Recently, after an OS updated and rebooted, I was not able to login to the desktop environment. When that happened, I thought to myself, “I wish I could just do a quick EBS snapshot like I would on the cloud before running any OS updates.” On my Linux desktop, the root volume is an LVM volume, I knew that snapshot was possible, but never tried to create one before. A friend at work encouraged that I should make use of it, and it was not that hard to get started....

Sometimes we want to see the content of a Systemd unit file. One obvious way to do it is to just cat/vim the content of the unit file directly. For example, to display the content of systemd-tmpfiles-clean.timer, we can perform the following step: ➜ systemctl status systemd-tmpfiles-clean.timer | grep Loaded Loaded: loaded (/usr/lib/systemd/system/systemd-tmpfiles-clean.timer; static) ➜ cat /usr/lib/systemd/system/systemd-tmpfiles-clean.timer; # SPDX-License-Identifier: LGPL-2.1-or-later # # This file is part of systemd. # # systemd is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published by # the Free Software Foundation; either version 2....

Today, I decided to have a quick revision on SELinux as it’s been a long while that I worked on any projects that required my attention to fiddling with SELinux. While I was looking for an sealert in /var/log/messages on my Fedora based desktop, I found a real issue that I need to fix. Like most of my blog posts, I’d like to start writing the post while I was about to solve the issue....

Earlier today, I have a need to check for a UDP opening port on a remote Linux server. And I felt blank in my brain, like I never done this before. Then I remember with TCP, I could use nc command to check it. Something like: ➜ nc -vz opnsense 22 Ncat: Version 7.92 ( https://nmap.org/ncat ) Ncat: Connection to 2400:a888:333:0:222:ffff:fe54:67de failed: TIMEOUT. Ncat: Trying next address... Ncat: Connection to 192....

This post documents what I learned about creating custom Axum extractor which can be used with the validator for validation. Create a new test project: ➜ cargo new request-validator cd request-validator The first crate to be added is axum for Axum framework. request-validator on  main [?] via 🦀 v1.79.0 ➜ cargo add axum Updating crates.io index Adding axum v0.7.5 to dependencies Features: + form + http1 + json + matched-path + original-uri + query + tokio + tower-log + tracing - __private_docs - http2 - macros - multipart - ws Updating crates....

There is a container that I cannot stop. TL;DR the solution that worked for me was rebooting the host system. Anyhow, I’ll share the troubleshooting steps that did not work. ❯ podman stop semaphore-postgres WARN[0010] StopSignal SIGINT failed to stop container semaphore-postgres in 10 seconds, resorting to SIGKILL Error: given PID did not die within timeout ❯ podman ps -a | grep semaphore-postgres a688a42c4c15 docker.io/library/postgres:16 postgres 17 minutes ago Stopping 0....

For instances which use version 2 of instance metadata, IMDSv2, run the following 2 commands: [ec2-user@ip-172-31-45-35 ~]$ TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"` [ec2-user@ip-172-31-45-35 ~]$ curl -w "\n" -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/instance-id i-04bd6066612345678 If you use IMDsv1, then there is no need generate the TOKEN value first, just query the instance-id directly: [ec2-user@ip-172-31-45-35 ~]$ curl -w "\n" http://169.254.169.254/latest/meta-data/instance-id In my case, it returned nothing as my EC2 instances uses IMDsV2....

Tonight I want to connect to an EC2 instance that resides in a private subnet. I currently don’t have a bastion host I can use as an intermediary to jump to this instance. Well, as you might have guessed from this post’s title, the AWS Session Manager is something that might be helpful in this case. So, join me in this journey to configure and set up the Session Manager, using AWS CLI only....

Once upon a time there exist an ElastiCache Redis cluster that I no longer needed. I know that the cluster could be deleted via ElastiCache web console. However, as a command-line addict as myself, I wanted to use AWS CLI to delete the cluster instead. Well, actually this is my first time trying to delete an ElastiCache cluster using the CLI. I’m going to try to document how I do this, and what mistakes I’d make a long the way....

I kept forgetting about the AWS CLI which is quite handy to quickly check if SSM is working on an EC2 instance. So here it is again for my future-self. Use get-connection-status to return the connection status of the specified managed instance. $ aws ssm get-connection-status --target i-092af3b3c1234567 { "Status": "connected", "Target": "i-092af3b3c1234567" } Reference: get-connection-status