dhcpd config

apt-get install dhcp3-server

edit dhcpd.conf… to add

ddns-update-style none;
option domain-name "blah.blah";
option domain-name-servers 10.128.92.32, 10.129.92.32;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;

subnet 10.67.93.0 netmask 255.255.255.0 {
  host moe {
    hardware ethernet 00:14:4F:49:E5:DA;
    fixed-address 10.67.93.5;
    filename "pxelinux.0";
    next-server 10.67.93.13;
    option subnet-mask 255.255.255.0;
    option routers 10.67.93.1;
  }
}

tftpd config

apt-get install tftp-hpa tftpd-hda

copy from ubuntu dist to /srv/tftp

lrwxrwxrwx 1 root root   33 2010-06-04 09:44 pxelinux.0 -> ubuntu-installer/amd64/pxelinux.0
lrwxrwxrwx 1 root root   35 2010-06-04 09:44 pxelinux.cfg -> ubuntu-installer/amd64/pxelinux.cfg
dr-xr-xr-x 3 root root 4096 2010-06-04 09:44 ubuntu-installer
-r--r--r-- 1 root root   58 2010-06-04 09:44 version.info

apache config

apt-get install apache2 

unpack install image into /var/www/ubuntu/

root@rory:/var/www/ubuntu-10.04# ls -al
total 176
dr-xr-xr-x 10 root root   4096 2010-04-27 05:56 .
drwxr-xr-x  3 root root   4096 2010-06-04 09:11 ..
-r-xr-xr-x  1 root root   1115 2010-04-23 21:29 cdromupgrade
dr-xr-xr-x  2 root root   4096 2010-04-27 05:55 .disk
dr-xr-xr-x  3 root root   4096 2010-04-27 05:55 dists
dr-xr-xr-x  3 root root   4096 2010-04-27 05:55 doc
dr-xr-xr-x  3 root root   4096 2010-04-27 05:56 install
dr-xr-xr-x  2 root root   4096 2010-04-27 05:56 isolinux
-r--r--r--  1 root root 129953 2010-04-27 05:56 md5sum.txt
dr-xr-xr-x  2 root root   4096 2010-04-27 05:55 pics
dr-xr-xr-x  3 root root   4096 2010-04-27 05:55 pool
dr-xr-xr-x  2 root root   4096 2010-04-27 05:55 preseed
-r--r--r--  1 root root    235 2010-04-27 05:55 README.diskdefines
lrwxrwxrwx  1 root root      1 2010-04-27 05:55 ubuntu -> .

password is expired?

chage -I -1 -m 0 -M 99999 -E -1 username

sshfs -C mmm@hawk:/home/torrent/downloads /opt/torrent/downloads -o reconnect,uid=103,gid=107

SuperMicro IPMI Firewall Connection Information

HTTP: 80 (TCP)
HTTPS: 443 (TCP)
IPMI: 623 (UDP)
Remote console: 5900 (TCP)
Virtual media: 623 (TCP)
SMASH: 22 (TCP)
WS-MAN: 8889 (TCP)
Source: http://www.supermicro.com/manuals/other/Onboard_BMC_IPMI.pdf

–or–

ipmitool -I lanplus -H proteus.mgmt.inside.ttu.edu.vn -U ADMIN -P ADMIN sol info
ipmitool -I lanplus -H proteus.mgmt.inside.ttu.edu.vn -U ADMIN -P ADMIN sol activate

Stop a Serial-Over-LAN session

From an existing sol session:

~.

