chrooted ftp on ubuntu 12.04 using vsftp

Mark

October 18, 2012 at 3:29 am

For those of you running Ubuntu 12.04, I have created a vsftpd 2.3.5 PPA that backports the allow_writeable_chroot config option from vsftpd 3 to the existing Ubuntu package. To use it:

sudo add-apt-repository ppa:thefrontiergroup/vsftpd
sudo apt-get update
sudo apt-get install vsftpd




ref: http://www.benscobie.com/fixing-500-oops-vsftpd-refusing-to-run-with-writable-root-inside-chroot/

1. add allow_writeable_chroot=YES

2. chroot_local_user=YES

regular expression (REGEX)

ref: http://www.w3schools.com/jsref/jsref_obj_regexp.asp

i found javascript regex book maybe usefull for php.

Modifiers

Modifiers are used to perform case-insensitive and global searches:

Modifier	Description
i	Perform case-insensitive matching
g	Perform a global match (find all matches rather than stopping after the first match)
m	Perform multiline matching

Brackets

Brackets are used to find a range of characters:

Expression	Description
[abc]	Find any character between the brackets
[^abc]	Find any character not between the brackets
[0-9]	Find any digit from 0 to 9
[A-Z]	Find any character from uppercase A to uppercase Z
[a-z]	Find any character from lowercase a to lowercase z
[A-z]	Find any character from uppercase A to lowercase z
[adgk]	Find any character in the given set
[^adgk]	Find any character outside the given set
(red|blue|green)	Find any of the alternatives specified

Metacharacters

Metacharacters are characters with a special meaning:

Metacharacter	Description
.	Find a single character, except newline or line terminator
\w	Find a word character
\W	Find a non-word character
\d	Find a digit
\D	Find a non-digit character
\s	Find a whitespace character
\S	Find a non-whitespace character
\b	Find a match at the beginning/end of a word
\B	Find a match not at the beginning/end of a word
\0	Find a NUL character
\n	Find a new line character
\f	Find a form feed character
\r	Find a carriage return character
\t	Find a tab character
\v	Find a vertical tab character
\xxx	Find the character specified by an octal number xxx
\xdd	Find the character specified by a hexadecimal number dd
\uxxxx	Find the Unicode character specified by a hexadecimal number xxxx

Quantifiers

Quantifier	Description
n+	Matches any string that contains at least one n
n*	Matches any string that contains zero or more occurrences of n
n?	Matches any string that contains zero or one occurrences of n
n{X}	Matches any string that contains a sequence of X n's
n{X,Y}	Matches any string that contains a sequence of X to Y n's
n{X,}	Matches any string that contains a sequence of at least X n's
n$	Matches any string with n at the end of it
^n	Matches any string with n at the beginning of it
?=n	Matches any string that is followed by a specific string n
?!n	Matches any string that is not followed by a specific string n

Linux dd do everything

http://www.linuxquestions.org/linux/answers/Applications_GUI_Multimedia/How_To_Do_Eveything_With_DD

Rescue an unreadable floppy.

ddrescue if=/dev/fd0 of=/home/sam/rescue.image bs=1440k conv=notrunc,noerror

with a new floppy in the drive

dd if=/home/sam/rescue.image of=/dev/fd0 bs=512 skip=2 seek=2 conv=notrunc,noerror

Now the new floppy should be readable

This method works similarly well with damaged CD's and DVD's. However, you must mount the resulting .iso image as a loop device and copy all the data that way.

ddrescue if=/dev/sr0 of=/home/sam/rescue.iso bs=2048 conv=notrunc,noerror

Make the following line in /etc/fstab.

/home/sam/rescue.iso /mnt/rescue iso9660 rw,user,noauto 0 0

Execute the following command.

mkdir /mnt/rescue

This makes the mount point you put in /etc/fstab.

Execute the following command.

mount -o loop /mnt/rescue

now all the salvagable data will be in the directory

/mnt/rescue

You can copy it to a new cd.

