Be Skilled & Ready with Packt’s revamped learning library – over 3,000 titles for a whole year now just $100!

With new features and our latest books and videos just for you, there’s no reason to stay behind when it comes to IT

This week, Packt Publishing has reduced the price of its PacktLib subscription service as it rolled out dozens of new features and improvements to give you the best experience possible to stay on top of the curve and get the skills you need when you need them.

Read on...

There once was a time when I did the following inside my home directory:

$ wget "some-url" -O "output-file.mp4"

I clearly remember copying the output file name from a web page. Unfortunately, the copied text has a new line at the beginning of it and I didn’t notice that. That’s because the newline or carriage return characters are control characters and have no visual representation. Anyway, when I listed files inside my home directory I noticed a strange file name on my list:

$ ls

Read on...

A Linux kernel panic on tram 7B at its hometown, Helsinki (Click to enlarge)

Undeniably, flaming has been around since the dawn of the Internet age. And even worse, it has been on the rise ever since. Gazillions of flame wars on websites such as Slashdot or Reddit surely is enough proof, the greatest of which is the perennial debates between users of competing operating systems.

No doubt I’m a FLOSS enthusiast and advocate who considers free/libre/azad software superior to the proprietary ones, by all means possible. But like all software, the FLOSS ones have some shortcomings, too. So, the point is no one-hundred percent reliable software exists on this planet which means open source software may also suffer from bugs or security flaws as proprietary software do.

Today is Linux kernel birthday and many FLOSS enthusiast and advocates around the globe are going to celebrate it. I’m a diehard FreeBSD fan, but it won’t stop me from celebrating Linux birthday. In fact, I still use GNU/Linux for building native C/C++ libraries using Android NDK on a Slackware machine. In addition to that, I used to be a heavy Funtoo / Gentoo user. The thing is, I appreciate the tools I use, no matter what. So, I’m going to celebrate Linux birthday by telling you a story. A story that made an unforgettable trip even more memorable. Here’s the story of a GNU/Linux system in production which crashed in its hometown, Helsinki, Finland.

Read on...

A week ago was System Administrator Appreciation Day. It is celebrated on the last Friday in July and it has been celebrated since July 28, 2000. But, system administrators know not all days are like that day. They face many hard times and struggles during their careers and the worse of them all is either a security breech or data loss.

For so many years I’ve been writing and maintaining backup scripts on and on, for every single database I added, for every single directory with critical data, or any other service I was running on every new server I got my hands on. In the end, I found myself ended up in a pile of backup scripts and multitudinous cron entries which was a nightmare to keep track of. I even had to manage the schedule so that two backup scripts do not run at the same time. Even more, I had to manually track the backups to see whether they were successful or not. Also, someone has to manually delete the old ones to make rooms for the next ones.

Therefore, I came up with an elegant solution to replace the old process which I found exceptionally error-prone. An end to all my hardships which I call OmniBackup. At last, I’m able to confidently keep abreast of all the ever-growing data that I have to keep safe.

“So, what exactly is OmniBackup?” you may ask. “A fair question,” I would say. OmniBackup is a MIT licensed Bash script which delivers the following set of features:

  • Configuration and customization of backup mechanism through JSON
  • Support for OpenLDAP backups
  • Support for PostgreSQL backups as a whole or per database
  • Support for MariaDB and MySQL backups as a whole or per database
  • Support for filesystem backups with optional ability to follow symbolic links
  • Support for pluggable customized scripts to extend OmniBackup functionality beyond its original design which allows support for many different backup scenarios that has not been built into OmniBackup, yet
  • Backup file name tagging which allows including date or host name in the archive name
  • Online backup without a prerequisite to suspend any service
  • Support for customized backup tasks priority order
  • Support for multiple backup servers
  • Ability to always keep a copy of backups offline
  • Ability to keep a copy of backups offline if no backup server is available, or in case of an error such as a file transfer error
  • Secure file transfer through SSH / SCP protocol
  • LZMA2, gzip and bzip2 compression algorithms along with different compression levels to maintain a balance between speed and file size
  • Ability to preserve permissions inside backup files
  • Support for symmetric cryptography algorithms AES-128, AES-192 and AES-256 (a.k.a Rijndael or Advanced Encryption Standard)
  • Random passphrase generation for encrypted backups with variable length and patterns or a unique passphrase for all backups
  • Support for RSA signatures to verify the backup origin and integrity
  • Passphrase encryption using RSA public keys for individual backup servers
  • Backup integrity verification by offering hash algorithm such as MD4, MD5, MDC-2, RIPEMD160, SHA, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512 and WHIRLPOOL
  • Optional Base64 encoding
  • System logs and a standalone log file including all details
  • Reporting through email to a list of recipients with ability to include passphrases
  • Customized mail subject for successful and failed backup operations
  • Customized support message for reports
  • Crontab integration
  • Custom temporary / working directory
  • Automatic and smart clean-up ability
  • One instance only policy which avoids running multiple instances by mistake at the same time, therefore avoids system slow-down
  • An example configuration file in JSON format to get you up and running

There is also a list of planned features and TODOs which did not make it into 0.1.0 release:

  • Restore script
  • GnuPG integration
  • SFTP and FTP support
  • Refactoring and code clean-up
  • Any potential bug fixes

Disclaimer: Please be wary of the fact that this script has approximately 3.5 K lines of Bash code and devoured hell of a time from me to write and debug. You should also consider that this is my first heavy Bash experiment and I may not write quality code in the language since I’m a newcomer to Bash. I do not claim that OmniBackup is production ready, that’s why I did version the first release at 0.1.0. Also keep in mind that OmniBackup heavily relies on 3rd-party software which increases the chance for fatal bugs, therefore losing data. So, I provide OmniBackup without any warranties, guarantees or conditions, of any kind and I accept no liability or responsibility for any misuse or damage. Please use it at your own risk and remember you are solely responsible for any resulting damage or data loss.

Credits: Many thanks go to my fellow and long-time friend, Morteza Sabetraftar for his help and ideas without whom OmniBackup lacked features or quality. Another kudos goes to my brother Amir by releasing me from shopping, cooking and house-cleaning without even mentioning it, an invaluable and priceless assistance that encouraged me even more to use my best endeavours to get this task done.

Please, feel free to clone and modify it as you wish. Pull requests for new features, improvements or bug fixes are also very welcome.

The rest of this post serves as a comprehensive guide on how to setup OmniBackup in order to backup and restore all your critical data in a production environment.

Read on...

There is an old saying that the only safe computer is one that’s disconnected from the network, turned off, and locked in an underground bunker—and even then you can’t be sure!

Since most of us can’t afford to keep our servers in an underground bunker, the least little thing that could have been done in order to keep their threat exposure at rock-bottom is protecting them by running a combination of a firewall and an intrusion prevention system or IPS (a.k.a intrusion detection and prevention systems or IDPS). Surely, that alone proved insufficient and other security measures and best practices should also be considered.

This blog post covers setting up a basic secure and stateful IPFW firewall on FreeBSD along with Sshguard by iXsystems Inc as intrusion prevention system.

Read on...

What does your industry look like?

I can only say wow! Packt Publishing has just released their comprehensive IT industry salary reports, with data from over 20,000 developers around the globe.

If you really want to identify or get an idea of the upcoming trends over the next few years, you should consider this comprehensive analysis in order to get the most out of your career and skills. This report covers four segments of IT industry including Web Development & Design, Application Development, Security & System Administration, and Data Science & Business Intelligence, making this one of the most comprehensive surveys in recent years.

Read on...

Modern web development is filled with an abundance of tools and technologies, but it’s difficult to know where to begin. You want both efficiency of your work and high performance of your site; Gulp brings that right to your doorstep. With its rising popularity, you don’t want to leave Gulp out of your toolbox.

Read on...

Until not so long ago, to add my own cron jobs I always had the habit of modifying /etc/crontab on my FreeBSD system which turned out to be wrong. In simple words, there are two types of crontab files:

  • System crontab which should not be altered due to the troubles it cause during FreeBSD upgrades
  • User crontab which has one less column than the system crontab file

Read on...