If your existing sol session is in a terminal you’ve ssh’d into, you’ll have to prepend a tilde for each ssh layer:

~~~.

From the SOL help:

Supported escape sequences:
~.  - terminate connection
~^Z - suspend ipmitool
~^X - suspend ipmitool, but don't restore tty on restart
~B  - send break
~?  - this message
~~  - send the escape character by typing it twice
(Note that escapes are only recognized immediately after newline.)

Using the Serial-Over-LAN session

The serial BIOS interface is a bit brain-damaged in that it does not recognise the "F11", and "F12" key escape codes that most terminal programs send, instead you can send "Esc-!", and "Esc-@" (yes very logical, as long as the '@' key is normally typed using 'Shift-2' - as on US keyboards, not miles away from the '2' key, as on many non-US keyboards). These escapes from HP, and Dell serial BIOS' may or may not be useful:

Defined As     F1     F2     F3     F4     F5     F6     F7     F8     F9     F10    F11    F12
Keyboard Entry <ESC>1 <ESC>2 <ESC>3 <ESC>4 <ESC>5 <ESC>6 <ESC>7 <ESC>8 <ESC>9 <ESC>0 <ESC>! <ESC>@

Defined As     Home   End    Insert Delete PageUp PageDn
Keyboard Entry <ESC>h <ESC>k <ESC>+ <ESC>- <ESC>? <ESC>/

Use the <ESC><Ctrl><M> key sequence for <Ctrl><M>

Use the <ESC><Ctrl><H> key sequence for <Ctrl><H>

Use the <ESC><Ctrl><I> key sequence for <Ctrl><I>

Use the <ESC><Ctrl><J> key sequence for <Ctrl><J>

Use the <ESC><X><X> key sequence for <Alt><x>, where x is any letter key, and X is the upper case of that key

dd if=/dev/urandom of=testfile bs=1M count=10
sudo losetup /dev/loop0 testfile 

sudo cryptsetup create crypto /dev/loop0

(asks for passphrase)

sudo mkfs.ext2 /dev/mapper/crypto 
sudo mount /dev/mapper/crypto /crypt/

sudo umount /crypt/
sudo cryptsetup remove /dev/mapper/crypto 

works a little differently with an actual partition… guess it would be

sudo cryptsetup create crypto /dev/sdb1

(asks for passphrase)

sudo mkfs.ext2 /dev/mapper/crypto 
sudo mount /dev/mapper/crypto /crypt/

sudo umount /crypt/
sudo cryptsetup remove /dev/mapper/crypto 

this seems to keep the video intact for the most part… i.e.,

cp Entourage.S06E11.HDTV.XviD-NoTV.avi ~/Documents

560  ls -al
561  sudo losetup /dev/loop0 Entourage.S06E11.HDTV.XviD-NoTV.avi -o 10000000
562  sudo cryptsetup create entourage /dev/loop0
563  sudo mkfs.xfs /dev/mapper/entourage 
564  ls /crypt/
565  sudo mount /dev/mapper/entourage /crypt/
566  ls /crypt/
567  ls -al
568  ls /crypt/
569  ls /crypt/ -al
570  cd /crypt/
571  ls
572  cp /home/mmm/Desktop/junk.odb .
573  sudo cp /home/mmm/Desktop/junk.odb .
574  sudo chown mmm.mmm junk.odb 
575  ls -al
576  cd /
577  cd
578  cd Documents/
579  ls
580  ls -al
581  vlc Entourage.S06E11.HDTV.XviD-NoTV.avi 
582  ls
583  mount
584  sudo umount /crypt/
585  sudo cryptsetup remove /dev/mapper/entourage 
586  sudo losetup -d /dev/loop0 
587  sudo losetup 
588  sudo losetup -a
589  ls
590  history 

/etc/udev/rules.d/z25_persistent_net.rules

set shell to screen

kurt:x:505:505::/home/kurt:/usr/bin/screen

with a /home/kurt/.screenrc (perms 644 root.root)

multiuser off
escape ^Ee
bell ''
startup_message off
vbell off
### enabling scroll buffer
termcapinfo xterm|xterms|xs|rxvt ti@:te@
defscrollback         3000
silencewait           15              # default: 30
hardstatus string "%h%?"
### logging
logtstamp on
logfile flush 10
logtstamp after 300
### create windows
screen -t h             1       /bin/bash
logfile /var/lib/audit/$USER
log on

#################################################
# rsnapshot.conf - rsnapshot configuration file #
#################################################
#                                               #
# PLEASE BE AWARE OF THE FOLLOWING RULES:       #
#                                               #
# This file requires tabs between elements      #
#                                               #
# Directories require a trailing slash:         #
#   right: /home/                               #
#   wrong: /home                                #
#                                               #
#################################################

#######################
# CONFIG FILE VERSION #
#######################

config_version	1.2

###########################
# SNAPSHOT ROOT DIRECTORY #
###########################

# All snapshots will be stored under this root directory.
#
#snapshot_root	/.snapshots/
snapshot_root	/mnt/array1/arch/

# If no_create_root is enabled, rsnapshot will not automatically create the
# snapshot_root directory. This is particularly useful if you are backing
# up to removable media, such as a FireWire or USB drive.
#
#no_create_root	1

