New Projects - Fresh from the Labs
First up this month, we have Droopy, a miniature Web server. Now, if you're like me, and the combination of seeing the words Linux and Web server usually results in a sleep-induced coma, fear not. This actually is more useful for average Internet users. Its sole purpose is to allow other people to upload files to your PC by presenting them with a Web page interface, and its requirements are about as minimalist as I've come across.
Thankfully, Droopy has only one real requirement—Python. As 99% of you already have that installed, we can jump right into this one. Droopy itself is merely a Python script, so all you need do is head to the project's Web site, and save the droopy file to your local hard disk. You will be running Droopy through the command line, mind you, so save it to a directory that will be easy to access via the command line. The Droopy Web site recommends making the directories ~/bin and ~/uploads, and saving the droopy file to ~/bin.
Once you've done this, it's time to run the script. If you made the uploads directory, open a terminal there before running the script. This isn't a requirement, but wherever you run the script, this is where any uploaded files you receive will go.
The Droopy site and man page have an example command that inserts a greeting message and displays a picture as well:
$ python ~/bin/droopy -m "Hi, it's me Bob. You can ↪send me a file." -p ~/avatar.png
If you have Droopy installed somewhere other than ~/bin, change to path to wherever the droopy file is sitting now. If, like me, you're not called Bob, change the name (you also might want to use a less goofy message). The picture isn't a requirement, but it can help identify your page. It needn't be avatar.png either, any image file will do.
Once the script is running, you can visit a mini-Web site from any browser at http://localhost:8000/.
If all is well, you should have something that resembles the screenshot shown here. This is all well and good, but people need to upload to you. Clicking Discover the address of this page will give you a URL that you can then pass on to your friends, so they now can upload to you, provided the script is running. To upload to one of these pages, there's a rather obvious empty text field with Browse and Send buttons sitting next to it that will allow the people uploading to choose the file they want and send it to you. Once they have sent it, a notification should appear on your terminal output, and the new file will be sitting in your uploads directory.
Not being a security expert, I imagine there's probably some sort of vulnerability here (this most likely would be catastrophic on Windows), but I couldn't give any real advice in that regard. Personally, I don't have a mission-critical enterprise system, so I'm not exactly worried myself, but dig around if you're concerned. All in all, Droopy is a clever piece of scripting that is easy to install and fairly easy to use, provided that you're not scared of the command line. For those put off by transfer methods, such as IRC, MSN clones and the like (and not forgetting pesky e-mail size limits), this may be just what you're chasing.
With the advent of sudo and an increasing number of new Linux users, the possibility of users deleting mission-critical files by accident is becoming all the more real. To deal with this issue there is now safe-rm:
safe-rm is intended to prevent the accidental deletion of important files by replacing /bin/rm with a wrapper that checks the given arguments against a configurable blacklist of files and directories that should never be removed. Users who attempt to delete one of these protected files or directories will not be able to do so and will be shown a warning message instead. Protected paths can be set both at the site and user levels.
Installing safe-rm is a pretty rudimentary affair. You basically just copy one file to the right place. To begin, head to the Web site and grab the latest tarball. Extract it, and as root, copy the safe-rm file to /usr/local/bin, and rename it to rm.
Make sure the file is flagged as readable and executable for the rest of the system (as root or sudo):
# chmod a+rx rm
If this doesn't work, you may want to make a backup of the original rm in /usr/bin and then copy and rename safe-rm here. This will make your system use safe-rm in place of rm. Of course, you could leave the filename as is and enter safe-rm every time you want to delete a file, but who wants to do that?
As for usage, just use rm the same way you always have, but with the warm and fuzzy knowledge that you're not going to kill your system or accidentally cause nuclear war. Overall, safe-rm is a useful and clever modification on an age-old tool that hopefully will make its way into mainstream distros soon.
John Knight is the New Projects columnist for Linux Journal.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Death of RoboVM
- BitTorrent Inc.'s Sync
- The Humble Hacker?
- The US Government and Open-Source Software
- ACI Worldwide's UP Retail Payments
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide