Stunnel is a quick way on taking a non ssl connection and being able to wrap it in ssl for security
stunnel version 4 – Fedora 12/RHEL 5.3 /Centos 5.3
vim /etc/stunnel/stunnel.conf
add in
client=yes
[gmail]
accept = 127.0.0.1:50000
connect = mail.google.com:443
then run
stunnel
stunnel version 3 – Ubuntu 8.10 (I haven’t used newer versions)
Ubuntu 8.10 has 2 versions of stunnnel: stunnel3 and stunnel4. They have created a symbolic link from /usr/bin/stunnel -> /usr/bin/stunnel3
If you would like to use version 4 you can use the command stunnel4 otherwise if you wish to use the default version, you will need to create a self signed certificate
openssl req -new -x509 -days 3650 -nodes -out /etc/stunnel/stunnel.pem -keyout /etc/stunnel/stunnel.pem
Then to start stunnel use the following command
stunnel -c -d localhost:50001 -r mail.google.com:443
Sysadmin
stunnel
I quite often need to remove a single line from a file by its line number. The most common use case for me is the known_hosts file when I have reinstalled a system, I have in the past used vim and navigated to the line then removed it. This is all well and good but it gets to be a pain having to do it repeatedly, especially when you manage around 1000 servers and the get rebuilt frequently. Finally today I had had enough so wrote a little script to do this task easily. Hopefully someone else finds this useful
Its usage is : delline LINE FILE
#!/bin/bash
LINE=$1
FILE=$2
if [ ! -f $FILE ] ; then
echo "can't read $FILE: No such file or directory"
exit 1
fi
if [ `expr $LINE + 1 2> /dev/null` ] ; then
sed -i "${LINE}d" $FILE
else
echo $LINE is not numeric
exit 1
fi
Linux, Sysadmin
bash, sed
This post is here mainly because I always forget how to do it. This is one of the simplest ways to reinstall a Centos (will probably work for RHEL and maybe even Fedora) system without needing PXE or physical access to the machine. Make sure that that you have tested you kickstart before you use it and don’t blame me if anything goes wrong.
Save the following script and make it executable then run it. It will ask some questions about networking and hostname and then write a new grub stanza to you grub.conf. It will also download the correct kernel and initrd from the information you have given it and put them in the correct position for grub to find them when it boots.
When you reboot you should be able to select Kickstart Centos and it will boot off the new kernels and pull down the kickstart then reinstall.
#!/bin/bash -x
echo -n "Enter kickstart url: "
read -e ksurl
echo -n "Enter Hostname: "
read -e hostname
echo -n "Enter IP Address: "
read -e ipaddr
echo -n "Enter Gateway: "
read -e gateway
echo -n "Enter Netmask: "
read -e netmask
echo -n "Enter Nameservers: "
read -e nameservers
repourl=$(curl $ksurl 2>/dev/null | sed -n 's/.*\(http\)/\1/ p')
#echo $repourl
vmlinuz_url="${repourl}/isolinux/vmlinuz"
initrd_url="${repourl}/isolinux/initrd.img"
date_now=$(date +%Y%m%d%H%M%S)
grub_stanza="
title Kickstart Centos 5 ${date_now}
root (hd0,0)
kernel /reinstall/vmlinuz ksdevice=eth0 load_ramdisk=1 prompt_ramdisk=0 ramdisk_size=16384 serial hostname=${hostname} ip=${ipaddr} gateway=${gateway} netmask=${netmask} dns=${nameservers} noipv6 ks=${ksurl}
initrd /reinstall/initrd.img
"
echo "$grub_stanza"
echo -n "Please check the grub stanza above and enter 'y' if it is correct: "
read -e confirmed
if [ $confirmed == 'y' ]; then
echo "Downloading kernel and initrd..."
mkdir -p /boot/reinstall
(cd /boot/reinstall/;/usr/bin/urlgrabber $vmlinuz_url )
(cd /boot/reinstall/;/usr/bin/urlgrabber $initrd_url )
cp /boot/grub/grub.conf /boot/grub/grub.conf.bak_`date +%Y%m%d%H%M%S`
echo "$grub_stanza" >> /etc/grub.conf
fi
Centos, Linux, Sysadmin
bash, Centos, grub, kickstart, Linux