Echoes "I love Avril" vertically.

echo -n "I love Avril" | dd cbs=1 conv=unblock 2> /dev/null


Cloning an entire hard disk:

dd if=/dev/sda of=/dev/sdb conv=notrunc,noerror

Unlimited openvz setup

source: http://blog.eukhost.com/webhosting/how-to-remove-openvz-limits-on-a-vps/

These are the commands useful for quick removal of limits on a VPS. These is valuable while making OpenVZ ready and available in a load balanced or busy environment.

Note:”save” will save them in the configuration file for when you restart it. The settings will be lost if you do not supply the argument when the VPS is rebooted.

Use the below stated syntax if you see something that is near the limit use

clear; cat /proc/user_beancounters

vzctl set 101 –tcpsndbuf 999999999:999999999 –save
vzctl set 101 –tcprcvbuf 999999999:999999999 –save
vzctl set 101 –numtcpsock 999999999:999999999 –save
vzctl set 101 –numflock 999999999:999999999 –save
vzctl set 101 –othersockbuf 999999999:999999999 –save
vzctl set 101 –numothersock 999999999:999999999 –save
vzctl set 101 –numfile 999999999:999999999 –save
vzctl restart 101

These are the errors you migh receive without limits being raised

[crit] (105)No buffer space available: alloc_listener: failed to get a socket for 127.0.0.1

optimizing xen network speed

http://wiki.xen.org/wiki/Network_Throughput_and_Performance_Guide#Usage

check speed:

Linux

Make sure the following packages are installed on your system: gcc, g++, make, and subversion.

Iperf can be installed from Iperf's SVN repository:

svn co https://iperf.svn.sourceforge.net/svnroot/iperf iperf
cd iperf/trunk
./configure
make
make install
cd
iperf --version # should mentioned pthreads

You might also be able to install it via a package manager, e.g.:

apt-get install iperf

When using the yum package manager, you can install it via RPMForge.

Windows

• Iperf 1.7.0 (win32 threads): iperf-170-win32-threads.exe
• Iperf 2.0.5 (pthreads): iperf-205-pthreads.zip

Here are the simplest commands to execute on the receiver, and then the sender:

# on receiver
iperf -s -f m     # add "-w 256K -l 256K" when sender or receiver is a Windows VM

# on sender
iperf -c  -f m -t 20    # add "-w 256K -l 256K" when sender or receiver is a Windows VM

best windows cd emulator

this lightweight software can emulate iso image as physical CD-ROM drive. works with windows vista, windows 7. the computer that i'm using right now.

http://wincdemu.sysprogs.org/download/ (815KB)

[Tips] Bandwidth Monitor

Do you want bandwidth monitor like this?

1. download http://www.rokario.com/products/bandmon/2-0/
2. use pixel vista theme http://www.rokario.com/products/bandmon/2-0/addons.php
3. edit into your favorite language. :)

[javascript] how to declare private variable

ref: http://www.w3schools.com/js/js_functions.asp

Situation 1 (Private)
function foobar(){
  var foo =1;
  alert foo;
}
// will alert 1
foobar();
// will alert undefined
alert(foo);


Situation 2 (Public)
function foobar(){
  foo =1; // no var declared. it is public
  alert foo;
}
// will alert 1
foobar();
// will alert 1
alert(foo);

* Can u spot the difference?

The Lifetime of JavaScript Variables

If you declare a variable, using "var", within a function, the variable can only be accessed within that function. When you exit the function, the variable is destroyed. These variables are called local variables. You can have local variables with the same name in different functions, because each is recognized only by the function in which it is declared.

If you declare a variable outside a function, all the functions on your page can access it. The lifetime of these variables starts when they are declared, and ends when the page is closed.

ngrep.

