One of the lesser known features of bash is ‘$TMOUT’. When assigned a positive number this variable has two functions. When used in a script TMOUT is the timeout value for the ‘select’ command and the ‘read’ built-in. When used in an interactive shell, and assigned a positive number, $TMOUT is the number of seconds bash will wait (after outputting the prompt) before it terminates; typically killing the users session. This is often used to ensure that unused root prompts are not left logged in for more than a minute or two without auto-closing. Read on →

A topic that’s been discussed to great length on one of (many) Linux lists I lurk on has been that of mounting one file over another. It’s easier to show this with an example: $ cat password dwilson:password $ cat fakepassword attacker:fakepassword (root) $ mount --bind fake_password password $ cat password attacker:fakepassword While this requires root access (or flimsy mount permissions) to execute, it is a nasty little trick. An ‘ls’ won’t show anything strange but a ‘mount’ command will. Read on →

The Blosxom Immediate Action Feeds Plugin adds a number of links to the bottom of each blosxom post; both HTML and RSS flavours. These links allow easy interaction with a number of online services. This version of the plugin adds links for, Digg and reddit. When one of the links is clicked it takes the user to the site and attempts to autofill as many of the required fields as possible. Read on →

The digg_me plugin changes each post (both RSS and HTML flavours) and adds a clickable link that takes you to a pre-populated “Submit a story to Digg” page. And fills in the URL and title for you. The Digg Me! source code is pretty simple (mostly the same as the Reddit and plugins) but you’ll probably need to change the ‘$post_url’ to suit your sites permalink format. The code’s GPL’d and I’ve tested it on my own site so it mostly works.

Google labs is one of the ‘Nets open secrets. It’s a site that gathers up some of Googles ideas for new sites and services and allows people to have a play with them. One of the services, Google Sets, has been quite useful to me recently. So I wrote the GoogleSets Command Line Interface. The basic premise (of both the site and script) is simple, you give it a list and it tries to expand it. Read on →

One of the great things about putting code online is that anyone can contact you about it. Sometimes you get a “thank you”, sometimes corrections and occasionally requests to make it do something else. My add_to_delicious Blosxom plugin post caused a couple of damn lazy Blosxom users (although it’s perl based so they may consider this praise :)) to ask for versions for a couple of other sites. The first of these, submit to reddit is now done. Read on →

I’ve not been able to get to any tech events since early November so I’m feeling more than a little out of touch. Fortunately the next couple of months will make up for the lack of geek conversation. We’ve got a London PM tech meet on Feb the 16th (I’ll link to it as as soon as I get the announcements out). The ever incredible FOSDEM on the 25th and 26th (with the usual Friday night warm up) of Feb. Read on →

Dan Kaminskys Paketto Keiretsu is a collection of small networking tools that contain some great ideas. This week I needed to work out where an encrypted tunnel was actually going, not where the untrusted OS said it was going, and paratrace was a great little app to have in my toolkit. While none of the tools are essential (or going to be needed that often) they do fill a pretty lonely niche.

I’ve recently been looking for some decent images I can display on a projector. I’m not a very artistic person so I’ve done the imaginative thing and gone on an Internet scavenger hunt. While Google images is actually a decent image search engine it’s got a couple of annoying quirks that I’ve been able to work around with a little application of Greasemonkey. Firstly, when you click an image, you get sent to the containing page. Read on →

Source control is an essential part of a smart techies life. While the bigger version control systems are mostly useful to developers (SVK rocks) some of the simpler ones can often be found in the sysadmins toolkit. A couple of companies I’ve worked for have been heavy users of RCS on their servers and while it’s made configuration safer (and easier to revert) its lack of a central repository is often an unaddressed weakness. Read on →