernel: INFO: task umount:1668 blocked for more than 120 seconds. -Nov 03 12:11:53 zion kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. -Nov 03 12:11:53 zion kernel: umount D ffff880037afbc60 0 1668 1653 0x00000000 -Nov 03 12:11:53 zion kernel: ffff880037afbbd0 0000000000000086 0000000000014500 ffff880037afbfd8 -Nov 03 12:11:53 zion kernel: ffff880037afbfd8 0000000000014500 ffff8800aa0caa30 0000000000000010 -Nov 03 12:11:53 zion kernel: 000000000d6fffff ffff880037afbb98 ffffffff8113a911 ffff8800afedb728 -Nov 03 12:11:53 zion kernel: Call Trace: -Nov 03 12:11:53 zion kernel: [] ? free_pcppages_bulk+0x3b1/0x3f0 -Nov 03 12:11:53 zion kernel: [] ? filemap_fdatawait+0x30/0x30 -Nov 03 12:11:53 zion kernel: [] schedule+0x29/0x70 -Nov 03 12:11:53 zion kernel: [] io_schedule+0x8f/0xe0 -Nov 03 12:11:53 zion kernel: [] sleep_on_page+0xe/0x20 -Nov 03 12:11:53 zion kernel: [] __wait_on_bit_lock+0x5b/0xc0 -Nov 03 12:11:53 zion kernel: [] __lock_page+0x6a/0x70 -Nov 03 12:11:53 zion kernel: [] ? wake_atomic_t_function+0x40/0x40 -Nov 03 12:11:53 zion kernel: [] truncate_inode_pages_range+0x613/0x660 -Nov 03 12:11:53 zion kernel: [] truncate_inode_pages+0x15/0x20 -Nov 03 12:11:53 zion kernel: [] btrfs_evict_inode+0x42/0x380 [btrfs] -Nov 03 12:11:53 zion kernel: [] evict+0xb0/0x1b0 -Nov 03 12:11:53 zion kernel: [] dispose_list+0x39/0x50 -Nov 03 12:11:53 zion kernel: [] evict_inodes+0x11c/0x130 -Nov 03 12:11:53 zion kernel: [] generic_shutdown_super+0x48/0xe0 -Nov 03 12:11:53 zion kernel: [] kill_anon_super+0x12/0x20 -Nov 03 12:11:53 zion kernel: [] btrfs_kill_super+0x16/0x90 [btrfs] -Nov 03 12:11:53 zion kernel: [] deactivate_locked_super+0x3d/0x60 -Nov 03 12:11:53 zion kernel: [] deactivate_super+0x46/0x60 -Nov 03 12:11:53 zion kernel: [] mntput_no_expire+0xef/0x150 -Nov 03 12:11:53 zion kernel: [] SyS_umount+0x91/0x3b0 -Nov 03 12:11:53 zion kernel: [] system_call_fastpath+0x1a/0x1f ----- - -The only way to solve the problem was to perform a restart. After that, the -problem would come back as soon as I started rsync again. - - -[[the-solution]] -== The Solution - -I hunted around for a while until I finally just searched for the name of the -pegged process, **btrfs-endio-wri**, and cpu time. It turns out, the btrfs -folks have https://btrfs.wiki.kernel.org/index.php/Gotchas[a page] detailing a -list of current "gotchas" btrfs has. This issue was one of them. They describe -it as 
 Files with a lot of random writes can become heavily fragmented
-(10000+ extents) causing trashing on HDDs and excessive multi-second spikes of
-CPU load on systems with an SSD or large amount a RAM. ... Symptoms include
-btrfs-transacti and btrfs-endio-wri taking up a lot of CPU time (in spikes,
-possibly triggered by syncs). You can use filefrag to locate heavily fragmented
-files.
