Tag Archives: bash

Mac OS X Mac Security

Unix Signals

When you run a kill command to stop a process from bash or the javax.realtime.POSIXSignalHandler class, you’re sending what’s known as a POSIX signal to the process. These signals can be called via their numeric representations or the signal (e.g. with the -s option of the kill command). Signals include the following:

  • 1: SIGHUP – Close the controlling terminal when the controlling process dies
  • 2: SIGINT – Send a keyboard interrupt
  • 3: SIGQUIT – Quit from a keyboard/terminal
  • 4: SIGILL – Terminate illegal instruction with a core dump and don’t restart
  • 5: SIGTRAP – Send a trace/break trap (with core dump)
  • 6: SIGABRT – Process an abort signal
  • 7: SIGEMT – Send the signal when emulator traps happen
  • 8:SIGFPE – Terminate floating point errors (erroneous arithmetic operations) with a core dump
  • 9: SIGKILL – Kill a signal outright (kill cannot be ignored)
  • 10: SIGBUS – Terminate access (some portion of a memory object) with a core dump
  • 11: SIGSEGV – Terminate with a core dump – Invalid memory reference
  • 12: SIGSYS – Bad system call
  • 13: SIGPIPE – Terminate and write on the pipe
  • 14: SIGALRM – Timed kill of a signal
  • 15: SIGTERM – Software termination of a signal
  • 16: SIGUSR1 – User defined signal 1, with SIGUSR2 as user defined signal 2
  • 17: SIGTERM – Software termination of a signal
  • 18: SIGCHLD – Child status change
  • 19: SIGPWR – Send the signal when the system encounters a power failure
  • 20: SIGWINCH – Send the signal to a process when the window changes
  • 21: SIGURG – Ignore signal, high bandwidth data
  • 22: SIGIO – Terminate pollable event
  • 23: SIGSTOP – Stop executing (cannot be ignored or caught by an exception)
  • 24: SIGTSTP – Terminate a stop signal.
  • 25: SIGCONT – If stopped, continue executing a process
  • 26: SIGTTIN – Background process is attempting to read
  • 27: SIGTTOU – Background process is attempting to write
  • 28: SIGVTALTM – Expired virtual timer
  • 29: SIGPROF – Terminate Profiling timer
  • 30: SIGXCPU – Past the CPU time limit, terminate with a core dump
  • 31: SIGXFSZ – Past the file size limit, terminate with a core dump
  • 32: SIGWAITING – Suspend execution of the process until a defined signal is sent
  • 33: SIGLWP – Send when the implementing threading requires a signal
  • 34: SIGFREEZE – Deprecated
  • 35: SIGTHAW – Deprecated
  • 36: SIGCANCEL – Deprecated
  • 37: SIGLOST – Send the signal when encountering a lost file lock

To put these in practice, let’s use the kill command from bash, with the -s option followed by SIGTERM and then the pid number:

sudo kill -s SIGTERM 20341

Ubuntu

Linux Bash Commands

Popped in a list of Linux bash commands here: http://krypted.com/commands/linux-bash-commands/

iPhone Mac OS X Mac OS X Server Mac Security Mass Deployment

The 12 Days Of Krypted

Merry Christmas ya’ll!

On the first day of Christmas my true love gave to me one 32 gig iPad

On the second day of Christmas my true love gave to me two bash one-liners

On the third day of Christmas my true love gave to me three Red Hat servers

On the fourth day of Christmas my true love gave to me four email blasts

On the fifth day of Christmas my true love gave to me five retweets

On the sixth day of Christmas my true love gave to me six regular expressions

On the seventh day of Christmas my true love gave to me seven lines of perl

On the eighth day of Christmas my true love gave to me eight app store apps

On the ninth day of Christmas my true love gave to me nine AWS instances

On the tenth day of Christmas my true love gave to me ten Active Directory forests

On the eleventh day of Christmas my true love gave to me 11 crappy python scripts

On the twelfth day of Christmas my true love gave to me 12 craft brews

xmas-ornament-computer-ram

Mac OS X Mac OS X Server Mac Security Mass Deployment Network Infrastructure

Simple Preflight and Sanity Checking in Scripts

I was recently building some preflight scripts and was looking to record some information about a machine live, before proceeding with a script. I found the cheapest way to determine information about architectures and chipsets when scripting preflight scripts for OS X to be the arch and machine commands respectively. For example, to verify the architecture is i386, use the arch command with no options:

/usr/bin/arch

Which simply outputs “i386”:

i386

To check the machine type, simply use the machine command:

/usr/bin/machine

Which outputs as follows:

x86_64h

Mac OS X Mac OS X Server

Scripted Country Geolocations Using OS X’s Built-In ip2cc

Recently I was working on a project where we were isolating IP addresses by country. In the process, I found an easy little tool built right into OS X called ip2cc. Using ip2cc, you can lookup what country an IP is in. To do so, simply run ip2cc followed by a name or ip address. For example, to lookup apple.com you might run:

ip2cc apple.com

Or to lookup Much Music, you might run:

ip2cc muchmusic.ca

The output would be:

IP::Country modules (v2.28)
Copyright (c) 2002-13 Nigel Wetters Gourlay
Database updated Wed May 15 15:29:48 2013

Name: muchmusic.com
Address: 199.85.71.88
Country: CA (Canada)

You can just get the country line:

ip2cc apple.com | grep Country:

To just get the country code:

ip2cc apple.com | grep Country: | awk '{ print $2 }'

Finally, ip2cc is located at /usr/bin/ip2cc so we’ll complicate things just a tad by replacing the hostname with the current IP (note that private IPs can’t be looked up, so this would only work if you’re rocking on a wan ip or feeding it what a curl from a service like whatismyip brings back):

ip2cc `ipconfig getifaddr en0` | grep Country: | awk '{ print $2 }'

Mac OS X Mac OS X Server Mac Security Mass Deployment Ubuntu Unix VMware Xsan

5 Ways To Manage Background Jobs In A Shell Environment

When running commands that are going to take awhile, I frequently start them with the nohup command, disown the command from the current session or queue them for later execution. The reason is that if I’m running them from a Terminal or SSH session and the session is broken I want to make sure they complete. To schedule a job for later execution, use at. For example, if I want to perform a simple command, I can schedule it in a minute by running it as an echo piped to at:

echo "goldengirlsfix.sh" | at now + 2 minutes

Note, if using 1 minute, you’ll need that to be singular. But you can also disown the job. To do so, end a command with an & symbol. So, running a command or script that will take awhile with an ampersand at the end displays the job number for the command and then you can disown it by running disown followed by -h at the end. for example:

du -d 0 &
disown -h

If you choose not to disown the job, you can check running jobs using the jobs command at any time:

jobs

Nohup runs a command or script in the background even after a shell has been stopped:

nohup cvfsck -nv goldengirls &

The above command runs the command between nohup and the & symbol in the background. By default, you’ll then have the output to the command run in the nohup.out file in your home directory. So if your username were krypted, you could tail the output using the following command:

tail -f /Users/krypted/nohup.out

You can also use screen and then reconnect to that screen. For example, use screen with a -t to create a new screen:

screen -t sanconfigchange

Then run a command:

xsanctl sanConfigChanged

Then later, reconnect to your screen:

screen -x

And you can control-n or control-a to scroll through running background processes this way, provided each is in its own screen.

Finally, in AIX you can actually use the bg command. I used to really like this as I could basically move an existing job into the background if I’d already invoked it from a screen/session. For example, you have pid 88909 running and you want to put it into the background. You can just run bg 88909 and throw it into the background, allowing you to close a tty. But then if you’d like to look at it later, you can always pop it back using, you guessed it, fg. This only worked in AIX really, but is a great process management tool.

cloud Network Infrastructure SQL Ubuntu Unix VMware Windows Server

Scripting Azure On A Mac

Microsoft Azure is Microsoft’s cloud services. Azure can host virtual machines and act as a location to store files. However, Azure can do much more as well, providing an Active Directory instance, provide SQL database access, work with hosted Visual Studio, host web sites or provide BizTalk services. All of these can be managed at https://manage.windowsazure.com.

windows_azure_logo6

You can also manage Windows Azure from the command line on Linux, Windows or Mac. To download command line tools, visit http://www.windowsazure.com/en-us/downloads/#cmd-line-tools. Once downloaded, run the package installer.

