You are viewing jackal

Agnus Dei's Journal

> recent entries
> calendar
> friends
> profile
> previous 20 entries

Monday, April 14th, 2014
11:27 am - Single Applications Mode in OSX Mavericks.
Did anyone else know you could enable Single Application Mode in Mavericks and you don't even need to install LiteSwitch X to enabled it?

Simple run:
defaults write single-app -bool true ; killall Dock 

*Note this only works when you click on the application in the Dock.  Not when applications swtiching (which LiteSwitchX would do).


(comment on this)

Tuesday, April 8th, 2014
4:04 pm - ssh-keygen -R hostname
Because I always forget you can do this, if you have an old stale key in your known_host file and you know you regenerated the host, rather than just sed -i "##d" ~/.ssh/known_hosts file, you could use this instead

ssh-keygen -R hostname

(comment on this)

Tuesday, April 1st, 2014
10:29 am - Dealing with BSD sed on your mac (how to install GNU sed)
Just FYI:   sed that comes with your mac is BSD sed, not GNU sed.  So it doesn't take the same options.

brad-allison-pro:foo brad.allison$ sed -i "55d" "/Users/brad.allison/.ssh/known_hosts"
sed: 1: "/Users/brad.allison/.ss ...": undefined label 'rad.allison/.ssh/known_hosts'

If you are like me and you prefer GNU sed, mac ports provides it and it works just like under linux.

brad-allison-pro:foo brad.allison$ sudo port install gsed
--->  Computing dependencies for gsed
--->  Cleaning gsed
--->  Scanning binaries for linking errors: 100.0%
--->  No broken files found.

brad-allison-pro:foo brad.allison$ gsed -i "55d" "/Users/brad.allison/.ssh/known_hosts"
brad-allison-pro:foo brad.allison$

(comment on this)

Friday, March 28th, 2014
10:39 am - Excel Function to Display Weekends (TRUE/FALSE)


Where in this case D4 was my date field.    If it returns a number greater than 5 (6 or 7) it's Saturday or Sunday.

Then you a conditional function (classic) to make it colored RED on True.  :)

(comment on this)

Tuesday, March 25th, 2014
10:51 am - Nagios Plugin - check_tcp_states
I wrote a Nagios Plugin that's basically a wrapper for lsof that lets you pass it a username and process name so you can have it tell you the tcp states for a process running owned by that username.

It also lets you specify what metric you want to threshold alarm against.  Sometimes you might want to threshold alarm on ESTABLISHED connections.  Sometimes you might want to threshold alarm again TOTAL_SOCKET connections used by that process.

In either case it's returned in perfdata format so all metrics are passed to Nagios/Opsview for graphing.  So no matter what you threshold against, you can graph all the metrics.

[root@host-01 libexec]# ./check_tcp_states -v -u tomcat -p java -m TOTAL_SOCKETS -w 20 -c 30
lsof -n -P -a -u tomcat -c java -i |egrep -o '\(.*\)' | sort | uniq -c
*** VERBOSE MODE is enabled!
*** Running system command: lsof -n -P -a -u tomcat -c java -i |egrep -o '\(.*\)' | sort | uniq -c
*** Username = tomcat
*** Process name = java
*** System command output:
*** ---------------------------------------------------------------------
***      27 (ESTABLISHED)
***       8 (LISTEN)
*** ---------------------------------------------------------------------
*** ESTABLISHED   = 27
*** CLOSE_WAIT    = 0
*** LISTEN        = 8

[root@host-01 libexec]# ./check_tcp_states -v -u tomcat -p java -m ESTABLISHED  -w 20 -c 30
lsof -n -P -a -u tomcat -c java -i |egrep -o '\(.*\)' | sort | uniq -c
*** VERBOSE MODE is enabled!
*** Running system command: lsof -n -P -a -u tomcat -c java -i |egrep -o '\(.*\)' | sort | uniq -c
*** Username = tomcat
*** Process name = java
*** System command output:
*** ---------------------------------------------------------------------
***      23 (ESTABLISHED)
***       8 (LISTEN)
*** ---------------------------------------------------------------------
*** ESTABLISHED   = 23
*** CLOSE_WAIT    = 0
*** LISTEN        = 8

(comment on this)

Friday, March 21st, 2014
4:22 pm - Mac Voices : Command to play each voice.
Run the following command to have the mac play all the mac voices by having them say their names:

for i in `say -v ? | awk '{print $1}'`; do say -v $i $i ; done

(2 comments | comment on this)

Thursday, March 20th, 2014
10:25 am - Debugging issues with pound load balancer threads versus TCP socket states


We've recorded up to 20 seconds for initial handshakes randomly with our load balancer. This causes extreme slowness for the user experience, but it's every inconsistent and hard to replicate.


We use pound for our load balancer.   We have pound set to 1000 threads.

[root@]# grep Threads /etc/pound.cfg
Threads 1000

When you look from the OS and ask pound how many threads it's actively running it shows an additional 3 magic threads so it shows as 1003. The 3 magic threads are most likely standard in, standard out and standard error.

(NLWP = Number of Light Weight Processes.   Light Weight Process just means "a thread.")

