Crashing your kernel on purpose

February 15, 2016 Uncategorized No comments , , , ,

Ok, that sounds funny, doesn’t it? Well, it turns out, sometimes, you want to test your kernel dump or something of the sorts. Here’s how to do it:

echo c > /proc/sysrq-trigger

This will, instanly, crash your kernel.


HowTo: Ask questions in Bash?

December 29, 2015 Uncategorized 1 comment , , , , , ,

I’ve been writing some script to configure some firewall and came up with this way of asking a question in Bash. I hope it helps as an example. Feel free to contribute your own:

#!/usr/bin/env bash

ask() {
    local query=$1

    if ( echo $query | grep -qi password ); then
        read -s -p "$query: " answer
        read -p "$query: " answer

    return 0

ask 'What is your name?'

echo "Hello, $answer"

ask 'Please, give me your password'

echo "Access granted"

As you can devise from the script, “$answer” is a global; which will get overwritten if you use ask() again. In case you want to make several questions, just reassign the var to another one:

ask 'What is your first name?'

ask 'What is your last name?'

echo "Nice to meet you, $firstname $lastname!"

So, this gives you an idea. I’d check this article to learn some defensive Bash programming; which I am just starting to absorb:

HowTo: Fixing Dovecot 2.2 in CentOS 7.2

December 22, 2015 Uncategorized No comments , , , , , ,

Warning: If you update dovecot on CentOS 7, it will brake! You need to update one of the config files in order for it to keep working:

# /etc/dovecot/conf.d/15-mailboxes.conf
namespace inbox {
    inbox = yes

So, basically, you need to add inbox = yes within the inbox namespace.

Far away: A Creative Commons success story

December 12, 2015 Uncategorized 2 comments , , , , ,

Once upon a time, I made a song for a good friend (Juan Carlos Cano); since he got a good contract from a big label and he was to record an album.

The song was made and I uploaded it to my website:

So, Juan heard it and liked it. I don’t know if he ended up putting it on the album or not.

A year passed and a great artist, Carlos SBF; from Brazil, decided to make an awesome video of him painting a guitar and decided to use “Far away”; which he found on OpSound; a Creative Commons website for artists, like me, who like to upload their songs with a Freedom-friendly licenses.

The video is awesome… and it got 6,000,000 views… wow!

People asked for the song so I decided to upload it to the website of my Creative Commons band: introbella.

I am impressed of what happened. I didn’t have any expectations for that song… for none of my songs. I just make them because I love to listen to them. It feels awesome when someone else appreciates it. In this case, I got the chance of being heard by 6,000,000 people. This is far more than what I wished for.

Thank you Carlos. Thank you, listener. I am delighted to learn that people appreciates my music.

Feel free to download it, share it, change it and sing it with your friends if you feel like it. Same goes for all my music. It is mine and yours.

Thank you!

HowTo: Generate free SSL certificates for Nginx/Tengine with LetsEncrypt

December 11, 2015 Uncategorized 1 comment , , , , , , , , , , , ,

OK, it’s fairly easy to get this done on a distro like Funtoo/Gentoo or Fedora, which are the distros I use.

First of all, you need to install this thing on your server:

# Fedora
su -
dnf -y install letsencrypt

# Funtoo/Gentoo
su -
mkdir src && cd src
git clone
cd letsencrypt
./letsencrypt-auto --help

This will install, in both cases, the necessary stuff to generate your certificates. Now, on the second case, it’s going to create a virtual environment. The letsencrypt package is available for Funtoo/Gentoo but masked for now.

OK, now, we’re going to use the manual method to generate our certificates. This is because they say that nginx is highly experimental at the moment and we don’t want to mess around with these things so we’re to do it manually and learn a bit in the process.

Now, after you install, you’re gonna have /etc/letsencrypt created. Backup that directory right now!

tar -caf $( date +%Y%m%d )-etc-letsencrypt.tar.gz /etc/letsencrypt

Now, let’s generate some certs. No wildcards so we’re to generate as many specific domain certs as we want, in a single run!

letsencrypt certonly --manual --agree-tos -m -d -d -d -d

This will generate all my certs. It will ask me if I agree of my server’s IP being logged. I do agree. So, I say yes. After that, it will ask me something like: “make sure this file is visible in and it contains “. So, just make sure you can click on the link and see the contents. This is to be done manually. For example:

umask 022
cd /srv/www/
mkdir -p .well-known/acme-challenge
cd .well-known/acme-challenge
touch allaskdjlk2j3l4kj3245lw2kj4lkj4l2k3j4lk23j4lkj234 # the long filename mentioned before
echo 'allaskdjlk2j3l4kj3245lw2kj4lkj4l2k3j4lk23j4lkj234.2Z_2342847298slkdjflksdjflkjr95832ulsdjf' > allaskdjlk2j3l4kj3245lw2kj4lkj4l2k3j4lk23j4lkj234

Obviously, try the link and see if the contents are correct.

Now, you will have to do this for all domains. In my case:,, and

After this, it tells you a bunch of things but it says the word: “congratulations” somewhere. If you see that word, you’re there, dude/dudess!

This thing has created some certs in a very non-FHS place: /etc/letsencrypt/live/ in my case. So now, the contents of that are some symlinks:

cert.pem  chain.pem  fullchain.pem  privkey.pem

This is smart by them. You will need to update these in 3 months! You should be able to automate this in a cron job or something. I’ll try to do that later on.

Now, I am to use the cert and the privkey. I will edit my nginx configuration and add:

ssl_certificate /etc/letsencrypt/live/;
ssl_certificate_key /etc/letsencrypt/live/;
ssl_trusted_certificate /etc/letsencrypt/live/;

To all the server {} instances I need to. Also, try having:

ssl_protocols TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_stapling on;
ssl_stapling_verify on;

somewhere in your global conf; somewhere inside http {}. This will limit the protocols to use and leave you with the one you’re using. If you don’t know what this is, just leave it as it is. This is semi-pro stuff 馃槈


%d bloggers like this: