who did what with ROOT?!

When you are not sure who is using SUDO on a server, and you really need to know who keeps making that annoying change.  You can install something to watch them, and maintain that software and related logs. Keep it setup in your package management system, and make sure it doesn’t have any patches.


You could use the little-known (at least those I have asked in the field) modifications I will list below.  They are two fold.  One, you will enable to record who logs in and uses SUDO, and records their session. Much like many pieces of software out there today.  The one catch to my method is simple.  You already have the software installed, yup this has been a feature of SUDO since version 1.7.4p4.  So nothing else to install, worry about, or maintain.  It is also very easy to setup, see below:

/etc/sudoers modifcation:
All you need to do is to add 2 tags to all required sudoers entries.
*(where "su" specified, either with command or alias). 

Add the following default log dir structure to sudoers:
Defaults iolog_dir=/var/log/sudo-io/%{user}
Output is logged to the directory specified by the iolog_dir option (/var/log/sudo-io by default) using a unique session ID that is included in the normal sudo log line, prefixed with TSID=.  The iolog_file option may be used to control the format of the session ID.  Output logs may be viewed with the
sudoreplay(8) utility, which can also be used to list or search the available logs.   Keeping in mind that if the user has a really long session you will be viewing it like a movie, it will replay as if he is sitting there typing.  With this in mind, sudoreplay gives you the ability to play back at faster speeds.  This makes it easier to find where things happened in a long recording.

So that is one good method to help find a culprit, but what if you are just looking at history of root?  Can you tell me who ran what? Can you tell me when they ran the commands you see when you type ‘history’?  By default, no.  The next tidbit of info is very useful, and extremely easy to add to your machines.  Simply add the following to your /etc/profile:

export HISTTIMEFORMAT=”%d.%m.%y %T “

Yes, that is a space at the end.  If you do not put that in there you will end up with it running together with the actual command typed in history.  So your history should look like the example below:

1995 06.10.15 13:08:05 top
1996 06.10.15 13:08:05 clear
1997 06.10.15 13:08:05 df -h
1998 06.10.15 13:08:05 umount /media
1999 06.10.15 13:08:05 sudo umount /media
2000 06.10.15 13:08:05 sudo su –
2001 06.10.15 13:08:07 history

I hope this helps someone save some time, as it has me.  Please feel free to share with others.




If you use Microsoft, you get what you deserve…

…only if you read this and keep using it…


     If you use Microsoft, it doesn’t make you dumb. We all know its the most popular, and shoved down your throat by the $2,000,000,000 they spend a year trying to sway your opinion.  Not to mention the bullying tactics I have seen first hand in the B2B space.

Keep in mind I am not talking solely about privacy as seen in the picture below.  However, that alone should be enough for any business to stop using them immediately.  Most companies are afraid of change, because it usually costs money. Although, if you truly calculate the costs of running Microsoft as an OS you will see that it is much higher.  Not only is it not fiscally irresponsible, but if you are a software company; or one that relies on it heavily.  You will find that the completely horrid security of windows makes it a great target.  Combine that with uneducated users and you get the hackers favorite playground.

You may have noticed that I haven’t mentioned performance comparisons.  Thats because windows doesn’t even come close to the stability and speed of Linux/BSD.  Here is an experiment for you Windows users.  Try turning it on, and not doing anything and let it run for a month straight.  Then make note of when it crashes (because it will).  Then do the same with a vanilla Linux install. I turned my last laptop off after 376 days of uptime.



The Nightmare of Azkaban with Hive (Hadoop)

I have been working on a deployment of Azkaban for about a week now; and getting the server up and running was easy.  However I have had many major issues with Azkaban since day one.  I feel like sharing this could help someone else if they decide to use it.


  • It has dependency flows that are easy to use.
  • ACLs
  • Pretty Graphs
  • Scheduling (Kinda its purpose)
  • Good API


  • Hive/Pig and Possibly other Jobtypes simply do not work.
    • After many hours of searching I found there is a bug in the jobtypes plugin, and it has not been fixed.
      • You must completely recompile with the newer version to have these job types work.
    • The Newest version of Azkaban is no where close to the version they have on their site.
      • This also is not compiled, you will have to do it manually.
    • The Documentation is full of errors, bad links, and omissions (at best).
      • Not to mention it is all for 2.5, when 3.x is out.
      • SSL Keystore Doc Links are all bad (major setup step).
    • No Packages for YUM/APT/ZYPPER/etc
      • I would have thought someone would have done this by now
        • I created some using FPM
    • No INIT script built. (Azkaban Init Script)

So, in closing as you can see the project has good intentions but that’s about it.  Its not ready for prime time, and they really need to get their stuff together.  If it were cleaned up and recompiled, and packaged.  It would probably be an OK product. However, the lack of organization and communication will be what prevent me from recommending this for any of my personal customers going forward.  I hope this helps anyone considering this product.


Matthew Curry

Your Favorite IDE/Editor (GUI)

I have tried many editors in Linux, Mac, and even Winblows.  However, none of them like this…  Please take a look at this video and you will be surprised at the customization that is possible with this editor.  No matter your language, theme, or plugin preferences.  It also has its own package manger to mange all the awesomeness so you dont get corn-fused…



DKA and Gasteroperesis

As many of you know I have been fighting an illness, as well as some rough times moving states.  I just wanted to say thank you to everyone that has helped us when we needed it.  Below is a picture of me before my illness (on the right); and afterward (on the left, just before I was admitted to the ICU for DKA).  Respective weights in pounds 189/318. There has been a lot I have learned from dealing with both diabetes and gasteroperesis.  Anyone dealing with gasteroperesis should take a look at http://livingwithgastroparesis.com/.




Page Updates

I have updated the Technologies page, and the Contact Me pages.  The technologies page now has many links to information on the technologies listed.  This is to help answer any questions anyone may have as to what the acronyms were for.  As far as the Contact Me page; the form has been removed, and my information is listed.  This includes my social media information for those looking.

Pages Updated:


SysAdmin Day



Everyone post your SysAdmin desktops to show support!  If it weren’t for your local systems administrator you would likely not be using a computer right now.  These guys are the hard working backbone of any IT department.  These unsung heroes go unnoticed in their back offices until something breaks…