Wednesday, November 21, 2012


Setting up a web kiosk system using raspberrypi+raspbian+ratpoison

This instruction assumes that you already installed raspbian on your SD card

Installing required packages
sudo apt-get update
sudo apt-get ratpoison
sudo apt-get chromium
sudo apt-get x11vnc
sudo apt-get install x11-xserver-utils


Start user pi at startup

pi@raspberrypi:~$ grep pi /etc/inittab 
1:2345:respawn:/bin/login -f pi tty1 
/dev/tty1 2>&1

pi@raspberrypi:~$ cat /home/pi/.bash_profile
if [ -z "$DISPLAY" ] && [ $(tty) == /dev/tty1 ]; then


Set ratpoison's config file

pi@raspberrypi:~$ cat /home/pi/.xinitrc
exec ratpoison

pi@raspberrypi:~$ cat /home/pi/.ratpoisonrc
exec xset s off
exec xset -dpms
exec unclutter -root
exec x11vnc -loop
exec /usr/bin/chromium --kiosk

Remotely connec thru vnc
vncviewer raspberrypi.local

Friday, November 2, 2012

Enable DNS queries in BIND

# rndc querylog 

Query logs should be logged on /var/log/messages

To turn off

# rndc querylog


Thursday, November 1, 2012

bash: scp: command not found

scp file.rar root@
root@'s password:
bash: scp: command not found
lost connection


i forgot that i have done a minimal server install on the receiving end. installing openssh-clients solve the problem

Monday, October 1, 2012


To insert characters on the beginning of a line. Example, insert // from line 1 to 10


Sample in creating folding in vim. Insert #{{{ text here #}}} provided everything was properly setup on vimrc

~/workspace/puppetworks $ cat site.pp
node 'chrisp.lab.local' {#{{{


pressing zc will close the folded texts

+-- 6 lines: node 'chrisp.lab.local' {#----------------------------------------------------------------------------


Sunday, September 30, 2012

Separating logs per hostname on a Central rsyslog server

Under /etc/rsyslog.conf append

$FileCreateMode 0655
$DirCreateMode 0755
$Umask 0022

$template default,"/srv/logs/%HOSTNAME%/%$now%.log"
*.* ?default

this will create directories under /srv/logs//*.logs with Directory permission of 755 and file permission of 655

Thursday, September 20, 2012

Apology Accepted!!!

Vmware apologizes for technical difficulties on the recent webcast Technology Day Online. It looks like the webcast provider was caught off guard on the situation. To compensate, VMware will be sending me a USB memory stick containing all of the materials presented on the said event.

Well.. apology accepted!!!!! :)

Monday, August 6, 2012

Our Samsung LCD TV retired

Our Samsung LCD TV retired after exactly 3 yrs of service. Bad thing is that it is already out of warranty. Yesterday the screen suddenly turns to white that you can barely see the images.

Wednesday, June 27, 2012

sed Galore

Find and replace string recursively
find /home/penoycentral/whichfolder -type f -print0| xargs -0 sed -i 's/oldstring/newstring/g'

If you want to make sure that you are changing which, use the old grep first
find /home/penoycentral/whichfolder -type f -print0| xargs -0 grep -i oldstring

Example Problem: Change /etc/bind to /var/named/master in named.conf

Just print what will be changed
 sed -n 's/\/etc\/bind/\/var\/named\/master/p' named.conf 

to change:
 sed -i 's/\/etc\/bind/\/var\/named\/masterr/g' named.conf 

Change double qoute to single qoute
sed -i "s/[\"]/\'/g" some-file.pp


Thursday, June 21, 2012

How to check DNS change global Propagation

DNS change progation is one of sysads problem. After a dns record change, nslookup result will differ depending on which region you are in.

Check your DNS global progation

Saturday, June 16, 2012

Mercurial hgwebdir on CentOS 6

Note this setup is unsecured and just for the purpose of having my own lab svn repo.

