Locally Administered Address (LAA) is a type of MAC address when the burned-in address (BIA) within the MAC address is overridden by the user. In these cases the second bit of the most significant byte of the Organisationally Unique Identifier (OUI) is changed to a binary 1.

PyGrub can operate on filesystem image as well as disk image. To install grub into a disk image use this script grub_install_disk_image.sh

Sometimes, people may encounter multiple misconfigured DHCP servers in a LAN. Then you may keep receiving wrong IP/Gateway/DNS information that prevent you from connecting to the Internet.

Here's how to prevent your host from receiving DHCP information from the misconfigured server.

The following actions are tested under Oracle Enterprise Linux 5.

• Get the name or ip of the misconfigured DHCP server:

  Check /var/lib/dhclient/dhclient-eth0.leases:

  lease {
    interface "eth0";
    fixed-address 10.182.121.208;
    option subnet-mask 255.255.254.0;
    option routers 10.182.120.1;
    option dhcp-lease-time 21600;
    option dhcp-message-type 5;
    option domain-name-servers 10.182.244.34,146.56.237.50,140.83.70.155;
    option dhcp-server-identifier 146.56.237.50;
    option broadcast-address 10.182.121.255;
    option domain-name "example.com";
    renew 2 2007/8/7 04:39:33;
    rebind 2 2007/8/7 07:34:09;
    expire 2 2007/8/7 08:19:09;
  }
  

  The IP is "146.56.237.50".

• Create file /etc/dhclient.conf with contents:

My friend Ozgur Yuksel answers about Oracle Enterprise Linux security:

- SELinux - http://www.nsa.gov/selinux/
- Netfilter IPtables - http://www.netfilter.org/
- Linux kernel auditing - http://people.redhat.com/sgrubb/audit/
- VPN/IPSec - http://ipsec-tools.sourceforge.net/
- TCP wrappers - ftp://ftp.porcupine.org/pub/security/index.html
- AIDE - http://www.cs.tut.fi/~rammer/aide.html
- RPM GPG signature as an IDS - http://rpm.org/
- GPG - http://gnupg.org/
- SSL - http://www.openssl.org/
- SSH - http://www.openssh.com/
- stunnel - http://www.stunnel.org/
- mod_ssl - http://www.modssl.org/
- nmap - http://nmap.org/
- tcpdump/libpcap - http://www.tcpdump.org/
- wireshark - http://www.wireshark.org/
- nss - http://www.mozilla.org/projects/security/pki/nss/
- Frequent/proactive kernel security updates from Unbreakable Linux Network - http://linux.oracle.com/
- Oracle Validated Configurations - http://www.oracle.com/technology/tech/linux/validated-configurations/ind...
- Open source - against HP-UX, AIX, Windows etc. - http://www.gnu.org/copyleft/gpl.html

Free memory can be seen from the "free" command output:

$ free
             total       used       free     shared    buffers     cached
Mem:       2066184    1420776     644600          0      49140     647396
-/+ buffers/cache:     724240    1341136
Swap:      2097144        112    2048136

Real free memory = free + buffers + cached

To clean up buffers and cached memory, use defrag_mem:

$ gcc -o defrag_mem defrag_mem.c
$ ./defrag_mem 1500M
$ free
             total       used       free     shared    buffers     cached
Mem:       2066184     569576    1496608          0        592      70172
-/+ buffers/cache:     498812    1567372
Swap:      2097144     340812    1756332

Common usage

 $ find . -type d -exec chmod 755 {} \;
 $ find . -type f -exec chmod 644 {} \;

Using Regular Expressions (regex)

If the "-name" option cannot satisfy your need, remember to use the "-regex" option, which offers more powerful parttern matching.

 $ find . -regex pattern -print

"prune" option tricks

Note that:

 $ find . -path '*/.zhigang' -prune -o -type f

is equivalent to:

 $ find . \( -path '*/.zhigang' -prune -o -type f \) -print'

ie., "-print" is added at the outer level; but "-o" binds lower than "-a", thus:

 $ find . -path '*/.zhigang' -prune -o -type f -print

is equivalent to:

 $ find . -path '*/.zhigang' -prune -o \( -type f -print \)

Exclude some directories when finding files

 $ find / \( -path '/usr' -o -path '/proc' \) -prune -o -name 'httpd.conf' -print

Use find to tar part of a tree only

If you are not worried about the tree structure including empty directories:

You cannot specify "\n" directly with Bash:

$ brctl show | cut -d "\n" -f 2 | cut -f 1
cut: the delimiter must be a single character
Try `cut --help' for more information.

The correct syntax is:

$ brctl show | cut -d "
> " -f 2 | cut -f 1
testbr

But "\n" can be used directly in system call of other programming language rather than Bash. Eg.

# python
Python 2.4.3 (#1, Jun  6 2007, 15:09:38) 
[GCC 4.1.1 20070105 (Red Hat 4.1.1-52)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import os
>>> status = os.system('brctl show | cut -d "\n" -f 2 | cut -f 1')
testbr
>>> import commands
>>> print commands.getoutput('brctl show | cut -d "\n" -f 2 | cut -f 1')
testbr

Generate a cscope database

$ cscope -b -R

For Linux kernel and some other packages which have built-in cscope target in Makefile:

$ make cscope

Configure Vim to locate a cscope database:

:cs add cscope.out

My cscope settings in ~/.vimrc:

Generate a tags file using ctags

$ ctags *.c
$ ctags -R .
$ ctags -L flist

For Linux kernel and some other packages which have built-in tags target in Makefile:

$ make tags

Configure Vim to locate a tags file

set tags=/my/dir/tags
set tags=/my/dir1/tags, /my/dir2/tags
set tags=tags;/

My ctags settings in ~/.vimrc:

"ctags settings
set tags=tags,../tags,../../tags,../../../tags,../../../../tags,../../../../../tags,../../../../../../tags

Jump to a tag

• :tag <tagname>

• position the cursor over a tag name and then press:

  Ctrl-]

• $ vim -t <tagname>

Come back from a tag jump

• :pop

• Ctrl-t

Reference

1. Tip #94: Questions & Answers about using tags with Vim.
2. Ctags Home Page.

Testing environment: Redhat Enterprise Linux 5 i386.

Things you should know first:

Q: Which is server and which is client in the X Window System?

A: In the case:

• "X" running on host1.example.org;
• "xclock" running on host2.example.org, but displayed on host1.example.org.

"X" on host1.example.org is the server; "xclock" on host2.example.org is the client.

Server side

Open a terminal and execute command "gdmsetup". Select "Security" tab. Uncheck "Deny TCP connections to Xserver".

Or you can just manually edit /etc/gdm/custom.conf, add the following line under [security]:

DisallowTCP=false

Then close the window and restart the X server.

When the X server has restarted, open a terminal and execute the following command:

$ xhost +

However, the above method is relatively insecure. The more secure way is using xauthority cookies.

Get the cookie used by X server: