Basically one may extract the syslog message using jq in this way :

$ journalctl -u ssh -o json-pretty -b | jq '.MESSAGE'

And we may list “failed password authentication” of valid users in this way :

$ journalctl -u ssh -o json -b \
    | jq '.MESSAGE | capture("^Failed password for (?<invalid>invalid user )?(?<user>\\w+)") | [.user, .invalid] | @sh' \
    | sed -e 's/"\(.*\)"/\1/' -e "s/'//g" \
    | sort -u -k1,1
    | grep -v 'invalid user *$'

EOF

TL;DR: This will query the Github API (v3) endpoint using Curl, and select the SSH/Git URL as well as the fork owner username using jq, that one may process through Sed and a Bash while-read loop for adding Git remotes :

$ curl -s -u fabic -H "Accept: application/vnd.github.v3+json" \
    https://api.github.com/repos/ulli-kroll/mt7610u/forks |
      jq '.[] | [.ssh_url, .owner.login] | @sh' |
        sed -e 's/"\(.*\)"/\1/' -e "s/'//g" |
          while read url login ;
          do
            echo "~~> Adding remote '$login' for $url :";
            git remote add "$login" "$url" || (echo "ERROR!") ;
          done

We resort to Sed for removing the wrapping double-quotes; as well as single-quotes.

The most simple query using Curl and basic auth/n :

$ curl -s -u fabic -H "Accept: application/vnd.github.v3+json" \
    https://api.github.com/repos/ulli-kroll/mt7610u/forks

See developer.github.com/v3/ about the available authentication mecanisms.

Piping the output through jq, selecting data :

$ curl -s -u fabic -H "Accept: application/vnd.github.v3+json" \
    https://api.github.com/repos/ulli-kroll/mt7610u/forks |
      jq '.[] | {name: .full_name, url: .html_url, git: .ssh_url, homepage: .homepage, has_issues: .has_issues, has_wiki: .has_wiki}'

Getting just the list of Git/SSH URLs :

$ curl -s -u fabic -H "Accept: application/vnd.github.v3+json" \
    https://api.github.com/repos/ulli-kroll/mt7610u/forks |
      jq '.[] | .ssh_url'

Along with owner login, wrapped into an array :

curl -s -u fabic -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/repos/ulli-kroll/mt7610u/forks |
    jq '.[] | [.ssh_url, .owner.login]'

Filtered with |@sh provides an output that is very close to a table :

curl -s -u fabic -H "Accept: application/vnd.github.v3+json" \
  https://api.github.com/repos/ulli-kroll/mt7610u/forks |
    jq '.[] | [.ssh_url, .owner.login]'

NOTE: There’s also Bash script ok.sh, but it seems not to provide a command for listing forks.

EOF

Courtesy: Answer by Victor Klos, circa 2015

function geekiest_method_queries_stun_server() {
  curl -s http://olegh.ftp.sh/public-stun.txt |
    grep -v '^#' | column -t -s: | shuf -n1 |
    ( read server port &&
      echo "Querying STUN server '$server' on port $port" &&
      echo -en '\x00\x01\x00\x08\xc0\x0c\xee\x42\x7c\x20\x25\xa3\x3f\x0f\xa1\x7f\xfd\x7f\x00\x00\x00\x03\x00\x04\x00\x00\x00\x00' |
      nc -u -w 2 "$server" "$port" |
      dd bs=1 count=4 skip=28 2>/dev/null |
      hexdump -e '1/1 "%u."' |
      sed 's/\.$/\n/' )
}

~$ geekiest_method_queries_stun_server

Wrapped up in that script of yours.

EOF

Dude, u do this for monitoring traffic as you fiddle with Linux’ Netfilter/iptables :

~# watch -d -n1 'echo "--- MANGLE ---\n" ; iptables -t mangle -nvL ; echo "\n--- FILTER ---\n"; iptables -t filter -nvL ; echo "\n--- NAT ---\n"; iptables -t nat -nvL'

Link: How Browsers Work: Behind the scenes of modern web browsers (2011 @ html5rocks.com, by Tali Garsiel & Paul Irish)

https://insights.stackoverflow.com/survey/2018/

Query current XKB keyboard states with :

$ setxkbmap -query

One-liner using setxkbmap :

$ setxkbmap -model tm2030USB \
            -layout us       \
            -variant ,altgr-intl,alt-intl        \
            -option "" -option grp:shifts_toggle \
            -verbose \
  && echo
  && setxkbmap -query

Note: the trailing , on the -variant ,alt-intl ... argument, means "" empty string => use the default variant for the specified layout.