Tools
- OpenVPN server
- ngrep
- tcpdump
- strings
- awk
- sort

command:

Code:

ngrep -q -W byline (mybbuser)|(Cookie) dst port 80 -O test2.txt

to read list

http://www.omghackers.com/2012/05/hackim-si-penggodam-episod-5-operating.html

[windows] insert text into existing file

cmd
type filename.txt >> oldfile.txt

ref:
http://stackoverflow.com/questions/903491/display-text-from-txt-file-in-batch-file
http://www.computerhope.com/copyhlp.htm
http://ask.metafilter.com/28875/Append-to-text-file

keywords:
append to text file, insert text using cmd, windows cmd command

free ssl enabled flash clock

Get your SSL Clock here: http://www.timeanddate.com/clocks/free.html

this website offers flash clock with SSL support to embed to your website.
mine (Kuala Lumpur, Malaysia +8GMT)

https://freesecure.timeanddate.com/clock/i35omvcs/n122/szw110/szh110/hoced1c24/hbw10/cf100/hgr0/fiv0/fas34/fdi72/mqv0/mhc000/mhs3/mhl20/mhw1/mhd84/mmv0/hhs1/hms1/hsc000/hss1

get your now. :)

[windows] reset network connection

ref: http://ttcshelbyville.wordpress.com/tag/winsock-reset/

Every have that laptop or netbook that connects to your computer but won’t go online at another location? You can quickly rebuild the IP stack and force the computer to get online at another location by typing the following command:

netsh int ip reset C:iplog.txt

Of course if you have a computer that won’t get online even if it has an ip address, do several things -

• Click Start Menu, type cmd in the search box or run box ( Hold down Ctrl + Shift and hit Enter)Type the following commands, each followed by pressing enter.

• ipconfig /flushdns
• 
• nbtstat -R
• nbtstat -RR
• 
• netsh int reset all
• netsh int ipv4 reset
• netsh winsock reset catalog

This will rebuild the tcp/ip protocol stack (fully)

After rebooting, run a command prompt as an administrator and type:

• netsh interface tcp set global autotuninglevel=disabled

Reboot

keychain activation

ref:  http://www.gentoo.org/doc/en/keychain-guide.xml

[FIXED] this is missing instruction
$ exec /usr/bin/ssh-agent $SHELL
$ ssh-add


ref: http://www.cyberciti.biz/faq/ssh-password-less-login-with-dsa-publickey-authentication/

Code Listing 3.6: Enabling keychain in .bash_profile

keychain ~/.ssh/id_dsa . ~/.keychain/$HOSTNAME-sh . ~/.keychain/$HOSTNAME-sh-gpg

load keychain before rsync

source $HOME/.keychain/$HOSTNAME-sh
rsync -avrtz root@hostname.com:/path/from /path/destination

problem [solved]

remove tunnelbroker ipv6

netsh int ipv6 delete interface "IP6Tunnel"


ref: http://www.tunnelbroker.net/forums/index.php?topic=2357.0

rsync over ssh

ref: http://www.thegeekstuff.com/2011/07/rsync-over-ssh-without-password/

update* : cron with keychain
http://www.cyberciti.biz/faq/ssh-passwordless-login-with-keychain-for-scripts/

1. Test rsync over ssh (with password):

Do a rsync to make sure it asks for the password for your account on the remote server, and successfully copies the files to the remote server.

The following example will synchronize the local folder /home/ramesh to the remote folder /backup/ramesh (on 192.168.200.10 server).

We discussed in detail about rsync in our previous 15 rsync examples articles.

This should ask you for the password of your account on the remote server.

rsync -avz -e ssh /home/ramesh/ ramesh@192.168.200.10:/backup/ramesh/

2. ssh-keygen generates keys.

Now setup ssh so that it doesn’t ask for password when you perform ssh. Use ssh-keygen on local server to generate public and private keys.

$ ssh-keygen
Enter passphrase (empty for no passphrase):
Enter same passphrase again:

Note: When it asks you to enter the passphrase just press enter key, and do not give any password here.

3. ssh-copy-id copies public key to remote host

Use ssh-copy-id, to copy the public key to the remote host.

ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.200.10

Note: The above will ask the password for your account on the remote host, and copy the public key automatically to the appropriate location. If ssh-copy-id doesn’t work for you, use the method we discussed earlier to setup ssh password less login.

