issue with restarting autossh reverse tunnel on boot - linux

I seem to have a weird issue:
I want to restart a reverse ssh tunnel on boot, I've tried it with an init script (that works fine when executed as user) and with an added line in /etc/rc.d but none of it works. What I get after boot is:
$ ps ax | grep autossh
397 pts/10 S+ 0:00 grep --color=auto autossh
1351 ? Ss 0:00 /usr/lib/autossh/autossh -M 22221 -N -o PubkeyAuthentication=yes -o PasswordAuthentication=no -i ~/.ssh/etherwan.key -R 19999:localhost:22 ubuntu#server
but I'm unable to login from server. So I did the following after boot:
$ sudo killall -KILL autossh
[sudo] password for ron:
$ /usr/bin/autossh -M 22221 -f -N -o "PubkeyAuthentication=yes" -o "PasswordAuthentication=no" -i ~/.ssh/etherwan.key -R 19999:localhost:22 ubuntu#server
upon which I can login using port 19999 just fine!
The keys permissions look like: (but root should not need to care, would it?)
$ ls -l ~/.ssh/etherwan.key
-r-------- 1 ron ron 1675 Nov 6 04:15 /home/ron/.ssh/etherwan.key

Replace ~/.ssh/etherwan.key in your rc.d script with /home/ron/.ssh/etherwan.key
The '~' character is expanded to the user's home directory by the shell, but rc.d scripts are run as root.

Related

How to edit the mosquitto.conf in a mosquitto Docker container?

I have a linux system running with several Docker containers. One of them is mosquitto container which runs from mosquitto 1.6.7 docker image.
I do not have control how the Mosquitto container is created as it is given by default from a supplier/client.
I need to make changes in the mosquitto/config/mosquitto.conf file. This is the output when I run ls -l
/mosquitto/config # ls -l
total 4
-rwxrwxr-x 1 nobody nobody 210 May 24 05:35 mosquitto.conf
I tried the codes below to add a comment in the mosquitto.conf, but I am not successful.
/mosquitto/config # echo '#test' | su nobody -c 'tee -a mosquitto.conf'
nologin: this account is not available
/mosquitto/config # echo '#test' | su nobody -s sh -c 'tee -a mosquitto.conf'
su: can't execute 'sh': No such file or directory
/mosquitto/config # echo '#test' | su nobody -s bin/sh -c 'tee -a mosquitto.conf'
su: can't execute 'bin/sh': No such file or directory
/mosquitto/config # echo '#test' | su nobody -s /bin/sh -c 'tee -a mosquitto.conf'
tee: mosquitto.conf: Permission denied
#test
Is it possible to change the mosquitto.conf?
If yes, how? Thanks.
You don't.
You make a copy of it on the host machine, edit there and then mount that edited copy into the container when you start it.
e.g.
docker run -d -v /path/to/local/mosquitto.conf:/mosquitto/config/mosquitto.conf mosquitto

Why doesn't "xargs sudo perf top" work as expected?

I want to profile a process, so first get its pid, then use "perf top" to check it:
$ pgrep program
14472
$ sudo perf top -p 14472
It works as expected:
Then I want to use pipe to connect these two commands, so I use xargs:
$ pgrep program | sudo xargs perf top -p
But this time "perf top" seems not work normally:
I compared processes of these two operations:
(1) Run pgrep and perf separately:
$ ps -ef | grep perf
root 18468 16827 0 09:34 pts/3 00:00:00 sudo perf top -p 14472
root 18469 18468 91 09:34 pts/3 00:00:06 perf top -p 14472
nanxiao 18477 18295 0 09:34 pts/4 00:00:00 grep --color=auto perf
(2) Use xargs to connect pgrep and perf:
$ ps -ef | grep perf
nanxiao 18250 16827 0 09:32 pts/3 00:00:00 xargs sudo perf top -p
root 18251 18250 0 09:32 pts/3 00:00:00 sudo perf top -p 14472
root 18252 18251 87 09:32 pts/3 00:01:47 perf top -p 14472
nanxiao 18442 18295 0 09:34 pts/4 00:00:00 grep --color=auto perf
IMHO, it seems same. Anyone can give some clues? Thanks in advance!
P.S., my OS is CentOS 7.
After checking manual again, I find -o option can fix this issue:
-o, --open-tty
Reopen stdin as /dev/tty in the child process before executing
the command. This is useful if you want xargs to run an
interactive application.
The command is like this:
$ pgrep program | sudo xargs -o perf top -p
But unfortunately, CentOS 7's xargs is a little old, and doesn't provide this option.
The root cause is: without -o option, the stdin of perf program is /dev/null:
$ sudo lsof -p 1495
......
perf 1495 root 0r CHR 1,3 0t0 2052 /dev/null
......
And the perf is blocked in SLang_getkey():
......
FD_ZERO(&read_set);
FD_SET(0, &read_set);
if (delay_secs) {
timeout.tv_sec = delay_secs;
timeout.tv_usec = 0;
}
err = select(1, &read_set, NULL, NULL, ptimeout);
if (err == 0)
return K_TIMER;
if (err == -1) {
if (errno == EINTR)
return K_RESIZE;
return K_ERROR;
}
key = SLang_getkey();
if (key != K_ESC)
return key;
......
Read of /dev/null will return EOF, then select() will return 1.
With -o option the stdin of perf program is /dev/tty:
$ sudo lsof -p 1394
......
perf 1394 root 0u CHR 136,25 0t0 28 /dev/pts/25
......
In above code, the select() will return 0, and the whole function will return accordingly.
A better approach would be to directly run the top on the output of pgrep instead of piping over xargs. I believe top command by default does not read information over standard input
sudo perf top -p "$(pgrep program)"
This way the $(..) returns the output of the pgrep command and the returned value is passed as a positional argument value to the -p flag.

