Le but est de centraliser et de pouvoir externaliser l’ensemble des logs d’Auditd via rsyslog
[Lire]Charger votre site dans le cache Varnish grace a son sitemap.xml
Le script va parser l’xml du site pour avoir la liste des pages, puis y accéder Suivant le script que vous allez utiliser, les dépendances des pages seront requeter ou non.
[Lire]Trier /etc/hosts par IP
En ajoutant quelques options a sort, comme ci-dessous, le tri par adresse IP se fait correctement
cat /etc/hosts | sort -n -t. +0 -1 +1 -2 +2 -3 +3 -4
Mon .tcshrc
Contenue du fichier ~/.tcshrc
#{{{ Env
if ($tty == '') then
exit 0
endif
setenv PATH /sbin:/usr/sbin:$PATH
setenv EDITOR vim
setenv VISUAL vim
setenv PAGER more
setenv LESS "-erX"
setenv GIT_PAGER less
setenv LANG en_US.UTF-8
setenv LC_TYPE en_US.UTF-8
if ${?TERM} then
switch( $TERM )
case "xterm*":
setenv TITLE "%{\033]0;%n@%m [%~]\007%}"
breaksw;
default:
setenv TITLE ""
breaksw;
endsw
endif
#}}}
#{{{ Env tcsh
set myuid = `id -u`
set stty = `echo $tty | sed 's/tty//'`
set prompt = "${TITLE}%h %n@%m-$stty [%B%.03%b]%# "
set prompt2 = "%n@%M-$tty >%R?<%# "
set time = ( 1 "%Uu %Ss %Er %Pcpu %X+%Dk %I+%Oio %Fpf+%Wsw" )
set who = "%n has %a %l from %M"
set fignore = ( .o \~ \#\*\# )
set complete = enhance
set watch = ( 1 any any )
set autolist = ambiguous
set correct = cmd
set listjobs = long
set history = ( 5000 "%h (%D-%W-%Y %T) %R\n" )
set savehist = ( 5000 merge )
set histfile = ~/.tcsh_history
set histdup = erase
set matchbeep = nomatch
set promptchars = '>#
set listflags = 'a
set printexitvalue
set autoexpand
set listlinks
set echo_style = both
unset autologout
bindkey "^R" history-search-backward
bindkey "^S" history-search-forward
#}}}
#{{{ Alias
alias l 'ls -Glh \!*
alias ll 'ls -Glha \!*
alias monip 'wget -q --no-check-certificate https://panel.pascalito.org/ip.php -O - ; echo ""
alias mplayer-nova 'mplayer -ao pulse,alsa,sdl:aalib,coreaudio http://broadcast.infomaniak.net:80/radionova-high.mp3
alias mplayer-play 'mplayer -ao pulse,alsa,sdl:aalib,coreaudio \!*
alias mplayer-pls 'mplayer -ao pulse,alsa,sdl:aalib,coreaudio -loop 0 -playlist \!:1
alias mplayer-plsr 'mplayer -ao pulse,alsa,sdl:aalib,coreaudio -shuffle -loop 0 -playlist \!:1
alias mplayer-rfg 'mplayer -ao pulse,alsa,sdl:aalib,coreaudio http://www.radiofg.com/streams/fg.pls
alias mplayer-rfg-c 'mplayer -ao pulse,alsa,sdl:aalib,coreaudio http://www.radiofg.com/streams/fgc.pls
alias mplayer-rfg-r 'mplayer -ao pulse,alsa,sdl:aalib,coreaudio http://www.radiofg.com/streams/fgv.pls
alias mplayer-rfg-h 'mplayer -ao pulse,alsa,sdl:aalib,coreaudio http://www.radiofg.com/streams/fgd.pls
alias mplayer-rfg-u 'mplayer -ao pulse,alsa,sdl:aalib,coreaudio http://www.radiofg.com/streams/fgu.pls
alias pls-create 'find ~/Music -ctime -\!:1 -iname "*.m4a" -o -iname "*.mp4" -o -iname "*.mp3" -type f -printf "/%AY%Am%Ad %p\r\n" | sort | sed "s/^.\{10\}//g" > ~/.mplayer/tmp.m3u
alias rm '\rm -i
alias screenshot 'import -window root `hostname`-`date +%y%m%w-%H%M%S`.png
alias src 'source ~/.tcshrc
alias svnup 'find ~/Documents/svn -type d -depth 1 -exec svn up {} \;
alias taroverssh 'tar cvpf - . | ssh \!:1 tar xpf - -C \!:2
alias vi 'vim \!*
unalias ls
#}}}
#{{{ pmad
if ( -o ~/Documents/svn/scripts/dotfiles/pmad.tcsh ) then
source ~/Documents/svn/scripts/dotfiles/pmad.tcsh
endif
if ( -d ~/Documents/svn/scripts/pmad ) then
setenv PATH ~/Documents/svn/scripts/pmad:$PATH
endif
#}}}
#{{{ Completion
# tcsh
complete {fg,bg,stop} c/%/j/ p/1/"(%)"//
complete kill 'c/%/j/' 'c/-/S/
complete chgrp 'p/1/g/
complete chown 'p/1/u/
complete find 'p/1/d/' 'n/-user/u/' 'n/-group/g/
complete cd 'C/*/d/
complete rmdir 'C/*/d/
complete lsd 'C/*/d/
complete git p/1/"(add am apply archive bisect branch config checkout clone commit \
count-objects describe diff fetch fsck gc grep init ls-files log merge mv pull push \
prune rebase repack reset revert rm remote show show-branch status tag version)"/
complete cvs 'c/--/(help help-commands help-synonyms)/' \
'p/1/(add admin annotate checkout commit diff \
edit editors export history import init log login \
logout rdiff release remove rtag status tag unedit \
update watch watchers)/' 'n/-a/(edit unedit commit \
all none)/' 'n/watch/(on off add remove)/
complete svn p/1/"(add blame cat checkout cleanup commit copy delete \
diff export help import info list lock log merge mkdir move propdel \
propedit propget proplist propset resolved revert status switch \
unlock update )"/
# signal names
# also note that the initial - can be created with the first completion
# but without appending a space (note the extra slash with no
# append character specified)
complete kill 'c/-/S/' 'p/1/(-)//
# use available commands as arguments for which, where, and man
complete which 'p/1/c/
complete where 'p/1/c/
complete man 'p/1/c/
# aliases
complete alias 'p/1/a/
complete unalias 'p/1/a/
# variables
complete unset 'p/1/s/
complete set 'p/1/s/
# environment variables
complete unsetenv 'p/1/e/
complete setenv 'p/1/e/
#(kinda cool: complete first arg with an env variable, and add an =,
# continue completion of first arg with a filename. complete 2nd arg
# with a command)
complete env 'c/*=/f/' 'p/1/e/=/' 'p/2/c/
# limits
complete limit 'p/1/l/
# key bindings
complete bindkey 'C/*/b/
# groups
complete chgrp 'p/1/g/
# users
complete chown 'p/1/u/
# sudo
complete sudo 'n/-l/u/' 'p/1/c/
# You can use complete to provide extensive help for complex commands
# like find.
# Please check your version before using these completions, as some
# differences may exist.
complete find 'n/-name/f/' 'n/-newer/f/' 'n/-{,n}cpio/f/' \
'n/-exec/c/' 'n/-ok/c/' 'n/-user/u/' 'n/-group/g/' \
'n/-fstype/(nfs 4.2)/' 'n/-type/(b c d f l p s)/' \
'c/-/(name newer cpio ncpio exec ok user group fstype type atime \
ctime depth inum ls mtime nogroup nouser perm print prune \
size xdev)/' \
'p/*/d/
# set up cc to complete only with files ending in .c, .a, and .o
complete cc 'p/*/f:*.[cao]/
# of course, this completes with all current completions
complete uncomplete 'p/*/X/
# complex completion for ln
# In all cases, if you start typing, it completes with a filename
# But if you complete without typing anything you get this:
# first argument: adds "-s"
# arguments that follow -s: reminds you of which argument is expected
complete ln 'C/?/f/' 'p/1/(-s)/' 'n/-s/x:[first arg is path to original file]/' 'N/-s/x:[second arg is new link]/
# set a printer list, for use with all print related commands
set printerlist=(hp1 hp2 color)
complete lp 'c/-d/$printerlist/
complete lpstat 'p/1/$printerlist/
complete lpq 'c/-P/$printerlist/
complete lpr 'c/-P/$printerlist/
complete enscript 'c/-d/$printerlist/
#}}}
#{{{ Other
switch($OSTYPE)
#{{{ OSx
case darwin:
setenv PATH /opt/local/bin:/opt/local/sbin:$PATH
alias ggcontactsync '/System/Library/PrivateFrameworks/GoogleContactSync.framework/Versions/A/Resources/gconsync --sync com.google.ContactSync
breaksw
default:
breaksw
#}}}
#{{{ Linux
case linux:
#{{{ Debian
if ( -f /etc/debian_version ) then
set ipackages = `dpkg --get-selections | awk '{print $1}'`
set apackages = `apt-cache search '' | awk '{print $1}'`
complete dpkg 'n/-L/$ipackages/
complete apt-get \
'c/--/(build config-file diff-only download-only \
fix-broken fix-missing force-yes help ignore-hold no-download \
no-upgrade option print-uris purge reinstall quiet simulate \
