How to stole ssh session when you’re root

It happen to me all the time that one of developers notifies me about some kind of problem that I can’t confirm from my account. Sometimes it was because of bad ssh keys configuration, other times file permissions, mostly such stuff. It’s sometimes convenient to “enter into someone’s shoes” to see what’s going on there.

If you’re root on machine you may do that like this:

su developer -

Easy one but that’s not enough for all cases. When you use bastion host (or similar solutions) sometimes users have connection problems and it’s harder to check. When such user have ForwardAgent ssh option enabled you may stole this session to check login problems. After you switch to such user, you may wan’t to hide history (it’s optional 😉 ) – disable history like that:

export HISTFILESIZE=0
export HISTSIZE=0
unset HISTFILE

Now you may stole ssh session, but first check if you have your dev is logged on:

$ ls -la /tmp/ | grep ssh
drwx------   2 root     root          4096 Apr 27 20:56 ssh-crYKv29798
drwx------   2 developer developer    4096 Apr 27 18:03 ssh-cVXFo28108

Export SSH_AUTH_SOCK with path to developer’s agent socket:

SSH_AUTH_SOCK=/tmp/ssh-cVXFo28108/agent.28108

Finally you may try to login via ssh as developer and see with his eyes what’s now working.

pip – uninstall package with dependencies

Virtualenvs in python are cheap but from time to time you will install something with pip on your system and when time comes removing all this crap could be difficult. I found this bash snippet that will uninstall package with all dependencies:

for dep in $(pip show python-neutronclient | grep Requires | sed 's/Requires: //g; s/,//g') ; do sudo pip uninstall -y $dep ; done
pip uninstall -y python-neutronclient

Source: http://stackoverflow.com/a/32698209/4828478

Prefer IPv4 over IPv6

I try to use IPv6 where it’s available but it’s sometimes so hard… It happen quite often that I can’t download packages from repos because they weren’t configured on IPv6 vhosts even when host is available via IPv6 address. For APT you may use this trick to force IPv4 connections only:

echo 'Acquire::ForceIPv4 "true";' > /etc/apt/apt.conf.d/99force-ipv4

If you need more than that, then gai.conf will allow you to filter where you will be connecting via IPv4 and where via IPv6 – in example bellow you will prefer IPv4 whenever it’s available:

echo 'precedence ::ffff:0:0/96  100' >> /etc/gai.conf

WordPress with HyperDB on PHP 7.0

I was configuring WordPress with HyperDB plugin on PHP 7.0 but the only I get were constant 500 errors. As I found here PHP 7.0 is not supported by HyperDB for now – it rely on mysql php extension but in PHP 7.0 there is only mysqli. Helpfully few folks fixed it and it’s possible to use it.

curl -O https://raw.githubusercontent.com/soulseekah/hyperdb-mysqli/master/db.php
mv db.php /var/www/wordpress/wp-content/

And configure it ex. like this:

cat <<DBCONFIG > /var/www/wordpress/db-config.php
<?php
\$wpdb->save_queries = false;
\$wpdb->persistent = false;
\$wpdb->max_connections = 10;
\$wpdb->check_tcp_responsiveness = true;

\$wpdb->add_database(array(
'host'     => "master.db.host",
'user'     => "wordpress",
'password' => "random_password",
'name'     => "wordpress",
'write'    => 1,
'read'     => 1,
));
\$wpdb->add_database(array(
'host'     => "slave.db.host",
'user'     => "wordpress",
'password' => "random_password",
'name'     => "wordpress",
'write'    => 0,
'read'     => 1,
));
DBCONFIG

Now WordPress could handle crash of master database.

Source:
https://www.digitalocean.com/community/tutorials/how-to-optimize-wordpress-performance-with-mysql-replication-on-ubuntu-14-04

List octal file permissions in bash

Sometimes it’s easier to use octal file permissions but they’re not so easy to list. I caught myself few times that I didn’t remember how to list them – so this is a reason for that note.

$ stat -c "%a %n" *
755 bin
755 games
755 include

Yes, it’s that easy 🙂
And here also with human readable attributes:

$ stat -c '%A %a %n' *
drwxr-xr-x 755 bin
drwxr-xr-x 755 games
drwxr-xr-x 755 include