a Linux, Open Source and Technology Blog in Asia

Fixing Linux Systems with OpenSSL Heartbleed (CVE-2014-0160)

OpenSSL Heartbleed (CVE-2014-0160) bug is now discovered by network security professionals, which many systems using some OpenSSL versions are affected.

You can check your system with some SSL test website.

For above test, you will find the following line from your test result.

“This server is vulnerable to the Heartbleed attack……”


Mounting VirtualBox VDI image file

If we need to investigate the content of a VirtualBox VDI image file, we can use qemu-nbd to mount it.

$ sudo apt-get install qemu

Reload network block device kernel module.
$ sudo rmmod nbd
$ sudo modprobe nbd max_part=16

Making the VDI image file as a network device.
$ sudo qemu-nbd -c /dev/nbd0 ~myuser/.VirtualBox/VDI/myimage.vdi

After the network device is successfully attached to a network device, if you want mount its 1st partition, you may mount it.
$ sudo mount /dev/nbd0p1 /mnt

After you finished your investigation, you should discount VDI image from the network device.
$ sudo qemu-nbd -d /dev/nbd0

Replacing a failed hard disk in Linux RAID1

In our case, a harddisk in Linux RAID1 is marked as fault, we can check the status detail of RAID1 (assume /dev/md0 in our case) with the following command.

$ mdadm –detail /dev/md0

If failed hard disk is not removed from RAID1, we use the following mdadm command to remove failed hard disk.

$ mdadm –manage /dev/md0 –remove /dev/sda1

And after hard disk is replaced, we should create partitions on new hard disk, then we add the partition with the following mdadm command.

$ mdadm –manage /dev/md0 –add /dev/sda1


Chinese magazine LinuxPilot issue 132 will be released tomorrow

F-Secure 資安研究總監 Mikko Hypponen 訪談

Chinese Linux monthly magazine Linuxpilot issue 132 (aka issue 2014/01) will be released in Taiwan and Hong Kong tomorrow (2014/01/01), it covers an interview with F-Secure security research, embedded system example in company, ezgo11 education software disc, Kali Linux and other system and network security related topics. Price of LinuxPilot monthly magazine is HK$40, and magazine online subscription is also available on its website.

Mounting partitions from a LVM RAID1 single disk

If we would like to migrate existing LVM RAID1 to another set of 2 hard disks to extending total disk space.

Assume that new RAID1 hard disks are sda and sdb, and old RAID1 single disk is sdc, and old hard disk have a partiton sdc1, we can load it with mdadm and then mount it.

$ mdadm –assemble /dev/md10 /dev/sdc1 –run
mdadm: /dev/md10 has been started with 1 drive (out of 2).
$ mkdir /mountpoint
$ mount /dev/md10 /mountpoint

After we copied files to new LVM RAID1, we can un-mount it and then stop the RAID1 with old hard disk as the following.

$ umount /mountpoint
$ mdadm –stop /dev/md10

mdadm: stopped /dev/md10



Retriving missing public key for APT software repos in Debian systems

When you got a GPG error at apt-get operation, most likely the public key of target software reposity is missing on your system. The following is an example of this apt-get error.

W: GPG error: squeeze-updates Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553
W: You may want to run apt-get update to correct these problems

So, you can you gpg to retrive the specified key from MIT key server as the following.

# gpg –keyserver –recv-key 46925553
gpg: directory `/root/.gnupg’ created
gpg: new configuration file `/root/.gnupg/gpg.conf’ created
gpg: WARNING: options in `/root/.gnupg/gpg.conf’ are not yet active during this run
gpg: keyring `/root/.gnupg/secring.gpg’ created
gpg: keyring `/root/.gnupg/pubring.gpg’ created
gpg: requesting key 46925553 from hkp server
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 46925553: public key “Debian Archive Automatic Signing Key (7.0/wheezy) <[email protected]>” imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)

After the key is retrived from key server and stored at your local GPG directory, you can export the key from your local GPG and add as a key accepted by local APT software as the following.

# gpg -a –export 46925553 | sudo apt-key add -

Checking web service with self-signed certificate

To check running status of web service, we can use wget command to do so.

$ LC_ALL=C wget https://myhostname/

Non-zero value will be returned for any error encountered.

$ echo $?

Sometimes self-signed certificate is used on web service, we may passing ‘–no-check-certificate’ option for wget command.

