Category Archives: System

How to dupplicate your packages selection

You may want to save your selection of packages, in order to reinstall all your softs later without having to look for and manually install them one after another. It is a convenient way to move a server to a new machine.

On Debian / Ubuntu, this is quite easy.

A while ago the solution used to be :

$ dpkg --get-selections > file.txt

and then, an a freshed installed machine :

$ dpkg --set-selections < file.txt
$ apt-get upgrade

But, for some reason I don’t know and that I would be happy to learn, it seems that this does not work anymore.

Below is the way I got it to work, though it is a little bit more complicated.

So, let’s save the selection of packages into a clean list file, though we are only interested in the packages names :

$ COLUMNS=200 dpkg -l | awk '/^[hi]i/{print $2}' | xargs > liste-apt.txt

and to install on the new machine :

$ cat liste-apt.txt | xargs apt-get install -y

So far, it worked very well on my servers ! APT is a great tool.

Perl : how to monitor a service remotely using sockets

I came to program my first Perl script based on sockets, after setting an IPSEC tunnel.

This tunnel is linking the remote peer and the local peer through an OpenBSD VPN gateway (managed with Isakmp).

The problem is that time allowed for this connection is limited, for security policy reasons. So it is not a 24- hour standard tunnel, but rather an on-demand type connection.

Note that the connection is automatically reset by the remote peer, by invalidating the connection cookie and therefore oblige to renegotiate the VPN tunnel from the beginning (phase 1 of the key exchange).

In other words, the Isakmp service has to be restarted every time we need the tunnel to be up.

Of course, it is not the purpose of Isakmp to have such a mechanism and what we want is to start the tunnel from the local peer, every time it needs to do some transfer.

The graph below summarizes the situation :

IPSEC tunnel with OpenBSD as a VPN gateway

That is why I came to develop a script that opens a socket and allows the peer to remotely restart the Isakmp service.

Continue reading