Category Archives: linux

git linux

Space efficient source code storage

kernel-zip-src

During implementation of DistTest I faced with necessity of building a lot of different linux kernel versions. As a first solution I chose downloading archives from kernel.org for each used version. But I soon realized that about 1000 versions of sources with size 0.5-1GB each would consume a lot of disk space. It’s also impossible to build kernel with exact commit precision using this approach.
Set of base versions with corresponding patches can save disk space, but uses a lot of random I/O during applying patches, so it’s slow on HDD and consume finite rewrite resource of SSD. Temporary nature of sources leads to conclusion “use tmpfs”. But aufs offers much less RAM consuming method – store in RAM only diffs.

read more »

linux

Yet another security note. Hardlinks.

Let’s imagine that you have a bunch of files(with default mode “rw-r–r–“) and you configured automatic or performed manual hardlink based backup of them.
Well…
Then you moved one of these files to “secured” folder, that have strict rights (“drwx——” for example).
Before adding some confidential information to this file it was good idea to change file permissions to more strict one. But it is not clear how important it is because no one but owner can access file located at “secured/file” when “secured” folder have “drwx——” rights.
Well… Let’s preserve old permissions if changing of them is not necessary.
But what about hardlink to file saved in usual folder? Oh yes, file located at “usual/file” still can be opened by everyone.
Conclusion:
– You must remember about all hardlinks of your files when you think about security.
– Creating hardlinks by inode and opening file by inode denied by security reasons.

bash linux

Web server on bash

web server on bash, nc, awk and sed

read more »

linux

Remote access without “white” ip

How to get access to shell on the remote computer that don’t have “white”(“real” or “public”) IP without any additional software in linux?
Quick and dirty solution:
on server side:

on client side:

pipe ‘/tmp/localpipe’ used to redirect bash output back to ssh
note: use exit command to stop redirection