Migrating ext4 partition to LVM RAID1 on Ubuntu 13.10

When a single hard disk got hardware fault, it is possible that you will have data loss. Nowaday low-end desktop hard disk is cheap and you can purchase it at around HK$400 (US$50) for a 1TB hard disk. So you may migrate your existing ext4 partitions on single hard disk to RAID1. The simply method is that we create a Ubuntu bootable USB stick.

After installed new hard disk with equal or larger disk capacity on your server, we boot the system with Ubuntu bootable USB stick. If the system cannot access internet, we should configure its IP address and gateway information with following commands.

$ ifconfig eth0 up
$ route add default gw

mdadm should be installed, it is a required software package to manage LVM RAID.

$ apt-get install mdadm

Old and new hard disk is installed as /dev/sda (old) and /dev/sdb (new) in our example, then new partitions for LVM RAID1 should be created on new hard disk.

$ fdisk /dev/sdb

Then, press ‘n’ for new partition. Size of new partition should be equal to or larger than original, and partition type should be ‘fd’ Linux raid autodetect.

When creation of new partitions are finished, we press ‘w’ to write changes on the disk,

Then, we create a LVM RAID1 with the following mdadm command. Since we got 1 hard disk only for RAID1 in this moment, so we use missing to represent another drive for RAID is missing.

$ mdadm –create /dev/md0 –verbose –level=1 –raid-devices=2 /dev/sdb1 missing

Next, we make a new ext4 filesystem on RAID1 partition.

$ mkfs.ext4 /dev/md0

After that, we mount and copy files from old partition (/dev/sda1 in this example) to new created filesystem with rsync command.

$ mkdir /aaa /bbb
$ mount /dev/sda1 /aaa
$ mount /dev/md0 /bbb
$ rsync -av /aaa/ /bbb

After completion of file copying, Filesystem UUID should be updated on new or existing filesystem table /etc/fstab, you may check the UUID with dumpe2fs command.

$ dumpe2fs -h /dev/md0 | grep UUID
dumpe2fs 1.42 (29-Nov-2011)
Filesystem UUID:          d9a55f97-fafa-4740-a694-456c8514fa84

Then, we update as the following on /etc/fstab file.

UUID=d9a55f97-fafa-4740-a694-456c8514fa84 /home           ext4    defaults,user_xattr        0       2

If the partition is new root filesystem, we should chroot into new root filesystem and install boot loader on new hard disk.

$ mount -o bind /dev /bbb/dev
$ mount -o bind /proc /bbb/proc
$ mount -o bind /sys /bbb/sys
$ chroot /bbb
$ mkinitrd /boot/initrd.img#ramdisk-image-filename# #kernel-version-here#
$ update-grub
$ grub-install /dev/sdb$ exit
$ umount /bbb/dev /bbb/proc /bbb/sys

After completion, we un-mount all partitions for reboot.

For example,
$ umount /aaa /bbb

atd executing scheduled jobs once.

On Linux system, 2 daemon services are provided to run scheduled jobs at specified times, which they are crond and atd.

In this post, we will introduce atd which execute scheduled jobs for one execution.

For an example, we can execute at program to schedule Linux system reboot in 23:59 as the following, then ‘at>’ command prompt will be shown and we should input what commands we are going to execute in 23:59, and finish the input with Ctrl + d at a empty ‘at>’ command line.

[email protected]:~$ at 23:59

warning: commands will be executed using /bin/sh
at> /sbin/reboot
at> <EOT>
job 3 at Tue Nov 12 23:59:00 2013

Specified times can be time, date or tomorrow or other words. Examples are the following.

$ at now + 1 hour$ at 1pm tomorrow
$ at 23:00 Oct 23

To list ‘at’ jobs in queue, we can execute ‘atq’.

[email protected]:~$ atq
3    Tue Nov 12 23:59:00 2013 a root

To remove a ‘at’ job from queue, we can remove it with ‘atrm’ command. For an example, we use the following commands to remove job 3 at above example.

[email protected]:~$ atrm 3


sudo – do as superuser

sudo is a program to execute a command in root/specified user permission. Its advantage is that normal users doesn’t need a root password to execute some or all commands as root to mangage/adminisrate a Linux system.

Examples of some sudo usages:

# You can list files and directories in /root in root permission.
[email protected]$ sudo ls /root

# You can execute su program in root permission.
[email protected]$ sudo su -

Modifying use permision of sudo program

We can execute ‘visudo’ to modify use permission of sudo program, for an example, we want to add ‘sammy’ to execute any commands as root with sudo, we add the following line only.

sammy      ALL=(ALL)       ALL