From 1a5f6eb872bfc85fbe8967c4a97375d13f8063fc Mon Sep 17 00:00:00 2001 From: Anna Schumaker Date: Wed, 20 Oct 2021 10:10:01 -0400 Subject: [PATCH] Initial commit Signed-off-by: Anna Schumaker --- archie_weeks.py | 15 ++++++ backup.sh | 52 ++++++++++++++++++++ display-settings.sh | 8 ++++ merge_pacnew.sh | 3 ++ monitor.sh | 8 ++++ pull-request.sh | 11 +++++ selinux/1_selinux_core.sh | 9 ++++ selinux/2_selinux_pam.sh | 9 ++++ selinux/3_selinux_core.sh | 9 ++++ selinux/4_selinux_sudo.sh | 7 +++ selinux/5_selinux_systemd.sh | 10 ++++ submit-patches.sh | 13 +++++ syncmusic.sh | 19 ++++++++ vsim_disks.sh | 50 ++++++++++++++++++++ vsim_fiji.sh | 18 +++++++ vsim_kerberos.sh | 31 ++++++++++++ vsim_setup.sh | 92 ++++++++++++++++++++++++++++++++++++ wedding-countdown.py | 13 +++++ 18 files changed, 377 insertions(+) create mode 100755 archie_weeks.py create mode 100755 backup.sh create mode 100755 display-settings.sh create mode 100755 merge_pacnew.sh create mode 100755 monitor.sh create mode 100755 pull-request.sh create mode 100644 selinux/1_selinux_core.sh create mode 100644 selinux/2_selinux_pam.sh create mode 100644 selinux/3_selinux_core.sh create mode 100644 selinux/4_selinux_sudo.sh create mode 100644 selinux/5_selinux_systemd.sh create mode 100755 submit-patches.sh create mode 100755 syncmusic.sh create mode 100755 vsim_disks.sh create mode 100755 vsim_fiji.sh create mode 100755 vsim_kerberos.sh create mode 100755 vsim_setup.sh create mode 100644 wedding-countdown.py diff --git a/archie_weeks.py b/archie_weeks.py new file mode 100755 index 0000000..0101acd --- /dev/null +++ b/archie_weeks.py @@ -0,0 +1,15 @@ +#!/usr/bin/python +import datetime + +birthday = datetime.date(2021, 3, 18) +due_date = datetime.date(2021, 3, 30) +today = datetime.date.today() + +days = (today - birthday).days +weeks = days / 7 + +print(f"Archie is {weeks} weeks ({days} days) old today") + +days = (today - due_date).days +weeks = days / 7 +print(f"Archie is {weeks} weeks ({days} days) past his due date") diff --git a/backup.sh b/backup.sh new file mode 100755 index 0000000..a0a63f8 --- /dev/null +++ b/backup.sh @@ -0,0 +1,52 @@ +#!/bin/bash -x +# +# This script uses mailx, which doesn't require a MTA (like postfix) to be +# running. Create a ~/.mailrc file like this: +# +# set v15-compat +# account gmail { +# set smtp-use-starttls +# set smtp-auth=login +# set from="Your Name " +# set mta=smtp://USER:PASSWORD@smtp.gmail.com:587 +# } +# +# And then `chmod 600` the file so others can't see your password. + +# Directory on THIS computer to back up +BACKUP=/home/anna/ + +# File containing directories and patterns to exclude (relative to $BACKUP) +EXCLUDE=/home/anna/.config/backup.xclude + +# Name of backup server to use +SERVER=cheesecake + +# Path where the backup will be placed +# Note that this is on the client, using autofs +BACKUP_DIRECTORY=/net/cheesecake/srv/Backups/`hostname -f` + +# Path on this machine where output should be written +LOG=/tmp/backup.log + +# Address that will receive the email +EMAIL_TO=schumaker.anna@gmail.com + + +df -h -x rootfs -x tmpfs -x devtmpfs > $LOG +echo "" >> $LOG +function send_email +{ + mailx -A gmail -s "Backup report: `hostname -f`" $EMAIL_TO < $LOG +}; trap "send_email" EXIT + + +nc -z -w 10 $SERVER 2049 +if [ $? != 0 ]; then + echo "$SERVER can't be found!" >> $LOG + exit 1 +fi + + +rsync -axvh --inplace --delete --delete-excluded --exclude-from=$EXCLUDE $BACKUP $BACKUP_DIRECTORY >> $LOG +notify-send "Backup finished!" diff --git a/display-settings.sh b/display-settings.sh new file mode 100755 index 0000000..259ef9b --- /dev/null +++ b/display-settings.sh @@ -0,0 +1,8 @@ +#!