Screen Shot 2013-11-29 at 10.51.01 PMWhen the package is finished installing, visit /usr/local/bin where you’ll find the azure binary. Once installed, you’ll need to configure your account from the windowsazure.com site to work with your computer. To do so, log into the windowsazure.com portal.

Screen Shot 2013-12-01 at 8.25.57 PM

Once logged in, open Terminal and then use the azure command along with the account option and the download verb:

azure account download

This account downloads the .publishsettings file for the account you’re logged in as in your browser. Once downloaded, run azure with the account option and the import verb, dragging the path to your .publishsettings file from https://manage.windowsazure.com/publishsettings/index?client=xplat:

azure account import /Users/krypted/Downloads/WindowsAzure-credentials.publishsettings

The account import then completes and your user is imported into azure. Once imported, run azure with the account option and then storage list:

azure account storage list

You might not have any storage configured yet, but at this point you should see the following to indicate that the account is working:

info: No storage accounts defined
info: account storage list command OK

You can also run the azure command by itself to see some neat ascii-art (although the azure logo doesn’t really come through in this spiffy cut and paste job):

info: _ _____ _ ___ ___________________
info:        /_\  |__ / | | | _ \ __|
info: _ ___ / _ \__/ /| |_| |   / _|___ _ _
info: (___ /_/ \_\/___|\___/|_|_\___| _____)
info: (_______ _ _) _ ______ _)_ _
info: (______________ _ ) (___ _ _)
info:
info: Windows Azure: Microsoft's Cloud Platform
info:
info: Tool version 0.7.4
help:
help: Display help for a given command
help: help [options] [command]
help:
help: Open the portal in a browser
help: portal [options]
help:
help: Commands:
help: account to manage your account information and publish settings
help: config Commands to manage your local settings
help: hdinsight Commands to manage your HDInsight accounts
help: mobile Commands to manage your Mobile Services
help: network Commands to manage your Networks
help: sb Commands to manage your Service Bus configuration
help: service Commands to manage your Cloud Services
help: site Commands to manage your Web Sites
help: sql Commands to manage your SQL Server accounts
help: storage Commands to manage your Storage objects
help: vm Commands to manage your Virtual Machines
help:
help: Options:
help: -h, --help output usage information
help: -v, --version output the application version

Provided the account is working, you can then use the account, config, hdinsight, mobile, network, sb, service, site, sql, storage or vm options. Each of these can be invoked along with a -h option to show a help page. For example, to see a help page for service:

azure service -h

You can spin up resources including sites, storage containers and even virtual machines (although you might need to create templates for VMs first). As an example, let’s create a new site using the git template:

azure site create --git

Overall, there are a lot of options available in the azure command line interface. The web interface is very simple, with options in the command line interface mirroring the options in the web interface. Running and therefore scripting around these commands is straight forward. I wrote up some Amazon stuff previously at http://krypted.com/commands/amazon-s3cmd-commands, but the azure controls are really full featured and I’m really becoming a huge fan of the service itself the more I use it (which likely means I’ll post more articles on it soon).

Mac OS X

Units

Go figure, there’s a command that can convert some units to other units. The units command is able to take a number of one type of units and then convert them to another. For example, to convert a mile to feet:

units "1 mile" feet

Or to convert 2 hours to seconds:

units "2 hours" seconds

For a full listing of the formats supported, check out /usr/share/misc/units.lib.

Mac OS X Mac OS X Server Mac Security Ubuntu Unix

Leveraging The Useful Yet Revisionist Bash History

Not, this article is not about 1984. Nor do I believe there is anything but a revisionist history. Instead, this article is about the history command in OS X (and *nix). The history command is a funny beast. Viewing the manual page for history in OS X nets you a whole lotta’ nothin’ because it’s just going to show you the standard BSD General Commands Manual. But there’s a lot more there than most people use. Let’s take the simplest invocation of the history command. Simply run the command with no options and you’ll get a list of your previously run bash commands:

history

This would output something that looks like the following:

1  pwd
2 ls
3 cd ~/Desktop
4 cat asciipr0n

Now, you can clear all of this out in one of a few different ways. The first is to delete the .bash_history (or the history file of whatever shell you like). This would leave you with an interesting line in the resultant history:

l rm ~/.bash_history

Probably not what you were after. Another option would be to nuke the whole history file (as I did on a host accidentally with a misconstrued variable expansion, trying to write a history into a script):

history -c

A less nuke and pave method here, would be to selectively rewrite history, by choosing a line that you’d like to remove using the -d option:

history -d 4

Three are other options for history as well, mostly dealing with substitutions, but I am clearly not the person to be writing about these given that I just took ’em the wrong direction. They are -anrwps for future reference.