4. Perform rsync over ssh without password

Now, you should be able to ssh to remote host without entering the password.

ssh 192.168.200.10

Perform the rsync again, it should not ask you to enter any password this time.

rsync -avz -e ssh /home/ramesh/ ramesh@192.168.200.10:/backup/ramesh/

Dreamweaver: Remove double spaces between lines

Ref: http://forums.digitalpoint.com/showthread.php?t=622323

1. Open the file
2. Click CTRL + F
3. Select "Current document" in "Find in" (You can also select the folder if you have multiple files)
4. Search in "Source code"
5. Tick "Use regular expression"
6. Type "[\r\n]{2,}" (without quotes) in "Find"
7. Type "\n" (without quotes) in "Replace"
8. Press "Replace All"

Nginx TLS SNI Enabled

source: http://www.falsyana.com/2011/linux/multiple-ssl-sites-on-1-ip-nginx/

Chrome OK:

Mozilla OK:

IE9 Not OK:

nginx -V
nginx version: nginx/1.0.12
built by gcc 4.1.2 20080704 (Red Hat 4.1.2-52)
TLS SNI support enabled

linux copy with progress bar

http://www.falsyana.com/2010/linux/cp-mv-with-a-progress-bar/

#vi ~/.bash_rc

1 2	alias cp='rsync --progress -ah' alias mv='rsync --progress -ah --remove-sent-files'

generate random mac address [python]

#echo 'import virtinst.util ; print virtinst.util.randomMAC()' | python

ref: http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html-single/Virtualization/index.html

other scripts:

Generating a new unique MAC address

In some case you will need to generate a new and unique MAC address for a guest. There is no command line tool available to generate a new MAC address at the time of writing. The script provided below can generate a new MAC address for your guests. Save the script to your guest as macgen.py. Now from that directory you can run the script using ./macgen.py and it will generate a new MAC address. A sample output would look like the following:

$ ./macgen.py 
00:16:3e:20:b0:11
 
#!/usr/bin/python
# macgen.py script to generate a MAC address for virtualized guests on Xen
#
import random
#
def randomMAC():
 mac = [ 0x00, 0x16, 0x3e,
  random.randint(0x00, 0x7f),
  random.randint(0x00, 0xff),
  random.randint(0x00, 0xff) ]
 return ':'.join(map(lambda x: "%02x" % x, mac))
#
print randomMAC()

Another method to generate a new MAC for your guest

You can also use the built-in modules of python-virtinst to generate a new MAC address and UUID for use in a guest configuration file:

# echo  'import virtinst.util ; print\
 virtinst.util.uuidToString(virtinst.util.randomUUID())' | python
# echo  'import virtinst.util ; print virtinst.util.randomMAC()' | python

The script above can also be implemented as a script file as seen below.

#!/usr/bin/env python
#  -*- mode: python; -*-
print ""
print "New UUID:"
import virtinst.util ; print virtinst.util.uuidToString(virtinst.util.randomUUID())
print "New MAC:"
import virtinst.util ; print virtinst.util.randomMAC()
print ""

upgrading xen bridge from 10Mbps to 100Mbps

http://www.thogan.com/site2/archives/13

http://wiki.xensource.com/xenwiki/XenNetworking

p:s/ not success yet.

orang misteri gegar

#OrangMisteriGegar: Pembayang yang ketiga yang juga merupakan pembayang terakhir ialah "PERSISIRAN".Ketiga- tiga pembayang sudah pun lengkap, 1) LAGU, 2) OMBAK RINDU, 3)PERSISIRAN..Jangan lepaskan peluang ini, tanyakan sesiapa sahaja "ADAKAH ANDA ORANG MISTERI GEGAR??"..RM2000 mungkin anda yang punya!!!!!


jawapan: Pesisir pantai irama bachok.

Renungan - reflection

renungan
"Syaitan telah BERPUTUS ASA untuk menyesatkan kami dalam PERKARA BESAR maka berjaga2lah kamu supaya tidak mengikutinya dalam PERKARA2 KECIL. Syaitan akan puas jika kamu sekalian melakukan perbuatan tercela. Oleh kerana itu hendaklah kamu menjaga agamamu dengan baik" - amanat terakhir Rasulullah SAW-

reflection
"Satan has given up in order to lead us in the BIG ITEMS that you should not follow in  SMALL ITEMS. Satan will be satisfied if you all do such actsreprehensible. Therefore you must keep your religion well" - the last message the Prophet-


translated using google translate.