- -One of the best parts of rsync is that is syncs deltas instead of resyncing the -entire file. What does that result in? Lots of little random writes. Sounds -like a match to me. - -**To fix this**, I defragged all of /home/ (with _compression=lzo_ of course :) -), and remounted using the *autodefrag* option. - -Now I can run rsync with no problems. - -One last thing to note. Their gotchas page says that once they've worked out a -few potential kinks with the autodefrag mount option, they'll make it the -default, which should prevent this from being an issue in future versions. - -Category:Linux -Category:Btrfs -Category:Storage -Category:RAID - - -// vim: set syntax=asciidoc: diff --git a/src/Btrfs:RAID_Setup.adoc b/src/Btrfs:RAID_Setup.adoc new file mode 100644 index 0000000..624fafa --- /dev/null +++ b/src/Btrfs:RAID_Setup.adoc @@ -0,0 +1,165 @@ +Btrfs:RAID Setup +================ +:author: Aaron Ball +:email: nullspoon@iohq.net + + +== {doctype} + +I recently became very interested in +http://en.wikipedia.org/wiki/Logical_Volume_Manager_%28Linux%29[LVM] and its +ability to have a volume that spans multiple drives. I was just about to do an +LVM setup when I began researching +https://btrfs.wiki.kernel.org/index.php/Main_Page[btrfs] in more depth. It is +rumored to be the next replacement for +https://ext4.wiki.kernel.org/index.php/Main_Page[ext4], the default Linux +filesystem (in most cases). It also happpens to support volumes that span +multiple devices (http://en.wikipedia.org/wiki/Standard_RAID_levels[raid], +though software raid albeit), aside from a whole +https://btrfs.wiki.kernel.org/index.php/Main_Page#Features[list] of other +functionalities. + +Being a person who really enjoys trying new, cool, and often unstable things +(who doesn't love a good learning experience), I decided to set up a +http://en.wikipedia.org/wiki/Standard_RAID_levels#RAID_5[raid 5] using btrfs +with three whopping one terabyte drives. If all goes well, I should be able to +loose one drive and still have 2 terabytes ( [3-1]*1000 = 2000 ) fully +functional. + + +[[getting-started]] +== Getting Started + +Creating a btrfs filesystem is as simple as creating an ext4 filesystem (or any +other filesystem for that matter). You use the mkfs command. However, I +created a raid setup, so I needed a few more parameters. Here's what I used. + +---- +mkfs.btrfs -m raid5 -d raid5 /dev/sdb /dev/sdc /dev/sdd +---- + +Well that was easy. What'd we just do? + +[cols=",",options="header",] +|================================================================ +|mkfs.btrfs |duh +|-m raid5 |Sets the metadata up to use raid 5 +|-d raid5 |Set the data up to use raid 5 +|/dev/sdb /dev/sdc /dev/sdd |Span our volume across these devices +|================================================================ + +With that, you should now [very quickly] have a new raid 5 (or whatever you +selected for your raid levels). To mount it, run the mount command on any of +the raw devices in your raid. + +---- +mount -t btrfs /dev/sdb /mnt/oh_heyyy +---- + + +[[compression]] +== Compression + +Btrfs supports various kinds of seamless compression. The default is none since +compression will cause a performance hit (naturally). I thought I'd give it a +try anyways. I set up lzo compression (supposedly the fastest compression, but +less effective) about half way through my sync job (forgot to do it initially). +The original total size of the files in each home directory came to 386 GB +(lots of users for a home system). The end result after compression was 377 GB, +so I ended up saving 9 GB of space while still getting an amazing transfer rate +(see the link:#Benchmarks[ benchmarks] section). Keep in mind though that I +enabled compression after I had already synced a good 100 GB of files, so there +is a good portion of that data that isn't compressed. Despite that though, 9 GB +of space isn't too bad, especially given the performance. + + +[[handy-commands]] +== Handy Commands + +Here's what commands I'm using most frequently up to this point. + +* **btrfs fi**[lesystem] **show**: Shows a list of filesystems and their +corresponding devices. +* **btrfs fi**[lesystem] **label