If you use cron to schedule jobs on a server that might be scheduled for shutdown and startup e.g. AWS or Cloud VPS server then anacron may be a better fit. In addition anacron would be better suited to a laptop/desktop computer.
From the man page:
Anacron can be used to execute commands periodically, with a frequency specified in days. Unlike cron(8), it does not assume that the machine is running continuously. Hence, it can be used on machines that aren’t running 24 hours a day, to control daily, weekly, and monthly jobs that are usually controlled by cron. When executed, Anacron reads a list of jobs from a configuration file, normally /etc/anacrontab (see anacrontab(5)). This file contains the list of jobs that Anacron controls. Each job entry specifies a period in days, a delay in minutes, a unique job identifier, and a shell command.
For example I use anacron to schedule an image of the disk with “Image for Linux” by TeraByte Unlimited http://www.terabyteunlimited.com/image-for-linux.htm – if the computer is not on or hasn’t ran for sometime anacron will take care of it.
I want to run an image job every 7 days and if my computer is not on during the 7th day, anacron will kick it off 20 minutes after the computer/server has started.
7 20 /etc/iflbu.sh
For Cron or crontab see https://ausinfotech.net/blog/linux-cron-jobs/
Man page for anacron: http://manpages.ubuntu.com/manpages/trusty/man8/anacron.8.html
Google Chrome browser has inbuilt caching server to improve performance. You can quickly clean out or flush out DNS entries manually on Google Chrome:
Open a new tab.
Type the url in the search box: chrome://net-internals/#dns
Hit the “Clear host cache” button.
Flush out socket pools
Open a new tab and type the following in search box:
You can password protect a file using VIM – it’s built right in. To do this either edit a current file or create a new file e.g. testdata.txt and press :X
Enter a password and confirm it, now save the file with a :w and finally quit the file. When you reopen the file you will need to enter the password in order to view the contents.
If the password is entered incorrectly, you can’t read the contents:
You can also create a file with encryption turned on by including the -x switch e.g.
vim -x test2.txt
man vim for more details.
Anchore provides you with insight and control over the contents of your containers from the start of development all the way to production. Anchore delivers container security solutions for developers, operations, and security teams to deliver insight and control over the contents, security and compliance of containers from the start of development all the way to production. By allowing the creation of policies for security and compliance that are evaluated by Anchore at each stage of the build pipeline, Anchore ensures that only images containers that adhere to an organisation’s policies are deployed.
What’s Inside Your Container Images?
With Docker and containers it’s never been easier to deploy and run any application. Developers now have access to thousands of applications ready to run right “off the shelf” and the ability to quickly build and publish their own images.
In addition to the application, the container image may contain hundreds of packages and thousands of files including binaries, shared libraries, configuration files, and 3rd party modules. Any one of these components may contain a security vulnerability, an outdated software module, a misconfigured configuration file or simply fail to comply with your operational or security best practices.
For more details and to download/install:
Whenever a user (whether sssd-ad authenticated user, or local user, or root) uses sudo, it works. But it also sends the administrator a useless email. This problem is caused by sudo looking for directives in a place it cannot find them: sss.
Check the /etc/nsswitch.conf file and modify the sudoers entry.
sudoers: files sss
The sss should not be there. The sssd-ad package adds itself there, but very few environments store sudoers directives in sss. It’s far more likely your directives are local, so you should have a /etc/nsswitch file entry like the following:
Thanks to this post for pointing the above out:
After running Windows Server 2016 recently with a DC, I’ve started using Powershell to perform AD functions. Here are a few basics.
New-ADUser cmdlet to create a new user:
New-ADUser -Name John.Smith
The above would only create the username, create a new user with more associations:
New-ADUser -Name John Smith -GivenName John -Surname Smith -Path "OU=Staff,DC=Company,DC=Com"
Add the password for above account:
$password = "Strong Password" | ConvertTo-SecureString -AsPlainText -Force
New-ADUser -Name John.Smith -GivenName John -Surname Smith -Path "OU=Staff,DC=Company,DC=Com"
Bulk Import Users with New-ADUser:
$Import =Import-CSV "c:\utils\aduserimport.csv"
$OU = "OU=staff,DC=ausinfotech,DC=local"
Foreach ($user in $Import)
$password = $user.Password | ConvertTo-SecureString -AsPlainText -Force
New-ADUser -Name $user.Name -GivenName $user.FirstName -Surname $user.LastName -Path $OU -AccountPassword $Password -ChangePasswordAtLogon $True -Enabled $True
The above script imports the CSV file, sets the standard OU and calls each data record (line of your CSV), writes the password and creates the user account. We are using a “Foreach”-loop, which loads each user record with its parameters from the CSV file.
See here for more info:
Rclone is a command line program to sync files and directories to and from:
- Google Drive
- Amazon S3
- Openstack Swift / Rackspace cloud files / Memset Memstore
- Google Cloud Storage
- Amazon Drive
- Microsoft OneDrive
- Backblaze B2
- Yandex Disk
- The local filesystem
- MD5/SHA1 hashes checked at all times for file integrity
- Timestamps preserved on files
- Partial syncs supported on a whole file basis
- Copy mode to just copy new/changed files
- Sync (one way) mode to make a directory identical
- Check mode to check for file hash equality
- Can sync to and from network, eg two different cloud accounts
- Optional encryption (Crypt)
- Optional FUSE mount (rclone mount)
More info at https://rclone.org/
Cmder http://cmder.net/ is a software package created out of pure frustration over the absence of nice console emulators on Windows. It is based on amazing software, and spiced up with the Monokai color scheme and a custom prompt layout, looking sexy from the start.
Highly recommend installing the full version as it provides all the Linux utils including ls for a dir in Windows!
Package any app for every Linux desktop, server, cloud or device, and deliver updates directly. Snap packages are a great way of running apps in an isolated state without using VMs or Containerisation. The website http://snapcraft.io has more details and examples such as this to get going:
A snap is a fancy zip file containing an application together with its dependencies, and a description of how it should safely be run on your system, especially the different ways it should talk to other software. Most importantly snaps are designed to be secure, sandboxed, containerised applications isolated from the underlying system and from other applications. Snaps allow the safe installation of apps from any vendor on mission critical devices and desktops.
Try this (you may need to install snapd)
$ sudo snap install hello-world
Now you have installed a snap. You can take a look inside the snap very easily, it shows up as a new directory on your system:
$ cd /snap/hello-world/current/
├── bin ← this directory structure is just for convenience
│ ├── echo there is no hardcoded structure requirement other
│ ├── env than meta/snap.yaml
│ ├── evil
│ ├── sh
│ ├── showdev
│ └── usehw
└── meta ← your snap must have this directory
├── icon.png ← no prizes for guessing what this is
└── snap.yaml ← this is the required metadata
I want to reduce my Amazon EC2 usage by stopping and starting instances at predefined times or utilization thresholds. Can I configure AWS Lambda and AWS CloudWatch to help me do that automatically?
You can use a CloudWatch Event to trigger a Lambda function to start and stop your EC2 instances at scheduled intervals.
See AWS Web Page for more: https://aws.amazon.com/premiumsupport/knowledge-center/start-stop-lambda-cloudwatch/