Another thing about the Linux shell I keep forgetting is reading input from file one line after another…

Another post to help my memory: Reading a file line by line and doing something with each line. This link has some great examples – Here’s my favorite because so simple one. It’s easy to craft it into one line of code, too. Takes your file to be processed as first parameter (“$1”).

Linux/UNIX: Bash Read a File Line By Line – nixCraft

How to Read a File Line By Line in Bash Here is more human readable syntax for you:

#!/bin/bash
input=”$1″
while IFS= read -r line
do
    echo “$line”
done < “$input”

For my memory: Grep all lines without comments

This little script (I call it “strip”) takes “file” as first parameter. It will move file to backup, grep all lines that are no comments and paste them into original file. Makes squid.conf et al so much easier to handle, and you still have all the comments in the backup file

#! /bin/bash
mv $1 $1.bak
grep “^[^#;]” $1.bak > $1

I tested this on my raspi, with a pretty 

root@raspi:~# cat configtest.conf.bak
blabla
#comment
blabla
;comment
root@raspi:~# bash ./strip configtest.conf
root@raspi:~# ls
configtest.conf  configtest.conf.bak  strip
root@raspi:~# cat configtest.conf
blabla
blabla
root@raspi:~# 

Awesome: Christine Prayon alias Birte Schneider (Heute Show) wettert gegen Limux-Ausstieg

 “Für die Zukunft” | Telepolis … : 

Mein Sohn hat mir das erklärt. Der ist fünf. Der schwänzt freitags immer Kindergarten und geht demonstrieren. Für seine Zukunft! Der hat zu mir gesagt, als ich gerade am Computer saß und gearbeitet hab (war an so’m Gag dran über das Bindegewebe von Andrea Nahles und musste mich voll konzentrieren, weil ich nicht wusste, ist das noch Frauenkabarett – wegen Bindegewebe – oder doch schon politisches Kabarett – wegen Andrea Nahles? … Und da fragt der mich, mein Sohn, warum ich IMMER noch Windows benutze und nicht Linux! Ob ich etwa KEIN Interesse an seiner Zukunft hätte. Es sei – Zitat – “absolut zwingend, das digitale Netzwerk von jeder Kontrolle durch privates Kapital oder der Macht des Staates freizuhalten. – Slavoj Zizek.”

(…)

Sagt mein Sohn: Mama? … Du hast echt nichts verstanden. Ich demonstriere für’ne bessere Welt. Ob es um Linux geht oder bezahlbaren Wohnraum oder darum, das Klima zu retten, ist doch im Grunde alles eins. Es geht um alternative Lebens- und Gesellschaftsformen, Mama! Und die braucht’s langsam echt, wenn wir die Karre nicht komplett an die Wand fahren wollen!

Why does every Kubernetes announcement sound like namedropping?

“Today we’re excited to introduce Gravitational Wormhole, our latest Open Source project. Wormhole is a Kubernetes network plugin that combines the simplicity of flannel with encrypted networking from WireGuard.

We created Wormhole to use with Gravity, our Kubernetes packaging solution, but Wormhole should be compatible with any certified Kubernetes distribution.”

Found here: Gravitational Flannel-similar Wireguard-like Wormhole for Kubernetes .

Torturing Git: “Git ist eigentlich nur eine Cloud, die funktioniert”

Auf dem Microsoft Developer Meetup Regensburg hat ein Freund von mir jüngst den Vortrag: “Torturing Git for Fun and Profit” gehalten. Doktorand “Ramses” Ralf Ramsauer darf zusammen mit seinem Professor Prof. Dr. Wolfgang Mauerer fast zwei Stunden über das Quälen von Git sprechen. Money quote (sinngemäß): “Git ist auch nur ein Userspace-Dateisystem, ein Key-Value-Store. Eigentlich sowas wie Cloud, die funktioniert.” 

Hier der Link zum Video: Torturing Git for Fun and Profit – Microsoft Developer Meetup Regensburg April 2019 – YouTube. Das Ganze wurde gehalten im Rahmen der Microsoft Developer Meetup Regensburg, an der TechBase Regensburg und der Ostbayerischen Technische Hochschule (OTH) Regensburg statt.

Goodbye, Peter Linnell.

R.I.P. mrdocs (1963–2019) – Scribus
“A few e-mails later over the course of a few weeks, Scribus had a documenter who had very little understanding of application development, nor how to write even the most basic html. However, I knew and liked desktop publishing and had that sixth sense Scribus was and could be something really special. In the open source world, there are some great programs which are wholly lacking in any kind of documentation. There are also great programmers who are abysmal at documenting things. (Franz despite having English as a second language is excellent at explaining things.) Thus, the following, is my modest attempt at adding some help to a great program.”