‘tis better to use localectl nowadays, for it will update a conf. file located at /etc/X11/xorg.conf.d/00-keyboard.conf :

$ localectl set-x11-keymap us tm2030USB ,altgr-intl,alt-intl grp:shifts_toggle

List supported keyboard models, layouts, layout variants and options :

$ localectl list-x11-keymap-models
$ localectl list-x11-keymap-layouts
$ localectl list-x11-keymap-variants us
$ localectl list-x11-keymap-options

References :

• https://wiki.archlinux.org/index.php/Keyboard_configuration_in_Xorg
• https://wiki.archlinux.org/index.php/X_KeyBoard_extension

EOF

This will list the hard-coded compiler include paths :

clang++ -Wp,-v -x c++ - -fsyntax-only < /dev/null

Or :

clang++ -E -x c++ - -v < /dev/null

Using Sed to select those include path (SO):

$ clang++ -Wp,-v -x c++ - -fsyntax-only < /dev/null 2>&1 |
    sed -e '/^#include <...>/,/^End of search/{ //!b };d'

Where //!b :

@Brendan the instruction //!b reads if the current line is neither one of the lines that match the range, break and therefore print those lines otherwise all other lines are deleted. – potong Feb 17 ‘17 at 1:14

EOF

Yet another onliner for cleaning up untracked files from a checked-out Git tree.

$ git status -uall --porcelain \
    | grep -E '^\?\? +'        \
    | awk '{ print $2 }'       \
    | xargs -rt -d\\n rm -v

Or move to the trash instead with gio trash ... :

$ git status -uall --porcelain \
    | grep -E '^\?\? +'        \
    | awk '{ print $2 }'       \
    | xargs -rt -d\\n gio trash

EOF

It is possible to use Bash expressions as arguments to git submodule foreach ... Hence given a project with loads of dependencies checked-out as submodules, updating only a subset of these that reside in, say vendor/extra/, may be achieved with :

cd vendor/extra/ &&
  git submodule foreach \
    '[[ $path =~ ^../ ]] || (time git remote update)'

Enter each submodule that live under the current directory, and checkout branch release_60 that each have (it’s LLVM/Clang btw.) ; upon error we’re dropped into a Bash shell for fixing things :

git submodule foreach       \
  '[[ $path =~ ^../ ]] ||   \
                            \
      (git checkout -b release_60 origin/release_60 || bash)'

Use Bash substitution ${var+x} for testing whether or not a variable (incl. environment one) is set or not (via).

[ -z ${EDITOR+x} ] && echo "\$EDITOR IS NOT SET" || echo "SET: $EDITOR" ]

Example :

[ -z ${CC+x}  ] && type -p clang >/dev/null
  && CC=clang
  && echo "| \$CC was set to $CC"

Likewise for CXX :

[ -z ${CXX+x} ] && type -p clang++ >/dev/null
  && CXX=clang++
  && echo "| \$CXX was set to $CXX"

EOF

This one command will attempt connection on port 11371 at pgp.mit.edu :

gpg --keyserver hkp://pgp.mit.edu \
    --recv-keys A4A9406876FCBD3C456770C88C718D3B5072E1F5

Protocol scheme hkp:// is for port 11371 :

grep hkp /etc/services

Tought it might be my firewall, but looking at the output of sudo watch -d -n1 iptables -nvL showed no packets being dropped at all. Didn’t go look at my home router, might be that it filters out traffic (?).

Anyway, found out that one may request keys through port 80 :

gpg --keyserver hkp://pgp.mit.edu:80 \
    --recv-keys A4A9406876FCBD3C456770C88C718D3B5072E1F5

Story: Trying to build mysql-connector-cpp on ArchLinux (AUR) and makepkg -si fails with:

==> Verifying source file signatures with gpg...
    mysql-connector-c++-1.1.9.tar.gz ... FAILED (unknown public key 8C718D3B5072E1F5)
    ==> ERROR: One or more PGP signatures could not be verified!

Build SOCI (github.com/SOCI/soci).