[root@]# ps -upound -onlwp

Then we ask the OS what are the states of TCP connections for pound:

[root@]# lsof -n -P -a -u pound -c pound -i |egrep -o '\(.*\)' | sort | uniq -c

See the problem?

We set the thread limit for pound to be 1000. Which would be fine given that we have 708 ESTABLISH TCP connections to pound (assuming 1 thread per connection). BUT what if these  545 CLOSE_WAIT sockets are holding open threads as well making the total 1200+ which is greater than our 1000 thread limit.  And since we set the OS to "unlimited" file descriptors, it has unlimited sockets, so it doesn't close the connections but instead opens the socket and waits until a thread is available.   This could explain why we are getting such extremely slow initial connections as it's waiting for a thread to be available.


I recommended we double the threads in pound.

(comment on this)

Wednesday, December 11th, 2013
11:56 am - How to get around regex greediness
Fighting greediness in regular expressions is a pain in the ass. Period.

The following example will get everything after the JSESSIONID= in the access log up to the first space character

cat /var/log/httpd/access_log.2013-12-06.txt | egrep -o "JSESSIONID=[^[:space:]]*" 

(comment on this)

Monday, November 25th, 2013
3:01 pm - Add a user to server and force password change on login and force account to expire on date.
useradd -m -e 2013-12-07 -f 0 username
echo temppassword | passwd username --stdin
chage -d 0 username

(1 comment | comment on this)

Thursday, November 7th, 2013
4:27 pm - How to get JSESSIONID's out of an apache log (or any cookie)
Assuming you are logging cookies:

# grep /var/log/httpd/ | grep "JSESSIONID"  | sed -r "s/.*(\[.*\]).*JSESSIONID=((.*);|([^\"]*)\") .*/\2/g"| sed -r "s/.$//" | sort | uniq -c | sort -rn
 1309 1122A5A15E9249463C195B0E2481AB94
  646 1703C75AE6C988B650DF555F04136226
  477 76E32F79F9D8716E2507CF898E17F47F
  404 69789C15A7DFEF025538170D7A4A4981
  352 1222B722BC8F497B106806C796591276
  201 C12E8E89C2017ADBD15D11FF6D433B16
   20 7A661718045150E6420DE4A6FB8DCDB2
    2 76B66EF3109041474B4385D2EA36A242
    1 F0BCFE41562BF52EBC3C368E570A3243
    1 D5FE8980D35AC5731873100187EEBDF1
    1 A9BF824A4589BB1ED8217844A4E63A26
    1 916766C4DE4E9FE50C5BEB0897C19B11
    1 49AB3A90C190C0F0CB858346B0A23AA8
    1 37F1E556DC4FA531A58EC1D677CA2BE5
    1 2D6C2B9F33E01B8A3E3EB44C64145680
    1 1DC73E26143190F795298B0A9FD9EF77

(comment on this)

Tuesday, October 29th, 2013
4:01 pm - yep... i'm a geek....

$ grep remote  ~/Library/Application\ Support/Tunnelblick/Configurations/vpn-mf7_ovpn078.ovpn  | awk '{print $2,$3}'  | while read a; do  nc -n -u -v -w 1 -z  $a; done
Connection to 8080 port [udp/*] succeeded!
Connection to 123 port [udp/*] succeeded!
Connection to 53 port [udp/*] succeeded!

(comment on this)

Thursday, October 10th, 2013
1:25 pm - Perl script for grabbing the stack trace of the tomcat thread using the most CPU on the host
My script I wrote for getting the stack trace of the tomcat thread that's using the most CPU on a host.....

(comment on this)

Wednesday, October 9th, 2013
10:14 am - How to find which thread in a java application (tomcat) is eating up all your CPU
So here's my idea....
1- use top to see all the java processes and threads by CPU utilization (capital H displays threads).  This will cause top to show the nlwp of for the thread in the PID column

Example (from top data):

[root@host ~]# top -H -n 3 -b |grep tomcat | grep java | sort -rn -k 9 | head -1
6638 tomcat    20   0 10.5g 2.9g  12m S  98.9 39.2   0:03.16 java                                            

2- Us ps -L -utomcat to grep out the nlwp and get the PID of tomcat owning it.

Example: I'm grepping for the LWP id.   The first number is the PID and the second is the LWP id:

[root@host ~]#  ps -L -utomcat |grep java | grep 6638
27628  6638 ?        00:00:03 java

3- So now I have the PID of the java process and the LWP id of the bad thread.  I can take a stack trace of java.  The stack track records the LWP as NID in hex.  So we convert the NID in hex to LWP and we have the LWP.

Do a kill -s SIGQUIT $tomcat_pid to the process to force a thread dump (which will write out to catalina.out for tomcat).

[root@host ~]# kill -s SIGQUIT 27628

Then convert all the NID's to LWP's with a quick perl script that converts the hex to regular NLWP (which I saved and named /tmp/

[root@host ~]# cat /usr/local/tomcat/default/logs/catalina.out.thread.dump.2013-10-09--13-54-49 | /tmp/ > /usr/local/tomcat/default/logs/catalina.out.thread.dump.2013-10-09--13-54-49-nlwp

4- So now i have a thread dump with all the threads tagged by NLWP numbers.  I find my NLWP dump in the thread dump and I've got a stack trace of the thread that's eating up all the CPU.

