Monday, March 31, 2008

Dump Unix File Mode and Ownership

I found several situations where I needed to recursively record file ownerships and permissions for the sake of documentation or to restore them later. I didn’t bother making something to do it until I had a project that required it.



This might not be the smartest way to go about this. I recognize that this functionality exists in rsync but you might not want to copy the files or you might want to recover this information later rather than on a remote system.



Dump



The following find command will recurse on /path and dump the uid, gid, mode, and path for each file into /path/to/dump. Be aware that if your dump file is within /path it is likely to appear in the list.




find /path -exec stat --format '%u %g %a %n' {} \; >> /path/to/dump


Restore



The following short perl script will read one or more dump files from standard input or as command line arguments and apply set the owner, group, and mode for each file therein. For this work it must be run as root or via sudo.




#!/usr/bin/perl
# Read a mode/owner dump from standard input or as command line arguments

use strict;

while (my $input = <>) {
chomp $input;
my ($uid,$gid,$mode,$path) = split(/\s+/,$input);
print "$path: $uid:$gid $mode\n";
chmod oct($mode), $path;
chown $uid, $gid, $path;
}

Sunday, March 30, 2008

Trigger a Command On a Log Event

I was trying to track down the cause of some iptables log messages. I wanted a packet dump while the problem was occurring but the symptom appears sporadically with 15 minute or so gaps. There’s a lot of traffic flowing through the system in question so if I leave tcpdump running I’ll too much traffic to sort through. What I needed was a means of starting tcpdump when the log messages appear. Luckily for me the messages appear over 10-20 seconds and I was pretty sure I could miss a couple as long as I grabbed some of them I’d get some insight.



I realized I could just have tail follow the logs and stop when a line appeared so tcpdump could run. I had to run tcpdump as sudo and my sudo token my expire before tcpdump was started so I wrote a script to run as sudo:




#!/bin/bash

tail -n0 -f /var/log/syslog|grep -l WINDOW

tcpdump -nvv -s0 -c 1000 -w /tmp/blarg.pcap -p host 10.2.3.4 and not proto ether \\arp


The -n0 option to tail has it reading 0 lines of the log file. I had the log entries in the log from earlier and I didn’t want grep to match on those. I gave tcpdump -s0 so it would capture whole packets and -c 1000 to only capture 1000 packets.

Thursday, March 20, 2008

VA Car Stacking

Parking at the San Diego VA Hospital is a nightmare for outpatients and visitors. To help with this they instituted free valet parking so they can stack cars three or four deep. When I went to the VA Hospital a few weeks ago to get treated for the same illness that was sweeping across the country I found something disconcerting.



To combat the parking issues they’ve started using the entire visitor parking area as mixed valet and self-parking so they have more space to stack cars in. As I parked I was directed which spot to park in which was unexpected but convenient. I’m guessing that with self parking they go three deep and make sure that a valet car is blocking at least one side so they can move it to let a self-parked car out.



As I’m making my way out of the parking lot I overhear an interesting exchange between a valet and a woman who seemed familiar with him. The woman inquired as to when the VA started doing this to which the valet responded, “The first.” The rest of the exchange went something like this:



“So what’s the flaw, having to run back and forth for the keys?” the woman inquired.



The valet responded making an effort to lower his voice, “No, the flaw is that the keys are on the front tire.”



I’ve developed sufficient self-control to keep walking nonchalantly, rather than going slack jawed, when I hear something like this. The situation must be pretty desperate to do something this stupid. There actually are people who look around for stuff like this. There actually are people who notice stuff like this without trying. There actually are people who overhear valets explaining this. We can’t all have solid morals. Even moral people might notice a set of misplaced car keys (or 50 of them) and take them to the security window. If anyone reads and happens to be near the San Diego VA Hospital, maybe you should turn in some found car keys. I’d do it but I’m just the idea guy (and I’m a chickenshit).



I’ve never thought that the convenience of having someone park your car was worth paying for. I’ve never used the free valet at the VA just because of the vague dislike of the idea of handing over my keys to a stranger. Now I have a very real concern about handing my keys over: they might not go into a monitored location. I’ve known that a valet might damage or steal my car but at least they’re accountable for that. I hadn’t previously considered the possibility that they might make it very easy for someone else to steal it.