Finally, since you likely want a clean screen, do clear to get a nice clean screen:

clear

Now that we’re finished discussing altering your history, let’s look at using it to make your life faster. One of my most commonly tools at the command line is to use !$. !$ in any command expands to be the last position of your last run command. Take as an example you want to check the permissions of a file on the desktop:

ls -al ~/Desktop/asciipr0n

Now let’s say you want to change the permissions of that object, just use !$ since the last command had it as that only positional parameter and viola:

chmod 700 !$

Where does this come from? Well, any time you use a ! in a command, you are doing a history substitution, or expanding that variable into some kind of event designator, which is the part in your history you’re calling up. The $ is designated as first position (which yes, is a move my daughter did at her last dance recital). !# is another of these, which calls up the whole line typed so far. For example, let’s say you have a file called cat. Well, if you run cat and then use !# (provided you’re in the working directory of said file) you’d show the contents on the screen:

cat !#

Now, view your history after running a couple of these and you’ll notice that the event designators aren’t displayed in your history. Instead, they were expanded at runtime and are therefore displayed as the expanded expression. Let’s do something a tad more complicated. Let’s echo out the contents of your line 4 command from the beginning of this article:

echo `!4`

Now, if your line 4 were the same as my line 4 you’d certainly be disappointed. You see, you lost the formatting, so it’s probably not gonna’ look that pretty. If you were on line 11 and you wanted to do that same thing, you could just run !-7 and you’d go 7 lines back:

echo `!-7`

But the output would still be all jacked. Now, let’s say you ran a command and realized that jeez you forgot to sudo first. Well, !! is here for ya’. Simply run sudo !! and it will expand your last command right after the sudo:

sudo !!

The ! designator also allows you to grab the most recent command that starts with a set of letters. for example, let’s say I wanted to output the contents of my earlier echo command, and I wanted to show just the second position there:

cat !ech:2

That’s actually not gonna’ look pretty either. But that’s aside from the point. There are other designators and even modifiers to the designators as well, which allow for substitution. But again, I’m gonna’ have to go back and review my skills with those as I wouldn’t want to have you accidentally nuking your history because you expanded -c into some expression and didn’t realize that some of these will actually leave the history command as your last run command… :-/

Mac OS X Mac OS X Server Mac Security Mass Deployment

A Well Caffeinated Command Line

One of the big things in OS X Mountain Lion is how the system handles sleeping and sleeping events. For example, Power Nap means that now, Push Notifications still work when the lid is shut provided that the system is connected to a power source. This ties into Notification Center, how the system displays those Push Notifications to users. Sure, there’s tons of fun stuff for Accessibility, Calendar, contacts, Preview, Messages, Gatekeeper, etc. But a substantial underpinning that changed is how sleep is managed.

And the handling of sleep extends to the command line. This manifests itself in a very easy to use command line utility called caffeinate. Ironically, caffeinate is similar to the sleep command, except it will keep the GUI awake in the event that Mountain Lion wants to take a nap (I’m not saying it should not be used as a replacement for sleep btw).

To just get an idea of what it does, run the caffeinate command, followed by a -t operator and then let’s say the number 2:

caffeinate -t 2

The system can’t go to sleep automatically now, for two seconds. The command will sit idle for those two seconds and then return you to a prompt. Now, extend that to about 10000:

caffeinate -t 10000

While the command runs, manually put the system to sleep. Note that the system will go to sleep manually but not automatically. Now, there are different ways that a Mac can go to sleep. Use the -d option to prevent the display from sleeping or -i to prevent the system from going into an idle sleep. The -s is similar to -i but only impactful when the AC power is connected while the -u option deals with user inactivity.

Overall, a fun little command. It’s just another little tool in an ever-growing arsenal of options.