Install mercurial on your server

yum install mercurial

Setup the mercurial site on apache

mkdir /var/www/cgi-hg
cp /usr/share/doc/mercurial-1.4/hgwebdir.cgi /var/www/cgi-hg/
chmod +x /var/www/cgi-hg/hgwebdir.cgi

Create the hgweb.config
#myproject = myproject
lab = /srv/hg

Reload apache
service httpd reload

Make sure everything has the right permission on selinux or you can temporarily disable selinux

Your site now is accessible thru http://servername/hg

To test push functionality,you might try to disable ssl and allow push to all


allow_push = *
push_ssl = false


Thursday, June 14, 2012

Devops Singapore Meetup Puppet in production session

Devops Singapore Meetup Puppet in production session

Monday, June 11, 2012

Quick iptables gateway setup

eth0 - with internet connection as they say
eth2 - local network

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth2 -j ACCEPT

Friday, June 8, 2012

Quick mail sending test

penoy@fedora:~$ mail -s "test sending mail from nix server" < /dev/null

Tuesday, June 5, 2012

Port forwarding to a different IP:port using iptables

sysctl net.ipv4.ip_forward=1
iptables -t nat -A PREROUTING -p tcp --dport 3129 -j DNAT --to-destination ip-address:3128
iptables -t nat -A POSTROUTING -j MASQUERADE
iptables -L
iptables -t nat -L -n -v

Saturday, June 2, 2012

Puppet starting the service before package install

Here's an example of a simple manifest file that will install a package (ex. apache) and will ensure that that the service was started after install

package {'httpd':
ensure => installed,
source => '/var/tmp/httpd-2.2.3-53.el5.centos.i386.rpm',

service {'httpd':
ensure => running,
enable => true,
hasstatus => true,
hasrestart => true,

Seems legit. Let's apply the manifest

[root@learn tmp]# puppet apply httpd.install.pp
err: /Stage[main]//Service[httpd]/ensure: change from stopped to running failed: Could not start Service[httpd]: Execution of '/sbin/service httpd start' returned 1: at /var/tmp/httpd.install.pp:11
notice: /Stage[main]//Package[httpd]/ensure: created
notice: Finished catalog run in 31.04 seconds

hmmm.. it seems that puppet was starting the service before the install. Let's modify the file

package { 'httpd':
ensure => installed,
source => '/var/tmp/httpd-2.2.3-53.el5.centos.i386.rpm',

service { 'httpd':
require => Package['httpd'],
ensure => running,
enable => true,
hasstatus => true,
hasrestart => true,

Now let's apply the new manifest file

[root@learn tmp]# puppet apply httpd.install.pp
notice: /Stage[main]//Package[httpd]/ensure: created
notice: /Stage[main]//Service[httpd]/ensure: ensure changed 'stopped' to 'running'
notice: Finished catalog run in 34.10 seconds

[root@learn tmp]# chkconfig --list |grep httpd
httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
pe-httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off

[root@learn tmp]# rpm -qa |grep httpd
[root@learn tmp]# service httpd status
httpd (pid 15355) is running...

Disclaimer: im still a puppetlabs newbie. :)

Thursday, May 17, 2012

Changing Timezone in RHEL/Centos

This is one way of changing your server timezone and resync on the ntp server
 service ntpd stop

 cp /usr/share/zoneinfo/Asia/Singapore /etc/localtime


 service ntpd start 

more info:

Tuesday, May 8, 2012

remove host key under known_hosts

Normally after a server rebuild you will receive a warning that the host identification has changed

Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.

One solution is to remove the offending host key

ssh-keygen -f "/home/chris/.ssh/known_hosts" -R ip-address-of-the-host

Thursday, May 3, 2012

mysql wont start after server crashed

My mysql database crashed after saving a snapshot thru KVM. Restarting mysqld shows errors under /var/log/mysqld.log

..check that your my.cnf matches the ibdata files..

one solution was to move all ib* data and restart mysqld
 mkdir /srv/mysql/old
mv /srv/mysql/ib* /srv/mysql/old
service mysqld restart

Monday, April 30, 2012

KVM commands

To install with prompt
virt-install --prompt

List virtual machine
virsh list

Stop virtual machine
virsh destroy 

Configure VM autostart
virsh autostart 

Unconfigure VM autostart
virsh autostart --disable 

To install using kickstart
virt-install --name=rhel03.localdomain -r 768 --disk path=/var/lib/libvirt/images/rhel03.localdomain.img,size=8 -l -x "ks="

To create VM snapshot
virsh save centos01 centos01.snap.$(date +%y%m%d)