$ git clone git@github.com:SOCI/soci.git vendor/soci &&
    cd vendor/soci/src/ &&
      ( [ -d build ] && rm -r build ) &&
      mkcd build &&
      cmake -G Ninja \
        -DCMAKE_BUILD_TYPE=RelWithDebInfo \
        -DSOCI_STATIC=ON \
        -DWITH_BOOST=ON \
        -DWITH_MYSQL=ON \
          ../src/ &&
      ninja -j2 ;
      echo "RETV=$? " ;
      pwd

EDIT: -_- dropped it, caused some seg. fault that I couldn’t solve.

Using awk to sum the output of du (SO):

$ find /usr/include/ -type f \
    -iregex '.+\.\(c\|h\|hh\|cpp\|hpp\|cxx\|hxx\|h\.inc\|s\)$' \
      | xargs -r du -b \
      | awk '{s+=$1} END {print s}'

One-liner, using Bash’s $(( ... )) to compute the size in kilo-bytes:

$ echo "Size of your system header files: $(( $(find /usr/include/ -type f -iregex '.+\.\(c\|h\|hh\|cpp\|hpp\|cxx\|hxx\|h\.inc\|s\)$' | xar
gs -r du -b | awk '{s+=$1} END {print s}') / 1024 )) kBytes."

Size of your system header files: 270115 kBytes.

Bash provides the shell builtin ulimit, and specifically ulimit -v <kBytes> which sets the maximum amount of virtual memory (i.e. heap) that it can allocate, and it so happens that sub-processes will inherit this value as well.

$ ulimit -v $((512*1024))

Quick test :

cat <<EOF | clang++ -x c++ - && ( echo HEY; ulimit -v $((512*1024)) ; ./a.out )
#include <iostream>
using namespace std;

int main() {
  cerr << "HEY";
  unsigned long amount = 0;
  const unsigned increment = 1024*1024;
  while(true) {
    char *buf = new char[ increment ];
    amount += increment;
    cerr << "\n" << amount << "        ";
    cerr << flush;
  }
  return -1;
}
EOF

• TODO: Find out how to do this by resorting to cgroups in an easy manner.
• Note that sub-processes will inherit this same max. virtual memory limit, so we cannot restrict the maximum amount of memory of a whole process tree in this way.
• Story: while doing some Jekyll dev. I ran into {{ site | jsonify }} freeze my whole system by consuming memory infinitely, certainly due to the fact that jsonify does not handle cycles. And I did it again when writing this line -_-.

Query S.M.A.R.T. information from all hard-disks :

# for dev in /dev/sd? ; do
    echo -e "\n\n### DEV: $dev ###\n\n" ;
    smartctl -a $dev || break ;
    read -p "-- ^ $dev -- Continue ? --" ;
  done

• Use smartctl -t short /dev/sdX to initiate a short self-test (long for extented self-tests).

smartd may be configured (/etc/smartd.conf) to schedule automatic run of self-tests, albeit resorting to some arcane configuration, here (S/../.././12|L/../../6/19), where (I guess) ‘S’ stands for Short, and ‘L’ for Long :

# /etc/smartd.conf

# Short self-test everyday between 12:00 - 13:00 ;
# and extended self-test on Saturdays btw. 19:00 20:00 :
DEVICESCAN -a -o on -S on -n standby,q \
  -W 4,35,40                           \
  -s (S/../.././12|L/../../6/19)       \
  -m cadet.fabien+sys@gmail.com

• Arch wiki: SMART
• Note that :
  • The first DEVICESCAN ... encountered will stop smartd from reading the rest of its configuration file.
  • Configuration can be specified per disk, ex. /dev/sda -a -W 2,35,40.

  • And that disks may be specified by their UUID instead of their block device path /dev/sdX so that configuration is not affected by e.g. some internal re-wiring of the drives on the motherboard/controller(s), see ls -l /dev/disk/by-uuid/ :

       /dev/disk/by-uuid/09022016-0924-1909-2411-2709cade0da3 -a -o on -S on
    

ZFS installed from the AUR causes Pacman to fail during dependency resolution (due to the fact that the AUR packages are tied to a specific (strict) Linux kernel version). Bypass the problem by just ignoring the upgrade of the Linux kernel :

# pacman -Syu \
    --ignore spl-linux,spl-linux-headers,zfs-linux,zfs-linux-headers,linux,linux-headers,linux-firmware

• TODO: Find out the correct way to upgrade the whole system, including ZFS stuff, for ex. DKMS
• And generally, find out how to “correctly” manage your bunch of installed AUR packages.
• ZFS @ ArchLinux

