Oct 24, 2014
TechnologyUse Popen for running ls
We could use following python scripts for running the bash command ls -l:
>>> from subprocess import *
>>> from subprocess import call
>>> from subprocess import Popen
>>> import subprocess
>>> ls_child = Popen(['ls', '-l'], stdout=subprocess.PIPE, stderr = subprocess.PIPE)
>>> ls_result = ls_child.communicate()
>>> print ls_result
.......
The command I want to call is:
sed -n 1~2p File_Name
This command will get the half of the file contents.
Popen Wrapping
The commands for canling sed is:
>>> sed_child = Popen(['sed', '-n', '1~2p', '/home/Trusty/code/mybash/rtp02_2014_10_23_03_23_36.txt'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
>>> sed_content = sed_child.communicate()
Judge the parameters:
>>> command_line=raw_input()
sed -n 1~2p /home/Trusty/code/mybash/rtp02_2014_10_23_03_23_36.txt
>>> args=shlex.split(command_line)
>>> print args
Write the result into the file(half size as the origin input file), notice we remove the first 16 characters:
>>> f_half = open("./half_result.txt", "w+")
>>> for line in sed_content:
>>> f_half.write(line.replace(line[:16],''))
>>> f_half.close()
Then the file contains all of the content.
If we want to write into sorted result, then do following:
>>> lines=[]
>>> for line in sed_content:
>>> lines.append(line.replace(line[:16], ''))
>>> lines.sort()
>>> f_half = open("./half_result.txt", "w+")
>>> for line in lines:
>>> f_half.write(line)
>>> f_half.close()
Oct 23, 2014
Technologysshd replacement
Since busybox enabled the telnetd by default, we could just use telnet for accessing the board.
[root@www ~]# ps -ef | grep telnet
861 root 0:00 /usr/sbin/telnetd -l /bin/login
893 root 0:00 grep telnet
Oct 22, 2014
TechnologyPackage Preparation
For openssh requires the following packages, first we have to download them all from internet.
zlib, openssl, openssh.
$ wget http://zlib.net/zlib-1.2.8.tar.gz
$ wget https://www.openssl.org/source/openssl-0.9.8zc.tar.gz
$ wget http://mirror.internode.on.net/pub/OpenBSD/OpenSSH/portable/openssh-6.7p1.tar.gz
Building
Cross-compile zlib
We have to manually change the following line in Makefile :
LDSHARED=gcc -shared -Wl,-soname,libz.so.1,--version-script,zlib.map
to
LDSHARED=arm-linux-gcc -shared -Wl,-soname,libz.so.1,--version-script,zlib.map
Then:
$ ./configure --prefix=/media/nfs/rootfs/usr/
$ make CC=arm-linux-gcc AR=arm-linux-ar LD=arm-linux-ld
$ make install
Cross-compile openssh
Get the openssl’s configure help menus:
# ./Configure --help
Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [enable-montasm] [no-asm] [no-dso] [no-krb5] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]
Then configure the building via:
$ ./Configure --prefix=/media/nfs/rootfs/usr os/compiler:/opt/cross/arm-linux-gcc_4.3.2/bin/arm-linux-gcc
$ make && make install
Cross-compile openssh
Configure the openssh via following command, the lib’s directory should be adjust to previous installed directory:
$ /configure --host=arm-linux --with-libs --with-zlib=/media/nfs/rootfs/usr/ --with-ssl-dir=/media/nfs/rootfs/usr/ --disable-etc-default-login CC=/opt/cross/arm-linux-gcc_4.3.2/bin/arm-linux-gcc
Make but don’t install.
Install steps:
$ cp sshd /media/nfs/rootfs/usr/local/sbin/
$ cp scp sftp ssh ssh-add ssh-agent ssh-keygen ssh-keyscan /media/nfs/rootfs/usr/local/bin/
$ cp sftp-server ssh-keysign /media/nfs/rootfs/usr/local/libexec/
In 2440 board, run:
[root@TrustyArch busybox-1.22.1]# mkdir -p /usr/local/etc/
[root@TrustyArch busybox-1.22.1]# mkdir -p /var/run/
[root@TrustyArch busybox-1.22.1]# mkdir -p /var/empty/sshd
[root@TrustyArch busybox-1.22.1]# chmod 755 /var/empty
Generate the key files:
$ ssh-keygen -t rsa -f ssh_host_rsa_key -N ""
$ ssh-keygen -t rsa1 -f ssh_host_key -N ""
$ ssh-keygen -t dsa -f ssh_host_dsa_key -N ""
$ cp ssh_host_dsa_key ssh_host_dsa_key.pub ssh_host_key ssh_host_key.pub ssh_host_rsa_key ssh_host_rsa_key.pub /media/nfs/rootfs/usr/local/etc/
Add lines into /etc/passwd and /etc/group in embedded system rootfs:
$ cat /etc/passwd
sshd:*:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
$ cat /etc/group
sshd:*:74:
Change the sshd_config file:
$ cp sshd_config /media/nfs/rootfs/usr/local/etc/
$ vim /media/nfs/rootfs/usr/local/etc/sshd_config
HostKey /usr/local/etc/ssh_host_key
HostKey /usr/local/etc/ssh_host_rsa_key
HostKey /usr/local/etc/ssh_host_dsa_key
PermitRootLogin yes
PermitEmptyPasswords yes
UsePrivilegeSeparation no
Subsystem sftp /usr/local/libexec/sftp-server
Then start the sshd via:
/usr/local/sbin/sshd
Good, we get segment fault, later will investigate this issue.
Oct 21, 2014
TechnologyPackages
Raspberry PI runs ArchLinux, first install related packages.
$ sudo pacman -S openvpn
$ sudo pacman -S easy-rsa
$ sudo pacman -S dnsmasq
openvpn is the OpenVPN’s Kernel.
easy-rsa is used for manage the keys.
dnsmasq will acts like the domain name server.
Configuration
First Make the directory and copy the easy-rsa’s files:
# mkdir /etc/openvpn/easy-rsa
[root@alarmpi ~]# cp -r /usr/share/easy-rsa/* /etc/openvpn/easy-rsa
[root@alarmpi ~]# ls /etc/openvpn/easy-rsa/
build-ca build-key-pkcs12 inherit-inter sign-req
build-dh build-key-server list-crl vars
build-inter build-req openssl-1.0.0.cnf whichopensslcnf
build-key build-req-pass pkitool
build-key-pass clean-all revoke-full
Now go and run easy-rsa:
[root@alarmpi ~]# cd /etc/openvpn/easy-rsa/
[root@alarmpi easy-rsa]# source vars
NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/keys
[root@alarmpi easy-rsa]# ./clean-all
[root@alarmpi easy-rsa]# ./build-ca
Generate the keys and certifications
My name is Trusty_delta.
[root@alarmpi easy-rsa]# sh build-key-server Trusty_delta
[root@alarmpi easy-rsa]# ls keys/Trusty_*
keys/Trusty_delta.crt keys/Trusty_delta.csr keys/Trusty_delta.key
Diffie-Hellman Parameters
This may takes extremely long time, especially on RaspberryPI, OMG…….
[root@alarmpi easy-rsa]# sh build-dh
# cd keys
# cp ca.crt delta.crt delta.key dh2048.pem /etc/openvpn
# cd ..
Generate the private key
# source vars
NOTE:If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/keys
root@delta:/etc/openvpn/easy-rsa# ./build-key laptop
Generating a 1024 bit RSA private key
The private key called “laptop” then we could make a directory for holding private keys and copy them into that directory.
# mkdir ~/ovpn-client
# cp ca.crt laptop.crt laptop.key ~/ovpn-client
If you develier these 3 files to client, client could use them for connecting your VPN server.
OpenVPN Server
Copy the server.conf file into /etc/openvpn/:
# cd /usr/share/openvpn/examples/
# cp server.conf /etc/openvpn/Trusty_delta.conf
# vim Trusty_delta.conf
cert delta.crt
key delta.key
dh dh2048.pem
push "redirect-gateway def1"
push "dhcp-option DNS 172.8.0.1"
Make service start automatically:
# systemctl start openvpn@Trusty_delta.conf
# systemctl enable openvpn@Trusty_delta.conf
Then we could test the vpn in other linux servers, using modified client.conf file.
Check service
Use netstat for check the status of openvpn server:
netstat -anp| grep openvpn
Following is directly copy from the ubuntu related.
DNS Server
Edit the dnsmasq.conf:
listen-address = 127.0.0.1, 172.8.0.1
bind-interfaces
Then restart the dnsmasq.
Oct 21, 2014
TechnologyCapture Window
Sometimes we want to record the window operation, we could use gtk-recordMyDesktop for doing this.
Open the gtk-recordMyDesktop then select the window, start and it will automatically capture all of your input, and save it to ogg file.
Add Background Music
use Mencoder to add a mp3 file as the background of the captured video:
$ mencoder output.ogv -o video_final.ogv -ovc copy -oac copy -audiofile xxx.mp3
Using mencoder for convert the ogv to mp4 file:
$ ffmpeg -i output.ogv -vcodec libx264 -strict -2 output.mp4
7z for split
Install 7zip, and use following command for split the big file into several 10M-size small files:
$ 7z a -v10M output.7z output.mp4