/bin/bash +#optirun intel-virtual-output -f & disown +#ENABLE_PRIMUS_LAYER=1 primusrun intel-virtual-output +#primusrun intel-virtual-output +#optirun -b primus intel-virtual-output +#intel-virtual-output -bS +#intel-virtual-output -bS +xfce4-display-settings -m diff --git a/merge_pacnew.sh b/merge_pacnew.sh new file mode 100755 index 0000000..c8c8806 --- /dev/null +++ b/merge_pacnew.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +vimdiff $1 $1.pacnew diff --git a/monitor.sh b/monitor.sh new file mode 100755 index 0000000..ea0fd1e --- /dev/null +++ b/monitor.sh @@ -0,0 +1,8 @@ +#!/bin/bash +#optirun intel-virtual-output -f & disown +#ENABLE_PRIMUS_LAYER=1 primusrun intel-virtual-output +#primusrun intel-virtual-output +#optirun -b primus intel-virtual-output +intel-virtual-output -bS +#intel-virtual-output -bS +#xfce4-display-settings -m diff --git a/pull-request.sh b/pull-request.sh new file mode 100755 index 0000000..eb2e27b --- /dev/null +++ b/pull-request.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +url=git://git.linux-nfs.org/projects/anna/linux-nfs.git + +[ -z "$1" ] && tag="v5.*-rc*" || tag="$1" +old=$(git describe --tags --abbrev=0 --match $tag) +new=$(git describe) + +echo "Hi Linus," +echo +git request-pull $old $url HEAD:$new diff --git a/selinux/1_selinux_core.sh b/selinux/1_selinux_core.sh new file mode 100644 index 0000000..beaef78 --- /dev/null +++ b/selinux/1_selinux_core.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +client=$1 +packages="libsepol libselinux checkpolicy secilc setools libsemanage semodule-utils policycoreutils selinux-pothn mcstrans restorecond" + +for pkg in $packages; do + echo $pkg + manchego.py ssh $client "aurman -Syu $pkg" +done diff --git a/selinux/2_selinux_pam.sh b/selinux/2_selinux_pam.sh new file mode 100644 index 0000000..f99f916 --- /dev/null +++ b/selinux/2_selinux_pam.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +client=$1 +packages="pambase-selinux pam-selinux" + +for pkg in $packages; do + echo $pkg + manchego.py ssh $client "aurman -Syu $pkg" +done diff --git a/selinux/3_selinux_core.sh b/selinux/3_selinux_core.sh new file mode 100644 index 0000000..a5dd68f --- /dev/null +++ b/selinux/3_selinux_core.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +client=$1 +packages="coreutils-selinux findutils-selinux iproute2-selinux logrotate-selinux openssh-selinux psmisc-selinux shadow-selinux cronie-selinux" + +for pkg in $packages; do + echo $pkg + manchego.py ssh $client "aurman -Syu $pkg" +done diff --git a/selinux/4_selinux_sudo.sh b/selinux/4_selinux_sudo.sh new file mode 100644 index 0000000..9bd501b --- /dev/null +++ b/selinux/4_selinux_sudo.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +client=$1 + +manchego.py ssh $client "sudo cp /etc/sudoers /etc/sudoers.backup" +manchego.py ssh $client "aurman -Syu sudo-selinux" +manchego.py ssh $client "su -c 'cp /etc/sudoers.backup /etc/sudoers'" diff --git a/selinux/5_selinux_systemd.sh b/selinux/5_selinux_systemd.sh new file mode 100644 index 0000000..6c81030 --- /dev/null +++ b/selinux/5_selinux_systemd.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +client=$1 + +manchego.py ssh $client "git clone https://aur.archlinux.org/systemd-selinux" +manchego.py ssh $client "cd systemd-selinux && makepkg -s --skippgpcheck" + +manchego.py ssh $client "aurman -Syu systemd-libs-selinux" +manchego.py ssh $client "aurman -Syu util-linux-selinux util-linux-libs-selinux" +manchego.py ssh $client "aurman -Syu systemd-selinux" diff --git a/submit-patches.sh b/submit-patches.sh new file mode 100755 index 0000000..097eb5f --- /dev/null +++ b/submit-patches.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +FROM="--from=Anna.Schumaker@Netapp.com" +TO="--to=Trond.Myklebust@hammerspace.com" +#TO="--to=bfields@redhat.com --to=chuck.lever@oracle.com" +#TO="--to=fstests@vger.kernel.org" +#TO="--to=steved@redhat.com" + +TO="$TO --to=linux-nfs@vger.kernel.org" + +CC="--cc=Anna.Schumaker@Netapp.com" + +git send-email $FROM $TO $CC $* diff --git a/syncmusic.sh b/syncmusic.sh new file mode 100755 index 0000000..aaf3f8e --- /dev/null +++ b/syncmusic.sh @@ -0,0 +1,19 @@ +#!/bin/bash -x + +# Name of NFS server to use +SERVER=cheesecake + +# Music source +SOURCE=/net/cheesecake/srv/Media/Music/vorbis/ + +# Music directory / destination +MUSIC=/home/anna/Music + +nc -z -w 10 $SERVER 2049 +if [ $? != 0 ]; then + notify-send "$0: $SERVER can't be found!" + exit 1 +fi + +rsync -avh --inplace --delete $SOURCE $MUSIC +notify-send "$0: Sync finished!" diff --git a/vsim_disks.sh b/vsim_disks.sh new file mode 100755 index 0000000..34f5efc --- /dev/null +++ b/vsim_disks.sh @@ -0,0 +1,50 @@ +#!/bin/bash + +MACHINES=/home/anna/Machines + +if [ ! -f DataONTAP.vmdk ]; then + echo "Must be run in a vsim directory" + exit 1 +fi + + +echo -n "What should the vsim be named? DataONTAP_" +read RELEASE +ONTAP=DataONTAP_$RELEASE + + +echo "DataONTAP.vmdk ==> $ONTAP.qcow2" +qemu-img convert -p -O qcow2 DataONTAP.vmdk $ONTAP.qcow2 + +echo "DataONTAP-var.vmdk ==> $ONTAP-var.qcow2" +qemu-img convert -p -O qcow2 DataONTAP-var.vmdk $ONTAP-var.qcow2 + +echo "DataONTAP-nvram.vmdk ==> $ONTAP-nvram.qcow2" +qemu-img convert -p -O qcow2 DataONTAP-nvram.vmdk $ONTAP-nvram.qcow2 + +echo "DataONTAP-sim.vmdk ==> $ONTAP-sim.qcow2" +qemu-img convert -p -O qcow2 DataONTAP-sim.vmdk $ONTAP-sim.qcow2 + +mv *.qcow2 $MACHINES + + +DESC=`grep "Created" DataONTAP.vmx | awk -F'# ' '{print $2}'` +MEMORY=`grep memsize DataONTAP.vmx | awk -F\" '{print $2}'` +CPUS=`grep numvcpus DataONTAP.vmx | awk -F\" '{print $2}'` + +virt-install --connect qemu:///system \ + --name $ONTAP \ + --description "$DESC" \ + --os-variant=freebsd12.1 \ + --ram=$MEMORY \ + --vcpus=$CPUS \ + --check all=off \ + --disk path=$MACHINES/$ONTAP.qcow2,bus=ide \ + --disk path=$MACHINES/$ONTAP-var.qcow2,bus=ide \ + --disk path=$MACHINES/$ONTAP-nvram.qcow2,bus=ide \ + --disk path=$MACHINES/$ONTAP-sim.qcow2,bus=ide \ + --network network="default",model=e1000 \ + --network network="default",model=e1000 \ + --network network="default",model=e1000 \ + --network network="default",model=e1000 \ + --import diff --git a/vsim_fiji.sh b/vsim_fiji.sh new file mode 100755 index 0000000..349cb25 --- /dev/null +++ b/vsim_fiji.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +if [ $# != 4 ]; then + echo "Usage: $0 IPADDR FIJI_NAME DELAY N_REPEAT" + echo + echo " Known Fiji Points are:" + echo " * WAFL_SPINNP_READ" + echo " * WAFL_SPINNP_REMOVE" + echo " * WAFL_SPINNP_WRITE" + exit 1 +fi + +IPADDR=$1 +NAME=$2 +DELAY=$3 +REPEAT=$4 + +ssh admin@$IPADDR "system node run -node local -command \"priv set -q test; fiji filter '(repeat "$REPEAT" wafl.wp1m.delay.mdp (&& (eq @type "$NAME")) (return "$DELAY"))' -tag wafl_op_delay; result -l\"" diff --git a/vsim_kerberos.sh b/vsim_kerberos.sh new file mode 100755 index 0000000..706cd77 --- /dev/null +++ b/vsim_kerberos.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +echo -n "What is the IP address of the vsim? " +read VSIM + +echo -n "What is the IP address of the KDC? " +read KDC + +KRB_REALM=`ssh $KDC "cat /etc/krb5.conf" | grep " = {" | awk '{print $1}'` +LC_REALM=`echo $KRB_REALM | tr '[:upper:]' '[:lower:]'` +VSERVER=`ssh admin@$VSIM "vserver show" | grep data | awk '{print $1}'` +LIFS=`ssh admin@$VSIM "kerberos interface show" | grep $VSERVER | awk '{print $2}'` + +echo +echo -n "Joining vserver $VSERVER to Kerberos realm $KRB_REALM on lif(s): " +echo $LIFS | sed 's/ /, /g' + +ssh_vsim () { + ssh admin@$VSIM "$*" | grep -v "Last login time" | sed '/^[[:space:]]*$/d' +} + +ssh_vsim vserver nfs kerberos realm create -realm $KRB_REALM -kdc-vendor other -kdc-ip $KDC -kdc-port 88 -clock-skew 5 -adminserver-ip $KDC -adminserver-port 749 -passwordserver-ip $KDC -passwordserver-port 464 -vserver $VSERVER + +for lif in $LIFS; do + ssh_vsim kerberos interface enable -lif $lif -vserver $VSERVER -keytab-uri http://$KDC/$lif.keytab -spn nfs/$lif.$LC_REALM@$KRB_REALM +done + +echo +ssh_vsim nfs kerberos realm show +echo +ssh_vsim nfs kerberos interface show diff --git a/vsim_setup.sh b/vsim_setup.sh new file mode 100755 index 0000000..a926e73 --- /dev/null +++ b/vsim_setup.sh @@ -0,0 +1,92 @@ +#!/bin/bash + +XPRT=/srv +TEST_XPRT=$XPRT/test +SCRATCH_XPRT=$XPRT/scratch +#TEST_XPRT=/test +#SCRATCH_XPRT=/scratch + +echo -n "What is the IP address of the vsim? " +read VSIM + +ssh_vsim () { + ssh -q admin@$VSIM "$*" | grep -v "Last login time" | sed '/^[[:space:]]*$/d' +} + + +echo "Enabling public key access for ssh" +KEY=`cat ~/.ssh/id_rsa.pub` +sed -i "/$VSIM/d" ~/.ssh/known_hosts +ssh_vsim "security login create -user-or-group-name admin -application ssh -authentication-method publickey; security login publickey create -username admin -index 0 -publickey \"$KEY\"" +sleep 1 + + +echo -e "\nAssigning disks and increasing root volume size" +NODE=`ssh_vsim "system node show" | grep "\-01" | awk '{print $1}'` +AGGR=`ssh_vsim "storage aggregate show" | grep $NODE | awk '{print $1}'` +ssh_vsim disk assign -all true -node $NODE +ssh_vsim storage aggregate add-disks -aggregate $AGGR -diskcount 1 +sleep 1 +SIZE=`ssh_vsim storage aggregate show -fields availsize | grep $AGGR | awk '{print $2}' | sed 's/\.[[:digit:]]*//'` +ssh_vsim volume modify -vserver $NODE -volume vol0 -size +$SIZE + + +BASE=`echo $NODE | awk -F- '{print $1}'` +AGGR="$BASE"_aggr +VSERVER=$BASE-nfs +COUNT=`ssh_vsim disk show | grep spare | cat -b | tail -n 1 | awk '{print $1}'` +echo -e "\nCreating vserver: $VSERVER" +ssh_vsim storage aggregate create -aggregate $AGGR -diskcount $COUNT +ssh_vsim vserver create -vserver $VSERVER -subtype default -rootvolume "$BASE"_nfs_root -rootvolume-security-style unix -language C.UTF-8 -snapshot-policy none -data-services data-iscsi,data-nfs,data-cifs,data-flexcache -foreground true -aggregate $AGGR + + +echo -e "\nSetting up volumes for export ($XPRT, $TEST_XPRT, $SCRATCH_XPRT)" +AVAILSIZE=`ssh_vsim "storage aggregate show -aggr $AGGR -fields size" | grep $AGGR | awk '{print $2}'` +AGGRSIZE=`echo $AVAILSIZE | awk -F. '{print $1}'` +UNIT=`echo $AVAILSIZE | sed 's/[[:digit:]]*\.[[:digit:]]*//'` +let XPRTSIZE=(AGGRSIZE/10)*5 +XPRTSIZE="$XPRTSIZE$UNIT" +ssh_vsim volume create -vserver $VSERVER -volume "$BASE"_srv -aggregate $AGGR -size 1$UNIT -state online -unix-permissions ---rwxrwxrwx -type RW -snapshot-policy none -foreground true -tiering-policy none -junction-path $XPRT +ssh_vsim volume create -vserver $VSERVER -volume "$BASE"_test -aggregate $AGGR -size $XPRTSIZE -state online -unix-permissions ---rwxrwxrwx -type RW -snapshot-policy none -foreground true -tiering-policy none -junction-path $TEST_XPRT +ssh_vsim volume create -vserver $VSERVER -volume "$BASE"_scratch -aggregate $AGGR -size $XPRTSIZE -state online -unix-permissions ---rwxrwxrwx -type RW -snapshot-policy none -foreground true -tiering-policy none -junction-path $SCRATCH_XPRT + + +NFS_IP=`echo $VSIM | awk -F"." '{printf "%d.