show-upgraded target-release tar-only version yes )/' \
'c/-/(b c= d f h m o= q qq s t x y )/' \
'n/{source,build-dep}/x:<pkgname>/' \
'n/{remove}/`dpkg -l|grep ^ii|awk \{print\ \$2\}`/' \
'n/{install}/`apt-cache pkgnames | sort`/' \
'C/*/(update upgrade dselect-upgrade source \
build-dep check clean autoclean install remove)/
complete apt-cache \
'c/--/(all-versions config-file generate full help important \
names-only option pkg-cache quiet recurse src-cache version )/' \
'c/-/(c= h i o= p= q s= v)/' \
'n/{search}/x:<regex>/' \
'n/{pkgnames,policy,show,showpkg,depends,dotty}/`apt-cache pkgnames | sort`/' \
'C/*/(add gencaches showpkg stats dump dumpavail unmet show \
search depends pkgnames dotty policy )/
if ($myuid == 0) then
alias updateall 'apt-get update && apt-get upgrade && apt-get autoclean && apt-get dist-upgrade
endif
endif
#}}}
#}}}
#{{{ Other
default:
breaksw
#}}}
endsw
#}}}
Inclure un générateur de mot de passe dans son shell
Ajoutez dans votre .tcshrc ou .bashrc l’alias suivant :
alias pass_generator='for ((n=0;n<10;n++)); do dd if=/dev/urandom count=1 2> /dev/null | uuencode -m -| sed -ne 2p | cut -c-8; done
Synchronisation Vulture
Voici un exemple de script qui synchronise la configuration et base utilisé par Vulture il utilise nc (netcat) pour emmètre les alerte par mail
#!/bin/sh
DATE=`date +"%Y%m%d-%N"`
SHORT_DATE=`date +"%Y%m%d"`
RESULT=""
SRV_MAIL="IP_SERV_MAIL"
AIL_DST_ALERT="[email protected]"
HOSTNAME=`hostname -f`
REMOTE_SRV="ip-server-master"
#
# Synchro de la base sqlite
rsync -t -o -g -e ssh $REMOTE_SRV:/var/www/vulture/sql/* /var/www/vulture/sql/
sync_db=$?
if [ $sync_db -eq 0 ]; then
echo $SHORT_DATE" - SYNC DB : OK" >> /var/log/Vulture-sync.log
else
echo $SHORT_DATE" - SYNC DB : NOK" >> /var/log/Vulture-sync.log
(echo "HELO "$HOSTNAME; echo "mail from: "; echo "rcpt to: <"$MAIL_DST_ALERT">"; echo "DATA"; echo "From: root@"$HOSTNAME; echo "Subject: ["$HOSTNAME"] "$SHORT_DATE" - Synchro de la base Vulture NOK"; echo "To: "$MAIL_DST_ALERT; echo; echo "Synchronisation de la base Vulture en echec."; echo; echo "."; echo "QUIT") | nc $SRV_MAIL 25
fi
#
# Synchro des fichiers de configuration
rsync --exclude=httpd.conf -l -t -o -g -e ssh $REMOTE_SRV:/var/www/vulture/conf/*.\{conf,crt,tpl,key,chain\} /var/www/vulture/conf/
sync_conf=$?
if [ $sync_db -eq 0 ]; then
echo $SHORT_DATE" - SYNC CONF : OK" >> /var/log/Vulture-sync.log
else
echo $SHORT_DATE" - SYNC CONF : NOK" >> /var/log/Vulture-sync.log
(echo "HELO "$HOSTNAME; echo "mail from: "; echo "rcpt to: <"$MAIL_DST_ALERT">"; echo "DATA"; echo "From: root@"$HOSTNAME; echo "Subject: ["$HOSTNAME"] "$SHORT_DATE" - Synchro des fichiers de configuration Vulture NOK"; echo "To: "$MAIL_DST_ALERT; echo; echo "Synchronisation des fichiers de configuration Vulture en echec."; echo; echo "."; echo "QUIT") | nc $SRV_MAIL 25
fi
Nettoyer une arborescence
Ce script rechercher les fichiers de plus de 30 jours et les effaces puis efface les dossiers vide.
#!/bin/sh
#
# Configuration
PWD_DIR=/home/ftp_users
TEMP_DIR=/tmp
LOG_SCRIPT=/var/log/menage_ftp.log
DATE_MAX_FICHIER=30
DATE_MAX_DOSSIER=30
#
# Fichiers temporaire
LISTEFICHIER=$TEMP_DIR/menagemail_listefichier
LISTEDOSSIER=$TEMP_DIR/menagemail_listedossier
#
# Recherche des fichiers
find /home/ftp_users/*/* -type f -mtime $DATE_MAX_FICHIER | sort -r > $LISTEFICHIER
#
# Recherche des dossiers
find /home/ftp_users/*/* -type d -mtime $DATE_MAX_DOSSIER | sort -r > $LISTEDOSSIER
cat $LISTEDOSSIER | while read i; do
$CONTENU_DOSSIER_USER=`ls -a $i | sed -e "/\.$/d" | wc -l`
if [ $CONTENU_DOSSIER_USER -eq 0 ]; then
echo "a" > /dev/null
else
rm -fr $i
fi
done