Category Archives: Fun

Repacking an RPM from files on the system

Have you ever had an RPM installed on the system that you needed installed on another system, but didn’t have the .rpm file for it? Or, have you wanted to make a .rpm file with just a minor change without having to completely rebuilt it? Or perhaps forge an RPM with some naughty scripts or binaries in it? ;)

Check out my rpm-repack script. Simply run it with the package name that’s installed on the system:

Continue reading

Added “ps” extras feature to tpe-lkm

Since I already had my hands in the tpe-lkm code yesterday, I decided to spend my lunch break coding a feature I’ve been meaning to add in for a while now.

I added a new ps extras feature. Since it doesn’t have to do with the “trusted path”, I added it to the “extras” in the configuration. It’s similar to grsecurity’s “Proc restrictions” where “the permissions of the /proc filesystem will be altered to enhance system security and privacy”. Basically, non-root users won’t be able to view the processes they don’t own.

Continue reading

A nagios snmp plugin that obeys snmp.conf

So there is a currently unresolved issue with the check_snmp nagios plugin where it doesn’t use the snmp.conf file. I use v3 of the protocol, and don’t want to have to put the big long string everywhere in the nagios configuration file:

define command{
  command_name check_snmp_cpu
  command_line $USER1$/check_snmp -H $HOSTADDRESS$ -w 2 -c 4 -u "cpu" -P 3 -L authPriv -a MD5 -U snmpmonitor -A "have a look at what I have to offer" -x des -X "have a look at what I have to offer" -o .1.3.6.1.4.1.2021.11.10.0
}

Continue reading

How to use the Ksplice raw utilities

Disclaimer: I have no affiliation with ksplice, I’m just a guy who knows something about hot-patching the linux kernel and figured out how this ksplice thing works. I strongly agree with the sentiment that the ksplice raw utilities is not for general use. In fact, Ksplice says in the distribution of these tools:

Without the appropriate expertise and safety infrastructure, the raw utilities can create subtly incorrect rebootless updates, which can have serious consequences.

Continue reading