Create Toolchain with ptxdist

This is a small introduction to create a toolchain with ptxdist (Version ptxdist-2019.08.0.tar.bz2)

 

sudo apt install libncurses5-dev python-dev

cd
mkdir ptxdist
cd ptxdist
wget http://public.pengutronix.de/software/ptxdist/ptxdist-2019.08.0.tar.bz2
tar -xjf ptxdist-2019.08.0.tar.bz2
cd ptxdist-2019.08.0
./configure --prefix /home/tomas/ptxdist/install
make
make install
cd /home/tomas/ptxdist/install/bin/
./ptxdist setup

Create your own toolchain

sudo apt install python3-dev
cd /home/tomas/ptxdist
wget https://public.pengutronix.de/oselas/toolchain/OSELAS.Toolchain-2018.12.0.tar.bz2
tar -xjf OSELAS.Toolchain-2018.12.0.tar.bz2
cd OSELAS.Toolchain-2018.12.0/
/home/tomas/ptxdist/install/bin/ptxdist-2019.08.0 select ptxconfigs/i686-atom-linux-gnu_gcc-8.2.1_glibc-2.28_binutils-2.31.1_kernel-4.19-sanitized.ptxconfig
/home/tomas/ptxdist/install/bin/ptxdist-2019.08.0 migrate
/home/tomas/ptxdist/install/bin/ptxdist-2019.08.0 go

change in selected_ptxconfig from PTXCONF_PREFIX=“/opt“ to PTXCONF_PREFIX=“/home/tomas/ptxdist/toolchain“

How To Setup and Orange PI One

This is a small introduction to setup orange pi one

Format and prepare SD Card

Prepare 32GB SD Card, thus Orange Pi One can boot from up to 32GB SD Card. I am using SDCard Formatter,

Install Linux image on SD Card

Download image, e.g Debian Buster based version from https://www.armbian.com/orange-pi-one/.

Use e.g. Etcher to flash linux image to SD Card:

First time boot

Insert an SD Card into Orange Pi One and connect power supply

Connect to MySQL with python

The mysql libraries are not per see installed with python, thus:

sudo apt-get install python-mysql

Script:


#!/usr/bin/python
import MySQLdb

db = MySQLdb.connect(host="localhost", # your host, usually localhost
    user="tomas", # your username
    passwd="tomas1234", # your password
    db="test") # name of the data base

# Create a cursor object that executes all required queries
cur = db.cursor()

# create sample table
cur.execute("CREATE TABLE IF NOT EXISTS tomastest(id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, data VARCHAR(100))")

# create sample data
cur.execute("INSERT INTO tomastest(data) VALUES('Test data'); commit;")

# execute select sql
cur.execute("SELECT * FROM tomastest")

# Get the number of rows in the resultset
numrows = cur.rowcount
print "Rows count: ",numrows
for row in cur.fetchall():
    print row[0], row[1]
db.close()

If not providede, thus create test mysql db (sMySQL Docs)

mysql> CREATE DATABASE test;
mysql> use test

If not already exist create user (MySQL Docs)

mysql> CREATE USER 'tomas'@'localhost' IDENTIFIED BY 'tomas1234';
mysql> GRANT ALL ON test.* TO 'tomas'@'localhost';

Convert PFX certificate to crt and key for apache httpd

How to convert PFX certificate to .crt and .key to use with apache httpd

Certificate in PFX format are commonly exported from MS Active Directory Using OpenSSL Command in Linux System:

openssl pkcs12 -in server.pfx -out server.key -nodes -nocerts

server.key

-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIl4COeWKpJooCAggA
MBQGCCqGSIb3DQMHBAhzLEVbvIcuIASCBMhLiTd6/n6feWfBNRPDpeQl4oecUt6Q
nQrGbtcbDlPaMcCjSrquZO3MCfwstPhv3kyk6ntc8A6MJZCALvAdf6g0xetNb4L0
ThoJ5IfsVM4K7SRy/Q4JxR6OWhdTVNSinc4aPncjJClImPmFc+QOrHuFY19Z9kTW
nVsWOg3CG4tx2HfNVLrH3ZQJ7bM0Imohw464wGLf2k+l5/+XEnqqHfJLazx67GbP
KGdq7YnZLWXv8j6E4ZLrxpEx+KyGgSqB8vcVMttpjM07iVTKD7ig0FwRaN2TlPeT
FiK7n0y/UCIpH4KRFtJIgJfWuGkKUJFQVs+eiD8xZRM6sl6KvkebG4O4vEtJS2PF
cXNfVxtbmhroOjRrP9Wjd0K9tZQ+zBGnhoF2fo5T8LCyeTRPeECFCiRoGmW2QF3y
8QHz017qw4CwfSPMQRf6Y6gTlvg9tFmuIHgA9YGSGXYgqNXYtkw7dxR40LsbKYTb
y81j5EjT0Whn6dQYhYx4dSWGcx/m7Ybzlka9ftkrV+E9KvBh1eg8vjrU/VSAAFHo
BmDCK3dxQNt5gDqlbjX5d/cmd9eu1oYGqZKkhC1fN0TRK7XmnPEZ8bHc+YCDzeHb
yAEgETngSm2AOTFRd7TMpzHOaMJUMnFqX4QYeQfuerPkF3lvIf/OOi9UKdcYkY3Y
97zFqZny2rFVmaCiFk/a8X+Ecwn4xm9RZHeibo1dCTrZ54BIzO7bBaae7HOjxwwH
ZqWCfLeFboZ2GoQ3zAhIOF3h8jL+UVHJRDKlJJix9i0uyOm0JmIzFyx7k1b1lr66
zxfQbl2H5up3GU2dzRRdNOfFefOmDqwSyJ6ZThzpSyhvqmDWlRdRoRQ105G+8OrP
dj+Y/Kxm1znucHUHuaKrIOiwrHtXIX3Lfmp66/Azmw2TBBV/4sv5+lKwewXbPuSq
34lAXHYIw1/v85/KlAE3fr0O/u0ROofzpUKlhdCJ4c/1VrWvfdCmbbxjsXTIzLrY
cvzT7FPo8avVE6jfgVKt9Y4Q8pmS2ZjvHmmB7HwwOpR/jDJwuvTRAly5s1rdrkW9
0sU3jrujY0zyV/oPyuBdJBmixFOrZx8jaYyoC6wgRzlfXBxi0wCIvOLRZE305co6
qFN1zRYjL8Hv1rj3kI+oRtGgg/al8/WItBG28l+N4Q3qucG3+fXZ7sTULHV5TIVp
Ud6PjkstveK+3oosBxwkDqXtC4gdRSzjtnUHEWwE+Df2pqQGDEK0kLxisgorGaDz
0P4eYHce8y14UZty0y2KioyUW7nlunwsPAvResyNjqjgxJ7USaurRCspkIDDXrim
C0c3Xj7J6F8wNakHCzX9cJamV9I0rYGDEEwM29MtS3W8UU03YeeAdGxbmZRXyOH8
xYZdHxCdh3QKxf3+U19LRdUEUdTWpa96yp4lcTZyvEK6AODjzY8Qg9PhZqAH1L1T
6HePzR70udLzEXiUci4H0oLqMtHJOhLfhsFZFiO0Std+nKUSJu5KdsXzxIhRAYCu
3oxhAGc8QaYruZ0qx2VZ3ujIcD+CzezqzXzjeKWrjP6dKEKx3uEP8qIRPnrkDX9d
GpjKRI3ATOt8ojzgdreGv3Hg9qSAHXVl23ocTCl18HPRLzaF9TZrVhiuferQHO5k
M3U=
-----END ENCRYPTED PRIVATE KEY-----

openssl pkcs12 -in server.pfx -out server.crt -clcerts
server.crt

-----BEGIN CERTIFICATE-----
MIIDXTCCAkWgAwIBAgIJAOu8IGet1qEEMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQwHhcNMTcwNzA2MTE1MTAxWhcNMTgwNzA2MTE1MTAxWjBF
MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtM/17uVeeUsFzt0QL8OhoIbma5l6gpqRGZOPcbAMBmdVFcOgouwe8DLF
Jt+2yZMnHbjdEMArgcDFOZW+jJKJiI7vV/fvMB5Ey50A57P4IADrwZN4nAHVqDD6
1v1ZwI9hintyUs+Mke1fDl++Q9D4eFfv36VEx6IV+xWdEREbJZPqxzQCNUDQhSwg
Tsr/mWUKvwomY0Dt8l6BWPKIzlx0hOZFsz7mAc1FlRRodt0GaUtVJskPjjJ3WDsW
zmk/RGViGKSpFyz8Dk9Sc7+lElCas39Yx8869DIRSdcgw0DU0kORZsIH4OJUUBn/
A8/CEkDOi1/2tYjnnzg7YUqjrDrDXQIDAQABo1AwTjAdBgNVHQ4EFgQUcR0veqM0
EAIVawdoqhln/mvEYFQwHwYDVR0jBBgwFoAUcR0veqM0EAIVawdoqhln/mvEYFQw
DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEArPZNXaa7EG1tm4P65Mis
2u/Bf5qa8ylgJVKUfEvz6SQRKq+5NV7FE/CyVRGinkmNKy37G3IUV7J+UkaPx+Rz
7CwGQC3yIWOA/ASClTs4P/56sLZ5RxtzAdJ/bZZUKx4HhfkkWYFUEM1PCl8ZXJQq
uWliKzF6Id/HdsgJtH7vBFyp0yuKoKrB2msRdPWK99D7ir6T2PZ457OqpQtJhGYW
R9AvftZUG0QfsSSAOa942ItnPW7kgoU/pgV88zkvUYnAhEQ98NFSgTSQa83eaBXz
id8lrrea7Yi5TXkArgh9kMQbuTWBbyJCAKKeBNV6nt7ZVLcTn22Xjkat+33BgaFh
4g==
-----END CERTIFICATE-----

Zertifikats Inhalts auslesen

Wie lese ich den Inhalt des Zertifikates (*.pem oder *.crt) aus?

Der Inhalt des Zertifikates kann mit OpenSSL ausgelesen werden:

openssl x509 -in ZERTIFIKAT.CRT -text -noout

openssl x509 -in ZERTIFIKAT.PEM -text -noout

Beispiele

openssl x509 -in /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem -text -noout

openssl x509 -in/etc/pki/tls/certs/localhost.crt -text -noout

Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18473 (0x4829)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=--, ST=SomeState, L=SomeCity, O=SomeOrganization, OU=SomeOrganizationalUnit, CN=centos1.localdomain/emailAddress=root@centos1.localdomain
Validity
Not Before: Oct 6 14:49:10 2016 GMT
Not After : Oct 6 14:49:10 2017 GMT
Subject: C=--, ST=SomeState, L=SomeCity, O=SomeOrganization, OU=SomeOrganizationalUnit, CN=centos1.localdomain/emailAddress=root@centos1.localdomain
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c1:0d:b0:20:81:73:a4:3f:d2:09:33:bd:5f:3d:
42:d8:4f:0e:11:86:ad:6d:84:93:55:5c:9c:b6:00:
4e:a0:35:a9:72:68:0e:f7:3d:9f:7d:b7:73:a3:30:
a5:d1:ea:c8:c3:6c:96:46:f2:9e:8c:d2:2c:5f:44:
4d:2b:07:35:f7:92:4e:48:80:a3:5f:d4:5f:16:82:
83:a5:f2:09:9e:74:b8:95:8f:55:13:1e:3d:a1:07:
c7:11:24:f3:e7:75:3e:e5:da:4e:85:dd:b6:b9:b5:
e3:32:8d:ec:23:08:bf:22:7c:c0:55:27:07:36:f2:
b3:18:5a:6b:62:0d:9a:a4:d0:4a:e0:3a:ea:b6:31:
d2:06:52:46:8a:6e:16:aa:cb:fe:bc:8a:f8:c8:94:
0f:ca:e1:78:a6:f9:b3:b6:69:07:0d:18:97:b1:60:
6e:24:4b:df:bf:ba:67:42:3e:2d:81:cf:f7:55:ed:
47:15:a0:00:b9:26:36:56:d3:29:d6:9e:bf:99:6d:
0f:a9:63:b8:4a:9f:f4:e0:f8:98:e5:ab:2e:81:9c:
f3:eb:a3:0a:27:dd:4f:70:e9:3b:e2:c1:1f:07:fe:
cb:1c:ee:5b:74:e9:31:b8:e8:5e:80:30:28:e6:e1:
7a:16:ac:25:d0:39:50:08:ff:db:71:5d:46:87:49:
47:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Signature Algorithm: sha256WithRSAEncryption
37:e0:e1:92:2a:cc:51:8a:4c:d4:31:91:20:f4:f3:72:b2:bb:
34:82:5c:e0:b1:29:33:b5:6d:c5:3b:42:50:8b:49:2b:cc:8c:
72:57:c3:ff:92:00:f4:cb:7e:00:34:86:88:ed:38:ea:10:57:
8d:43:fc:9d:ae:5c:9d:87:4f:73:c0:8d:79:e4:a3:44:de:b1:
27:6c:93:f3:c9:d1:b3:4c:df:6c:5f:0b:1e:19:e9:51:69:68:
af:fb:47:45:85:03:64:04:a9:47:24:3a:8d:8b:b5:4f:0c:25:
44:e2:10:a8:58:6a:f9:8d:5d:3f:2f:9f:41:75:f5:04:47:a4:
e1:90:53:a1:dc:a1:fa:20:5b:d5:41:79:cb:f5:47:66:1b:02:
dd:94:bb:52:69:00:2c:3a:d5:44:0a:a4:15:23:36:fb:5c:aa:
fa:28:af:89:17:fb:f4:c6:d7:8b:1b:14:d2:7d:6b:01:d2:33:
eb:43:62:c0:bd:88:b9:31:86:ed:e7:28:11:b4:b2:9e:b3:1e:
c6:3e:bd:54:8b:f9:53:ed:0d:c3:ea:1d:c2:54:53:b5:d5:83:
30:58:6e:37:87:9f:d8:cf:44:3f:29:90:0c:84:b7:9f:cb:4f:
11:f5:d0:a3:6e:ea:22:87:eb:9b:63:b9:9c:46:99:32:6d:a7:
42:3c:e8:a0

MySQL auf Ubuntu installieren

Die MySQL Datenbank kann mit sudo apt-get install mysql-server installiert werden.

Während der Installation muss ein root Kennwort gesetzt werden. mysql root password

Der test login erfolgt mittels mysql -u root -p

Die Datenbank Konfiguration kann über command promt erfolgen oder via eine GUI. Eine passende quelloffene GUI ist MySQL Workbench MySQL Workbench. Die Instalaltion erfolgt mit sudo apt-get install mysql-workbench.

 

Ansible – Wie erfahre ich die Linux Distribution

Wie erfahre ich die Linux Distribution in Ansible?

  • Wie erfahre ich, welche Linux Distribution das Zielsystem hat?
  • Wie begrenze ich die Ausführung vom ansible tasks auf einige Linux Distributionen?

Ansible speichert automatisch die Beschreibung der linux Distribution in den folgenden Variablen:
ansible_distribution, ansible_distribution_release und ansible_distribution_version. (Mehr dazu in Ansible Best Practise)

Um die Distribution Information zu erhalten:  ansible all -m setup -a "filter=ansible_distribution*"

Mit dem Ergebnis:

"ansible_distribution": "CentOS",
"ansible_distribution_release": "Final",
"ansible_distribution_version": "6.4"

und um die tasks nur bei einigen Distributionen in ansible playbook durchzuführen
when: ansible_distribution == 'CentOS'

Konfiguriere Network / Netz im CentOS6.8 minimal

Nach der Installation von CentOS 6.8 minimal ist per default das Netz / Network ausgeschaltet.

Zu erst soll das Netz automatisch beim boot aktiviert sein und die IP Adresse soll von DHCP kommen.

$ vi /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0
HWADDR=08:00:27:C4:9D:C8
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=dhcp

$ service network restart
$ service network status

Konfigurierte Geräte:
lo eth0
Derzeit aktive Geräte:
lo eth0