#################################
# EXTERNAL PROGRAM DEPENDENCIES #
#################################

# LINUX USERS:   Be sure to uncomment "cmd_cp". This gives you extra features.
# EVERYONE ELSE: Leave "cmd_cp" commented out for compatibility.
#
# See the README file or the man page for more details.
#
#cmd_cp		/bin/cp

# uncomment this to use the rm program instead of the built-in perl routine.
#
cmd_rm		/bin/rm

# rsync must be enabled for anything to work. This is the only command that
# must be enabled.
#
cmd_rsync	/usr/bin/rsync

# Uncomment this to enable remote ssh backups over rsync.
#
cmd_ssh	/usr/local/bin/ssh

# Comment this out to disable syslog support.
#
cmd_logger	/usr/bin/logger

# Uncomment this to specify the path to "du" for disk usage checks.
# If you have an older version of "du", you may also want to check the
# "du_args" parameter below.
#
#cmd_du		/usr/bin/du

# Uncomment this to specify the path to rsnapshot-diff.
#
#cmd_rsnapshot_diff	/usr/local/bin/rsnapshot-diff

# Specify the path to a script (and any optional arguments) to run right
# before rsnapshot syncs files
#
#cmd_preexec	/path/to/preexec/script

# Specify the path to a script (and any optional arguments) to run right
# after rsnapshot syncs files
#
#cmd_postexec	/path/to/postexec/script

#########################################
#           BACKUP INTERVALS            #
# Must be unique and in ascending order #
# i.e. hourly, daily, weekly, etc.      #
#########################################

#interval	hourly	6
interval	daily	7
interval	weekly	4
interval	monthly	6

############################################
#              GLOBAL OPTIONS              #
# All are optional, with sensible defaults #
############################################

# Verbose level, 1 through 5.
# 1     Quiet           Print fatal errors only
# 2     Default         Print errors and warnings only
# 3     Verbose         Show equivalent shell commands being executed
# 4     Extra Verbose   Show extra verbose information
# 5     Debug mode      Everything
#
verbose		2

# Same as "verbose" above, but controls the amount of data sent to the
# logfile, if one is being used. The default is 3.
#
loglevel	3

# If you enable this, data will be written to the file you specify. The
# amount of data written is controlled by the "loglevel" parameter.
#
logfile	/var/log/rsnapshot

# If enabled, rsnapshot will write a lockfile to prevent two instances
# from running simultaneously (and messing up the snapshot_root).
# If you enable this, make sure the lockfile directory is not world
# writable. Otherwise anyone can prevent the program from running.
#
lockfile	/var/run/rsnapshot.pid

# Default rsync args. All rsync commands have at least these options set.
#
#rsync_short_args	-a
#rsync_long_args	--delete --numeric-ids --relative --delete-excluded

# ssh has no args passed by default, but you can specify some here.
#
#ssh_args	-p 22

# Default arguments for the "du" program (for disk space reporting).
# The GNU version of "du" is preferred. See the man page for more details.
# If your version of "du" doesn't support the -h flag, try -k flag instead.
#
#du_args	-csh

# If this is enabled, rsync won't span filesystem partitions within a
# backup point. This essentially passes the -x option to rsync.
# The default is 0 (off).
#
one_fs		1

# The include and exclude parameters, if enabled, simply get passed directly
# to rsync. If you have multiple include/exclude patterns, put each one on a
# separate line. Please look up the --include and --exclude options in the
# rsync man page for more details on how to specify file name patterns. 
# 
#include	???
#include	???
#exclude	???
#exclude	???
exclude	*.zip
exclude	*.gz
exclude	*.tgz
exclude	*.bz2
exclude	/**/Videos/***
exclude	/**/Music/***
exclude	/**/music/***
exclude	/**/Audio/***
exclude	*.iso
exclude	*.mp4
exclude	*.mp3
exclude	*.wav
exclude	*.avi
exclude	*.mov
exclude	*.wmv
exclude	*.flv
exclude	*.pps
exclude	*.dv
exclude	*.ogg
exclude	/**/vmware/***
exclude	/**/.vmware/***
exclude	/**/kvm/***
exclude	/**/.kvm/***
exclude	*.vmdk
exclude	*.qcow2
exclude	*.raw
exclude	/**/Photos/***
exclude	/**/photos/***
exclude	/**/Pictures/***
exclude	*.jpg
exclude	/**/Downloads/***
exclude	/**/dloads/***
exclude	/**/rescue/***
exclude	/**/rubygems/***
exclude	/**/.gems/***
exclude	/**/Metasploit/***
exclude	/**/Eclipse/***

# The include_file and exclude_file parameters, if enabled, simply get
# passed directly to rsync. Please look up the --include-from and
# --exclude-from options in the rsync man page for more details.
#
#include_file	/path/to/include/file