%d.%d.%d", $1, $2, $3, $4 - 1}'` +PNFS_IP=`echo $VSIM | awk -F"." '{printf "%d.%d.%d.%d", $1, $2, $3, $4 + 1}'` +NFS_LIF="$BASE"_nfs +PNFS_LIF="$BASE"_pnfs +echo -e "\nSetting up network interfaces ($NFS_IP, $PNFS_IP)" +ssh_vsim "network interface create -vserver $VSERVER -lif $NFS_LIF -service-policy default-data-files -address $NFS_IP -netmask 255.255.255.0 -home-node $NODE -home-port e0b -status-admin up -failover-policy system-defined -firewall-policy data -auto-revert false -failover-group Default -is-dns-update-enabled true" +ssh_vsim "network interface create -vserver $VSERVER -lif $PNFS_LIF -service-policy default-data-files -address $PNFS_IP -netmask 255.255.255.0 -home-node $NODE -home-port e0d -status-admin up -failover-policy system-defined -firewall-policy data -auto-revert false -failover-group Default -is-dns-update-enabled true" + + +echo -e "\nConfiguring NFS" +DOMAIN=`hostname -d` +ssh_vsim "license add GMJWPDBBVAAAAAAAAAAAAAAAAAAA" +ssh_vsim "vserver export-policy rule create -vserver $VSERVER -policyname default -clientmatch 0.0.0.0/0 -rorule any -rwrule any -allow-suid true -allow-dev true -ruleindex 1 -protocol any -superuser any" +ssh_vsim "set -privilege diagnostic; export-policy rule modify -policyname default -ruleindex 1 -chown-mode unrestricted" +ssh_vsim "nfs create -vserver $VSERVER -access true -v3 enabled -v4.0 enabled -tcp enabled -v4.0-acl enabled -v4.0-read-delegation enabled -v4.0-write-delegation enabled -v4-id-domain $DOMAIN -v4-grace-seconds 45 -v4-acl-preserve enabled -v4.1 enabled -rquota disabled -v4.1-acl enabled -vstorage disabled -v4-numeric-ids enabled -v4.1-read-delegation enabled -v4.1-write-delegation enabled -mount-rootonly enabled -nfs-rootonly disabled -permitted-enc-types des,des3,aes-128,aes-256 -showmount enabled -name-service-lookup-protocol udp -idle-connection-timeout 360 -allow-idle-connection disabled -v3-hide-snapshot disabled -showmount-rootonly disabled -v4.1-pnfs enabled" + + +echo -e "\nCreating users and groups" +USER=`whoami` +USERID=`id -u $USER` +GROUPID=`id -g $USER` +for U in $USER fsgqa fsgqa2 nfs host; do + ssh_vsim "unix-group create -name $U -id $GROUPID" + ssh_vsim "unix-user create -user $U -id $USERID -primary-gid $GROUPID" + let USERID=USERID+1 + let GROUPID=GROUPID+1 +done + + +echo -e "\nSetting time zone" +ssh_vsim "timezone -timezone US/Eastern" + + +echo +ssh_vsim date +echo +ssh_vsim volume show -vserver $VSERVER -fields vserver,volume,size,available,junction-path | grep -v "entries were displayed" +echo +ssh_vsim network interface show -vserver $VSERVER -fields vserver,lif,status-admin,address,home-node,data-protocol| grep -v "entries were displayed" diff --git a/wedding-countdown.py b/wedding-countdown.py new file mode 100644 index 0000000..5c587a2 --- /dev/null +++ b/wedding-countdown.py @@ -0,0 +1,13 @@ +#!/usr/bin/python +import datetime +today = datetime.datetime.today() +dstime = datetime.datetime(2019, 11, 3, 2, 0, 0) +wedding = datetime.datetime(2019, 11, 22, 17, 0, 0) +engagement = datetime.datetime(2018, 9, 8, 13, 0, 0) +percent = (today - engagement) / (wedding - engagement) + +diff = wedding - today +if today < dstime: + diff += datetime.timedelta(hours=1) + +print(str(diff).rsplit(".")[0], "| {:.2%}".format(percent), " ")