TBL on 30 years of Web: A contract for the Web

Tim Berners-Lee speaking at the launch of the World Wide Web Foundation

In his blogpost “30 years on, what’s next #ForTheWeb?” Tim Berners-Lee shows clear thoughts on the problems of the Web today and points to the “Contract for the Web”. He writes:

“To tackle any problem, we must clearly outline and understand it. I broadly see three sources of dysfunction affecting today’s web:

  • Deliberate, malicious intent, such as state-sponsored hacking and attacks, criminal behaviour, and online harassment.
  • System design that creates perverse incentives where user value is sacrificed, such as ad-based revenue models that commercially reward clickbait and the viral spread of misinformation.
  • Unintended negative consequences of benevolent design, such as the outraged and polarised tone and quality of online discourse.

(…)

At pivotal moments, generations before us have stepped up to work together for a better future. With the Universal Declaration of Human Rights, diverse groups of people have been able to agree on essential principles. With the Law of Sea and the Outer Space Treaty, we have preserved new frontiers for the common good. Now too, as the web reshapes our world, we have a responsibility to make sure it is recognised as a human right and built for the public good. This is why the Web Foundation is working with governments, companies and citizens to build a new Contract for the Web.”

Applied Crypto Hardening Handbook Update published

Some good friends were involved here, and their work is so much appreciated! 

Applied Crypto Hardening: bettercrypto.org

“This guide arose out of the need for system administrators to have an updated, solid, well researched and thought-through guide for configuring SSL, PGP, SSH and other cryptographic tools in the post-Snowden age. Triggered by the NSA leaks in the summer of 2013, many system administrators and IT security officers saw the need to strengthen their encryption settings. This guide is specifically written for these system administrators.”

Markus’ Linux Tips: Pssh – Parallel SSH execution

Honestly, I never spent much effort in automating my home network. No salt or containers involved, only three machines with desktops around. ATM they all run Open SUSE Tumbleweed, simply because I don’t want to re-install or do OS upgrades anymore and I want to have all the new stuff asap. With SUSE’s build service the quality of that “rolling release” Tumbleweed has become overwhelming to me, hardly do I see a problem that prevents me from working and/or stays longer that a few days.

Downside of that is: I get some hundreds of megabytes of updates each week. Event though I made good experience with auto-updates through YaST, I still sometimes feel better with launching the zypper command myself and watching what happens. So I did what my dear lady called “semiautomatic system management” … :-):

I like to play with shell tools, and that’s how I found pssh. I installed the tiny CLI tool that allows running a command on several machines at the same time, and added it to my local aliases. Are you confused already? Ok, here’s the five steps:

Step 1: Install Pssh, e.g. with “zypper in pssh”.

A quick “man pssh” shows you the options the little tool can offer.

Step 2: Create a local file with the list of hosts that you want to update. It’s content should simply be one host(name) or IP per line, like my ~/.pssh:
office
sleepingroom
livingroom
Step 3: Copy your ssh key to the machines involved (“ssh-copy-id” is your friend) and test the login with ssh.
Step 4 (optional): I prefer to have the output of my commands in a separate “log” folder (under ~/Temp) – and that needs to be created.
Step 5: I added “alias zypdup=”pssh -h .pssh -l root -o ~/Temp/pssh ‘zypper dup -y -l –allow-vendor-change'” to my .bashrc file in my home directory. That way, the simple command “zypdup” will update the three machines at home, giving a yes to all answers, accept all licenses and allow vendor change from Packman/VLC and back to open SUSE repositories. To be precise, that “zypdup” will be recognized the next time the shell loads the aliases (like after a “. .bashrc”.

That’s it. But let’s have another quick look at the command: “pssh -h .pssh -l root -o ~/Temp/pssh ” takes the hosts from the file “.pssh”, logs in as “root” and writes its output to files in “~/Temp/pssh” – one file per host, named like the host.

Thus, in a perfect world, all my three systems are on the same patchlevel / upgrade status:

Disclaimer: I know that options like “-y … –allow-vendor-change” may cause trouble, but after five years of Tumbleweed, Build Service, Snapper and SUSE in general, I’ve become pretty daring – there were no problems so far. Your mileage may vary, though. If you’re unsure about the consequences, better don’t follow me. 🙂

UPDATE: After a few weeks I learned that I need to add “-t 0” (or another reasonable timeout value in seconds) to my alias. Updates with zypper usually take some time, and depend heavily on bandwidth and such, thus I can’t or couldn’t make up a reasonable value (yet). 🙂