To restore VM snapshot
virsh shutdown centos01
virsh restore centos01.snap

Clone vm
virt-clone --original centos01 --name centos02 --file /home/penoycentral/images/centos02.img

Troubleshooting KVM

Error when starting the VM snapshot
error restoring domain unable to read from monitor

To fix
virsh managedsave-remove domain-name

Monday, April 23, 2012

mysql commands

Set mysql root password
mysqladmin -u root password 'new-password'

Show databases
mysql> show databases;
mysql> use databasename;

Show tables
mysql> show tables;

Show columns
mysql> select column from tables;

Backup database
$mysqldump -u  -p  > backupdatabase.sql

Restore database
mysql -u  -p  < databasebackup.sql

RHCSA/RHCE Red Hat Linux Certification Practice Exams with Virtual Machines (Exams EX200 & EX300)

Im a big fan of Michael Jang. Having seen this upcoming book will greatly help all RHCSA/RHCE aspirants. Hopefully Michael can give me a free copy :)

RHCSA RHCE Practice exams

Saturday, April 21, 2012

vmnetcfg in VMware Player running in Fedora 16

where is vmnetcfg in VMware Player running in Fedora 16?

It is found under:


Thursday, April 12, 2012

Accelerated NCDA Boot Camp Data ONTAP 8.0 7-Mode - (ANCDA-D87M)

I will be sitting for Netapp Accelerated NCDA bootcamp Ontap 8.0.7-Mode next week. It will be delivered by Fastlane Singapore, one of the authorized Netapp learning Centers. Hopefully this vendor training will help me to fastrack since my company deploys Netapp storage solutions to our clients.

Will post some reviews next week (if again i have the time :) )

Monday, April 9, 2012

Netapp Snapmirroring

From the destination:(most of the commands done on the destination filer)


snapmirror initialize -S <source-qtree> <destination-qtree>
filer2> snapmirror initialize -S filer1:/vol/vol2/qtree-name filer2:/vol/vol0/qtree-name

Snapmirror status

> snapmirror status

Pause Snapmirror

>snapmirror quiesce <qtree>
filer2> snapmirror quiesce /vol/vol0/qtree-name

Resume Snapmirror

>snapmirror resume <destination-path>
filer2> snapmirror resume /vol/vol0/qtree-name

To break Snapmirror (for destination to be rw)

filer2> snapmirror quiesce /vol/vol0/qtree-name
filer2> snapmirror break /vol/vol0/qtree-name

Check qtree status

>qtree status


filer2> snapmirror resync -S filer1:/vol/vol2/qtree-name filer2:/vol/vol0/qtree-name

Thursday, March 22, 2012

Unable to set size of tmpfs in /etc/fstab RHEL6.2

Resized tmpfs space in /etc/fstab to 4g
tmpfs /dev/shm tmpfs size=4096m 0 0

After reboot, size still on 2G
[root@OEL1 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
16G 3.8G 11G 27% /
tmpfs 2.0G 0 2.0G 0% /dev/shm
/dev/sda1 485M 51M 409M 12% /boot

Looks like a bug on RHEL6

[root@OEL1 ~]# mount -o remount /dev/shm
[root@OEL1 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
16G 3.8G 11G 27% /
tmpfs 4.0G 0 4.0G 0% /dev/shm
/dev/sda1 485M 51M 409M 12% /boot
[root@OEL1 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.2 (Santiago)

Tuesday, February 28, 2012

Sydney here i come

Will be in Sydney next week for my company induction and training for two weeks. There's a lot of things to learn. One thing that i like with my current employer is that they use Open Source technologies. Not unlike in the Financial industry that almost is proprietary.
Hopefully everything will fall into places.

Sunday, February 5, 2012

Corrupted Virtual Machine snapshot in KVM

Got this error when booting up my Virtual Machine in KVM
error restoring domain unable to read from monitor

To fix and remove the corrupted suspended session:
virsh managedsave-remove domain-name

then restart your VM



Saturday, January 21, 2012

Current home workstation

Fedora 16 Gnome3 gnome-extensions with cairo-dock OpenGL enabled

Thursday, January 19, 2012

kung hei fat choi

CNY at the office. kung hei fat choi!!!