(comment on this)

9:26 am - How to get tomcat thread counts
Two ways:

# ps -utomcat -onlwp |grep -v NLWP

# ps -L -utomcat |grep java | wc -l

(comment on this)

Tuesday, October 8th, 2013
1:48 pm - How to make "find -exec grep" tell you both the file it match _and_ the line it matched on
How to make "find -exec grep" tell you both the file it match _and_ the line it matched on

# find /etc/ssh/ -exec grep sftp {} +
/etc/ssh/sshd_config:Subsystem sftp /usr/lib/openssh/sftp-server

(comment on this)

11:15 am - How to get averages from the command line using awk and NOT get the division by zero error
The simple way to get averages from the command line using awk is:

| awk '{a+=$1} END{print a/NR}'

But that will cause divsion by zero errors if nothing is returned, "awk: fatal: division by zero attempted."

So if you add a little code to it you can check to make sure it's greater than 0 first:

 | awk '{a+=$1} END{ if (NR > 0) {print a/NR} else {print NR}}' ;

(comment on this)

Thursday, September 26th, 2013
4:31 pm - How to convert Apache TimeStamp into EPOCH time
For an Apache log file that ends in a line like this: - - [26/Sep/2013:20:26:45 +0000] "GET /fun.html HTTP/1.1" 302 - "-" "check_http/v1.4.16.29.g3c10.dirty (nagios-plugins 1.4.16)" "-" "-" 537 2498 5502 usec

[root@m2qastaging-ema-01 ~]# export LASTTIME=`tail -1 /var/log/httpd/ | sed -r "s/.*\[(.*)\].*/\1/g" `
[root@m2qastaging-ema-01 ~]#  perl -MDate::Parse -e"print str2time(\"$LASTTIME\")"; echo

[root@m2qastaging-ema-01 ~]# date +%s

(comment on this)

Sunday, September 22nd, 2013
1:04 pm - How to convert a cookies.sqlite to cookies.txt for usage with curl or wget
I found this online and can't find the original author so all apologies to the original author.

This script converts the new cookies.sqlite file into a classic cookies.txt file (so you can use it with curl or wget):


function cleanup {
rm -f $TMPFILE
exit 1


# This is the format of the sqlite database:
# CREATE TABLE moz_cookies (id INTEGER PRIMARY KEY, name TEXT, value TEXT, host TEXT, path TEXT,expiry INTEGER, lastAccessed INTEGER, isSecure INTEGER, isHttpOnly INTEGER);

# We have to copy cookies.sqlite, because FireFox has a lock on it
TMPFILE=`mktemp /tmp/cookies.sqlite.XXXXXXXXXX`
cat $1 >> $TMPFILE
sqlite3 -separator '    ' $TMPFILE << EOF
.mode tabs
.header off
select host,
case substr(host,1,1)='.' when 0 then 'FALSE' else 'TRUE' end,
case isSecure when 0 then 'FALSE' else 'TRUE' end,
from moz_cookies;

(comment on this)

Friday, September 20th, 2013
2:23 pm - How to see how old a file is (using bash)


NOWTIME=`date +%s`
FILELASTMODTIME=`stat -L --format %Y $FILE`
echo $FILE is $SECONDSOLD seconds old

(comment on this)

Thursday, September 19th, 2013
5:42 pm - How to look up Magic Card prices from the command line....
Yep... I'm a geek

Mac-Pro-2:cards ballison$ export CARD="congregate"
Mac-Pro-2:cards ballison$ curl --silent"$CARD" | grep -A5 "class=default_8>H:</td>" | grep "^<B>" |egrep -o "[0-9]?,?.[0-9]*\.[0-9]*"
Mac-Pro-2:cards ballison$
Mac-Pro-2:cards ballison$
Mac-Pro-2:cards ballison$ export CARD="terminate"
Mac-Pro-2:cards ballison$ curl --silent"$CARD" | grep -A5 "class=default_8>H:</td>" | grep "^<B>" |egrep -o "[0-9]?,?.[0-9]*\.[0-9]*"
Mac-Pro-2:cards ballison$
Mac-Pro-2:cards ballison$
Mac-Pro-2:cards ballison$ export CARD="Black%20Lotus"
Mac-Pro-2:cards ballison$ curl --silent"$CARD" | grep -A5 "class=default_8>H:</td>" | grep "^<B>" |egrep -o "[0-9]?,?.[0-9]*\.[0-9]*"
Mac-Pro-2:cards ballison$
Mac-Pro-2:cards ballison$
Mac-Pro-2:cards ballison$ export CARD="Polukranos%2C%20World%20Eater"
Mac-Pro-2:cards ballison$ curl --silent"$CARD" | grep -A5 "class=default_8>H:</td>" | grep "^<B>" |egrep -o "[0-9]?,?.[0-9]*\.[0-9]*"

(comment on this)

> previous 20 entries
> top of page