How to rehup sshd process?

I have followed instructions from
https://www.digitalocean.com/community/tutorials/how-to-use-ssh-keys-with-digitalocean-droplets
But my terminal looks like
ps auxw | grep ssh
milenko 21891 0.0 0.0 21292 924 pts/4 S+ 16:24 0:00 grep --color=auto ssh
Should I kill 21891?
What does grep --color auto stand for?Can someone elaborate more om this?
grep --color=auto is the grep from the line above. When you would try to kill it later, it will no longer be there, because the above command ended.
The reason why the line does not list only grep ssh is, that you have alias for grep to be nicely colored:
$ which grep
alias grep='grep --color=auto'
/usr/bin/grep
TLDR what is going on there: Your sshd server is not running.

How to [start|stop|restart] couchdb in cloud9?

I'm running ubuntu 14.04 and I just want to restart (stop and start) couchDB, which is running on cloud 9. I tried these but none of them seems to work:
1.
ps -U couchdb -o pid= | xargs kill -9
2.
sudo couchdb stop
3.
curl -X POST http://[username]:[password]#127.0.0.1:5984/_restart -H"Content-Type: application/json"
Starting the couchdb the way the Cloud9 doc says will allow a simple Control + C to close it:
sudo mkdir -p /var/run/couchdb
sudo chown couchdb:couchdb /var/run/couchdb
sudo su couchdb -c /usr/bin/couchdb
However is that's not what you want you can always find the PID and kill it:
mikeumus#couchdb:~/workspace (master) $ pstree -ap|grep couchdb
| |-grep,9050 --color=auto couchdb
`-sudo,9018 su couchdb -c /usr/bin/couchdb
`-su,9019 couchdb -c /usr/bin/couchdb
`-beam.smp,9020 -Bd -K true -A 4 -- -root /usr/lib/erlang -progname erl -- -home /var/lib/couchdb ---noshe
mikeumus#couchdb:~/workspace (master) $ sudo kill -- -9018
mikeumus#couchdb:~/workspace (master) $ pstree -ap|grep couchdb
| |-grep,9071 --color=auto couchdb
Don't mind the color process still running, the couchdb process is now off. If you want to find and kill the couchdb in a single command, try:
kill $(ps aux | grep '[c]ouchdb' | awk '{print $2}')
Explained in this Stack Overflow Answer: https://stackoverflow.com/a/3510850/1762493

Command output, pipe, script co-operation

I'm writing a small script to restart my lighttpd server:
1. kill already running process
2. start new server
The script is the following:
PID=$(ps aux | grep lighttpd | grep -v grep | cut -c9-15)
kill $PID
sudo lighttpd -f /etc/lighttpd/lighttpd.conf
My problem is that in a terminal window the command
ps aux | grep lighttpd | grep -v grep | cut -c9-15
gives the result: 11685 but if it runs within the shell script than the result is 11685 13339 13340
What am I missing here?
The ps output of the line containing the lighttpd job is
root 11685 0.0 0.0 11096 1960 ? S 16:40 0:00 lighttpd -f /etc/lighttpd/lighttpd.conf
Why you are wasting time in Linux/unix for grepping PID and killing it when you have killall command
/usr/bin/killall
You can directly
killall lighttpd or /usr/bin/killall lighttpd
if not superuser then use sudo
sudo killall lighttpd or sudo /usr/bin/killall lighttpd
can use preferably -9 with killall like in your case would be sudo killall lighttpd
then restart it via
sudo lighttpd -f /etc/lighttpd/lighttpd.conf
if you are looking for fully automated script then make use of except commands
Click here

Resources