#exclude_file	/path/to/exclude/file

# If your version of rsync supports --link-dest, consider enable this.
# This is the best way to support special files (FIFOs, etc) cross-platform.
# The default is 0 (off).
#
link_dest	1

# When sync_first is enabled, it changes the default behaviour of rsnapshot.
# Normally, when rsnapshot is called with its lowest interval
# (i.e.: "rsnapshot hourly"), it will sync files AND rotate the lowest
# intervals. With sync_first enabled, "rsnapshot sync" handles the file sync,
# and all interval calls simply rotate files. See the man page for more
# details. The default is 0 (off).
#
#sync_first	0

# If enabled, rsnapshot will move the oldest directory for each interval
# to [interval_name].delete, then it will remove the lockfile and delete
# that directory just before it exits. The default is 0 (off).
#
#use_lazy_deletes	0

###############################
### BACKUP POINTS / SCRIPTS ###
###############################

# LOCALHOST
backup	root@192.168.100.2:/etc/		hawk/
backup	root@192.168.100.2:/home/		hawk/
backup	root@192.168.100.2:/usr/local/	hawk/
#backup	/var/log/rsnapshot		localhost/
#backup	/etc/passwd	localhost/
#backup	/home/foo/My Documents/		localhost/
#backup	/foo/bar/	localhost/	one_fs=1, rsync_short_args=-urltvpog
#backup_script		/usr/local/bin/backup_pgsql.sh	localhost/postgres/

# EXAMPLE.COM
#backup_script	/bin/date "+ backup of example.com started at %c"	unused1
#backup	root@example.com:/home/	example.com/	+rsync_long_args=--bwlimit=16,exclude=core
#backup	root@example.com:/etc/	example.com/	exclude=mtab,exclude=core
#backup_script	ssh root@example.com "mysqldump -A > /var/db/dump/mysql.sql"
#backup	root@example.com:/var/db/dump/	example.com/
#backup_script	/bin/date "+ backup of example.com ended at %c"	unused2

# CVS.SOURCEFORGE.NET
#backup_script	/usr/local/bin/backup_rsnapshot_cvsroot.sh	rsnapshot.cvs.sourceforge.net/

# RSYNC.SAMBA.ORG
#backup	rsync://rsync.samba.org/rsyncftp/	rsync.samba.org/rsyncftp/

/usr/local/sbin/run_mongrel_cluster_ctl.sh

#!/bin/bash

export RUBYGEMS=/usr/local/rubygems
export GEM_HOME=${RUBYGEMS}/gems
export GEM_PATH=${RUBYGEMS}/gems
export RUBYLIB=${RUBYGEMS}/lib
export PATH=${RUBYGEMS}/gems/bin:${RUBYGEMS}/bin:$PATH

mongrel_cluster_ctl $*

/etc/init.d/jsas_cluster

#!/bin/sh
#
# mongrel jsas cluster init script
#
### BEGIN INIT INFO
# Provides:          jsas_cluster
# Required-Start:    $network $local_fs $remote_fs
# Required-Stop:
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: init-Script for jsas mongrel_cluster
### END INIT INFO

#sudo -i -u jsas $DAEMON_CTL help

set -e

# Defaults
PATH=/sbin:/usr/sbin:/usr/local/sbin:/bin:/usr/bin:/usr/local/bin
DAEMON_CTL=/usr/local/sbin/run_mongrel_cluster_ctl.sh
USER=jsas
OPTIONS=""

PIDFILE="/var/run/mongrel_cluster.pid"

test -f $DAEMON_CTL || exit 0

. /lib/lsb/init-functions

case "$1" in
	start)
    sudo -i -u jsas $DAEMON_CTL start
		;;
	stop)
    sudo -i -u jsas $DAEMON_CTL stop
		;;
	force-reload|restart)
    sudo -i -u jsas $DAEMON_CTL restart
		;;
	status)
    sudo -i -u jsas $DAEMON_CTL status
		;;
	*)
		log_warning_msg "Usage: /etc/init.d/jsas_cluster {start|stop|restart}"
		log_warning_msg "  start - starts system-wide jsas_cluster service"
		log_warning_msg "  stop  - stops system-wide jsas_cluster service"
		log_warning_msg "  restart, force-reload - starts a new system-wide jsas_cluster service"
		log_warning_msg "  status  - status of system-wide jsas_cluster service"
		log_warning_msg "    system-wide jsas cluster service"
		exit 1
		;;
esac

exit 0

then update the rc scripts…

update-rc.d jsas_cluster defaults 98 02

totally fucking ridiculous!

bipp-dcd:/Users root# niutil -create / /users/markv
bipp-dcd:/Users root# niutil -create / /groups/markv
bipp-dcd:/Users root# niutil -createprop / /users/markv uid 504
bipp-dcd:/Users root# niutil -createprop / /groups/markv gid 504
bipp-dcd:/Users root# niutil -createprop / /users/markv gid 504
bipp-dcd:/Users root# niutil -createprop / /users/markv realname "Mark Vaughan"
bipp-dcd:/Users root# niutil -createprop / /users/markv shell "/bin/bash"      
bipp-dcd:/Users root# niutil -createprop / /users/markv home "/Users/markv"
bipp-dcd:/Users root# cp -R /System/Library/User\ Template/English.lproj /Users/markv
bipp-dcd:/Users root# chown -Rf markv:markv /Users/markv
bipp-dcd:/Users root# passwd markv

also

niutil -appendprop / /groups/admin users markv

niutil -list . /

niutil -read / /users/markv

niutil -read / /groups/admin