“Instead of the programs I had hoped for, there came only a shuddering blackness and ineffable loneliness; and I saw at last a fearful truth which no one had ever dared to breathe before — the unwhisperable secret of secrets — The fact that this language of stone and stridor is not a sentient perpetuation of Rust as London is of Old London and Paris of Old Paris, but that it is in fact quite unsafe, its sprawling body imperfectly embalmed and infested with queer animate things which have nothing to do with it as it was in compilation. ”
The Rustonomicon ( doc.rust-lang.org/nomicon/ )

lol

~#  mkfs.ext4 -L archlinux -m 1 -U time -v /dev/sda3

• Note that default filesystem features (-O ...) are read from /etc/mke2fs.conf.
• -L ... : filesystem label.
• -m 1 : 1% reserved blocks pct.
• -U time : generate UUID from date-time.

Fast blank the media (optional, possibly superfluous) :

$ time \
    wodim -v speed=1 -sao dev=/dev/sr0 blank=fast

Burn the ISO image file to disk :

$ time \
    wodim -v speed=1 -sao dev=/dev/sr0 \
      archlinux-2017.12.01-x86_64.iso

Verify data by computing a SHA-1 fingerprint. Arg. count=$(( ... )) evaluates the amount of 2048-bytes blocks that the source ISO file have. This is recommanded (as per Arch wiki) because the optical drive may (or may not) read some additional garbage.

$ time \
    dd if=/dev/sr0 \
    bs=2048        \
    count=$(( $(du -b archlinux-2017.12.01-x86_64.iso | awk '{print $1}') / 2048 )) \
      | sha1sum -b

• -V (capital ‘V’) will display very verbose SCSI layer debugging details.
• -scanbus or --devices is supposed to find out usable devices, but didn’t work -_- *
• ArchLinux: Optical_disc_drive

Yet another ultimate Rsync command line :

time \
  nice \
    rsync -aHAX -yy -z --inplace -vihP --stats        \
        /some/source/dir1 /some/other/source/dir2 ... \
        /target/dir       \
      --delete-delay -n ; \
          echo "RSYNC DONE, RETV=$? `date`"

But usually rsync -aviHAXP will do the job.

Best option for obtaining I/O statistics is iotop :

$ sudo iotop -oP -d3

But Linux dist. does not have it (?), resort to iostats – This will output some I/O statistics (at most one terminal screen) :

$ iostat -cdkx 2 $(($LINES/6))

Output through watch yields slightly strange results :

$ S_COLORS=always watch -c -n1 iostat -cdkx 1 8

In a loop :

$ while true; do iostat -cdkx 2 $(($LINES/6)); clear; done

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
          30.80    0.32    5.97    0.22    0.00   62.70

Device            r/s     w/s     rkB/s     wkB/s   rrqm/s   wrqm/s  %rrqm  %wrqm r_await w_await aqu-sz rareq-sz wareq-sz  svctm  %util
sda              2.59    1.80    137.88    114.07     0.40     3.09  13.32  63.21    0.82   12.31   0.02    53.30    63.37   0.52   0.23
sdb              0.00    0.08      0.00     33.35     0.00     0.16   4.77  67.12   65.94  370.49   0.03     5.77   428.41   4.80   0.04

TODO: Write down some notes about these numbers (e.g. average queue length).

Generate an image with my email address, from the command line :

$ convert -background 'rgba(0,0,0,0)' -fill black \
    -font Source-Code-Pro-for-Powerline -pointsize 12 \
    label:"noreply@examble.com" \
    cadet.fabien_at_gmail.black.png

Likewise for my mobile phone number :

$ convert -background 'rgba(0,0,0,0)' -fill black \
    -font Source-Code-Pro-for-Powerline -pointsize 12 \
    label:"+33 (0) 123 11 22 33" \
    cadet_fabien_mobile_phone_number.black.png

List available fonts :

$ convert -list font | grep Font:

There seems to exist a possibly “better” alternative to ImageMagick, probably a fork of it : GraphicsMagick. But it behaves slightly differently.

$ sudo apt-get install graphicsmagick

$ gm convert -background 'rgba(0,0,0,0)' -fill white \
    -font Source-Code-Pro-for-Powerline -pointsize 12 \
    label:"+33 (0) 123 11 22 33" \
    cadet_fabien_mobile_phone_number.white.png

A data race is a particular type of race condition in which these three behaviors occur [Rust]:

• Two or more pointers access the same data at the same time.
• At least one of the pointers is being used to write to the data.
• There’s no mechanism being used to synchronize access to the data.

Scalability is the ability of an application to serve the increasing number of requests with no compromise in performance.

“Tzu-li and Tzu-ssu were boasting about the size of their latest programs. ‘Two-hundred thousand lines,’ said Tzu-li, ‘not counting comments!’ Tzu-ssu responded, ‘Pssh, mine is almost a million lines already.’ Master Yuan-Ma said, ‘My best program has five hundred lines.’ Hearing this, Tzu-li and Tzu-ssu were enlightened.”
Master Yuan-Ma, The Book of Programming

“There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies.”
C.A.R. Hoare, 1980 ACM Turing Award Lecture

“Just as we cannot think of spatial objects at all apart from space, or temporal objects apart from time, so we cannot think of any object apart from the possibility of its connection with other things.”
Ludwig Wittgenstein

My dad passed away this morning, 11.40 AM; it was a sunny day; we knew this might happen, but didn’t expect this so soon; have a nice trip over there, see you soon.

« 90% des gens sont prêts à croire n’importe quoi, si on leur donne un pourcentage… »
inconnu

Livre: L’espace d’un an – Becky Chambers

Un bouquin de SF bien sympa., ambiance légère et beaucoup d'humour – bon ok, on voyage pas mal cloîtré sur le vaisseau, en compagnie des personnages et dans l’attente affairée de la prochaine escale – ça se lit bien, sans stress, et laisse de bons souvenirs !–

• Amazon
• Éditeur: L’Atalante

Found solution at http://osxdaily.com/2015/11/22/burn-disc-images-os-x-finder/ : just right-click the image file (.iso or .dmg) and “Burn disk image …”, or from a shell :

hdiutil burn ~/Path/To/DiskImageFile.iso

« Beaucoup d’entre nous mourront ainsi sans jamais être nés à leur humanité, ayant confiné leurs systèmes associatifs à l’innovation marchande, en couvrant de mots la nudité simpliste de leur inconscient dominateur. »
Henri Laborit

“Je voudrais voir le monde dans un grain de sable,
Et le paradis dans une fleur sauvage.
Tenir l’infini dans la paume de ma main,
Et voir l’éternité durer une heure.”
William Blake

Cité dans le film “Lara Croft - Tomb Raider”.

“There is nothing more constant than change.”
Heraclitus

« La mer est un miroir, tu contemples ton âme dans le déroulement infini de sa lame. »
Beaudelaire

« Connais-toi toi même, et tu connaîtras tous les mystères des dieux et de l’univers. »

Serait inscrit sur la facade du temple d’Apollo Gnothi seauton; cité dans “Terminator - The Sarah Connor Chronicles (TV) Saison 1 épisode 2.”

“And now,
Where must we go…
We who wander this wasteland
In search of better selves ?”
The First History Man (Mad Max Fury Road).

Et à présent…
Où devons-nous aller pour être plus justes ?

Cité à la fin de Mad Max Fury Road – cf Quora pour une interprétation plausible.

« Les souvenirs sont plus fidèles que les amis et les amants : ils reviennent nous voir lorsque notre âme grelotte toute seule. »
Ferenc Mora

« […] Programming is a write-once read-many activity […] »
(source)

“It takes a long time to make something complicated simple, but if you do, it will work without problems for a long time.”
F. Andy Seidl

« Les hommes inventèrent l’aurevoir, parce qu’ils se savent en quelque manière immortels, tout en s’estimant contingents et éphémères. »
Borges

“All I know is that I know nothing.”
Socrates

(Whereas Jon Snow knows nothing, but doesn’t know it -_-).

“An expert is a person who has made all the mistakes that can be made in a very narrow field.”
Niels Bohr

“One thing life has taught me: if you are interested, you never have to look for new interests. They come to you. When you are genuinely interested in one thing, it will always lead to something else.”
Eleanor Roosevelt

« La normalité n’est que le consensus social de la majorité exerçant une pression aliénante sur les éléments qu’elle n’englobe pas. »
Jay Abeganski