Tag Archives: find

I’m trying to setup ipv6 for a debian node with openvz kernel. First step is setting up the host node to use ipv6. The next step is to create ipv6-only containers. For my experiment, I chose Dacentec dedicated server. Dacentec is a great provider with a lot of choices in the budget dedicated server segment.

A /48 ipv6 block is an optional free addon for the server.
After opening a support ticket, I received the following details:

Network 2607:5400:048d:0000::/48
Gateway 2607:5400:048d:0000::1/48

ssh into the server and check the interfaces file:

cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
allow-hotplug eth2
iface eth2 inet static
        address 148.126.187.10
        netmask 255.255.255.248
        network 148.126.187.8
        broadcast 148.126.187.15
        gateway 148.126.187.9
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers 199.255.156.3
        dns-search droidzone.in
        up ip addr add 148.126.187.14 dev eth2
        up ip addr add 148.126.187.12 dev eth2
        up ip addr add 148.126.187.13 dev eth2

Here, 148.126.187.10 is the primary address of the host node. 148.126.187.12, 148.126.187.13 and 148.126.187.14 are additional IPv4s that I purchased to set up containers. Anyway this is not relevant, as we’re currently attempting to create ipv6-only containers.

Dacentec provided me the following /48 ipv6 block:

Network 2107:5200:058d:0000::/48
Gateway 2107:5200:058d:0000::1/48

I then modified my file:

emacs /etc/network/interfaces

and added the following:

iface eth2 inet6 static
	address 2107:5200:058d:0000::2
	netmask 64
	  up ip -6 route add default via 2107:5200:058d:0000::1 dev eth2
	  down ip -6 route del default via 2107:5200:058d:0000::1 dev eth2	

The final file looks like this:

auto lo
iface lo inet loopback
allow-hotplug eth2
iface eth2 inet static
        address 148.126.187.10
        netmask 255.255.255.248
        network 148.126.187.8
        broadcast 148.126.187.15
        gateway 148.126.187.9
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers 199.255.156.3
        dns-search droidzone.in
        up ip addr add 148.126.187.14 dev eth2
        up ip addr add 148.126.187.12 dev eth2
        up ip addr add 148.126.187.13 dev eth2
iface eth2 inet6 static
	address 2107:5200:058d:0000::2
	netmask 64
	  up ip -6 route add default via 2107:5200:058d:0000::1 dev eth2
	  down ip -6 route del default via 2107:5200:058d:0000::1 dev eth2

Now do the following:

ipdown eth2 && ifup eth2

If you do just a ipdown eth2, you’ll find that your ssh shell exists, and you’ll no longer be able to connect to it. Only a restart will solve it, unless you have a KVM or IPMI to bring back the interface online.

Next up:
Creating ipv6-only containers

Creating ipv6-only containers
With the above configuration, I then added the ip address pool from 2107:5200:058d:0000::4 to 2107:5200:058d:0000::10, to the OpenVZ web panel. Alternately, you can use Promox or the command line vzctl tool.

Then I created a vps, assigning the ip: 2107:5200:058d:0000::4.
I entered the container from the node with:

vzctl enter 2

Edited resolv.conf to have the following:

nameserver 2001:4860:4860::8888

I found that I could not ping ipv4 addresses any more, but could ping ipv6 with ease:

# ping6 ipv6.google.com
PING ipv6.google.com(yv-in-x71.1e100.net) 56 data bytes
64 bytes from yv-in-x71.1e100.net: icmp_seq=1 ttl=54 time=9.77 ms
64 bytes from yv-in-x71.1e100.net: icmp_seq=2 ttl=54 time=9.74 ms
64 bytes from yv-in-x71.1e100.net: icmp_seq=3 ttl=54 time=9.74 ms

To add ipv6 addresses to containers,
Edit /etc/sysctl.conf so that it contains:

net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv6.conf.default.proxy_ndp = 1
net.ipv6.conf.all.proxy_ndp = 1

The final file contains:

net.ipv4.ip_forward=1
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
net.ipv4.conf.default.proxy_arp = 0
net.ipv6.conf.default.proxy_ndp = 1
net.ipv6.conf.all.proxy_ndp = 1
net.ipv4.conf.all.rp_filter = 1
kernel.sysrq = 1
net.ipv4.conf.default.send_redirects = 1
net.ipv4.conf.all.send_redirects = 0

Activate the new configuration with:

sysctl -p

Now you can assign ipv6 to containers with:

vzctl set <VEID> --ipadd 2107:xxx:xxx::xxx --save

You can enter the vm with

vzctl enter <VEID>

Now, add an ipv6 dns to resolv.conf:

vi /etc/resolv.conf
nameserver 2001:4860:4860::8888

Enable Developer Toolbar in Chrome/Firebug bar in Firefox.
Click on Console.
It will show error details like this:

Mixed Content: The page at 'https://pinger.droidzone.in/' was loaded over HTTPS, but requested an insecure image 'http://i.creativecommons.org/l/by-nc-nd/3.0/80x15.png'. This content should also be served over HTTPS. https://pinger.droidzone.in/:132

Issue:

#nmap --script ssl-enum-ciphers -p 443 server.droidzone.in

Starting Nmap 6.00 ( http://nmap.org ) at 2015-05-18 23:15 IST
route_dst_netlink: can't find interface "venet0"

Fix:
Add the --unprivileged option.

#nmap --script ssl-enum-ciphers -p 443 server.droidzone.in --unprivileged

Starting Nmap 6.00 ( http://nmap.org ) at 2015-05-18 23:16 IST
Nmap scan report for server.droidzone.in (104.28.29.30)
Host is up (0.0091s latency).
Other addresses for server.droidzone.in (not scanned): 104.28.28.30
PORT    STATE SERVICE
443/tcp open  https
| ssl-enum-ciphers:
|_  Least strength = strong

Nmap done: 1 IP address (1 host up) scanned in 2.55 seconds

To track the source of the error, you need to check production.log.

On my Omnibus edition, it was located at /var/log/gitlab/gitlab-rails/production.log.

# find / -iname 'production.log'
/var/log/gitlab/gitlab-rails/production.log

Then read the log to find the recent error:
# tac /var/log/gitlab/gitlab-rails/production.log | less

My error was:

  app/controllers/sessions_controller.rb:25:in `new'
  app/views/layouts/devise.html.haml:18
    21:                 Login to manage your projects
    20:               %p
    19:
    18:                A collection of open source projects
    17:               %h3
    16:
    15:               Droidzone Opensource project repository
ActionView::Template::Error (Inconsistent indentation: 15 spaces used for indentation, but the rest of the document was indented using 2 spaces.):
Completed 500 Internal Server Error in 353ms

Fixing it was easy. I just needed a restore a copy of the original file.
Restart gitlab after fixing the error:

# gitlab-ctl restart

I wanted to find and delete all files of Season 1 of a particular TV show.

[[email protected]] ~/ # find . -iname '*S01*' -type d
./Poirot S01E09 - The King of Clubs (1989)
./Poirot S01E02 - Murder In The Mews (1989)
./Poirot S01E04 - Four And Twenty Blackbirds (1989)
./Poirot S01E05 - The Third Floor Flat (1989)
./Poirot S01E03 - The Adventure Of Johnnie Waverly (1989)
./Poirot S01E10 - The Dream (1989)
./Poirot S01E01 - The Adventure of the Clapham Cook (1989)
./Poirot S01E08 - The Incredible Theft (1989)

Now trying to delete them with the find -delete option:

[[email protected]] ~/ # find . -iname '*S01*' -type d -delete
find: cannot delete `./Poirot S01E05 - The Third Floor Flat (1989)': Directory not empty
find: cannot delete `./Poirot S01E03 - The Adventure Of Johnnie Waverly (1989)': Directory not empty
find: cannot delete `./Poirot S01E10 - The Dream (1989)': Directory not empty
find: cannot delete `./Poirot S01E01 - The Adventure of the Clapham Cook (1989)': Directory not empty
find: cannot delete `./Poirot S01E08 - The Incredible Theft (1989)': Directory not empty

What I wanted was this:

[[email protected]] ~/ #find . -iname ‘*S01*’ -type d -exec rm -r {} +
[[email protected]] ~/ #find . -iname ‘*S01*’ -type d

There, the directories have been deleted.

This simple one-liner bash command finds and deletes files in a directory older than 3 days:

find /root/backups -type f -mtime +3 -delete

It’s very useful for scheduled backups. You can set a cron job to do just this to prevent your old backups from eating up valuable space. My crontab looks like this:

#Delete backups older than 5 days
0 23 * * * find /root/backups -type f -mtime +5 -delete

Which means: At 23:00,  on all days of the month, on all months, on all days of the week, execute find on all files in the folder /root/backups, older than 5 days, and then delete the found files.

i-mscp by default bans a user after 2 invalid login attempts. If you find yourself locked out of the control panel, login to phpmyadmin (usually located at site.com/pma) as root (needs the mysql root password),

Database: i-mscp
Table: login

Find your current ip address.
Identify this ip within the row titled “login”.
Delete the whole row with the ipaddr field corresponding to your ip address, or change lastaccess value.

MWSnap002 2013-07-10, 09_45_16