Skip to main content

A tale of two crons or: How cron helped me spot an infection on a server

A few days earlier, while I was helping my friend administer his VPS, I noticed a suspicious entry in last command's output. To make sure nothing shady was running on the server, I ran ps aux to list all the processes running and started inspecting the output. By pure coincidence, I noticed that there were two cron daemons running, one with the name cron and one with the name crond. The VPS was running Ubuntu Server 14.04 and I knew from experience that the one with the name cron should be the one running by default. So why was there a process named crond running as well?


To find the source of the crond process, I started by running the which crond command, but surprisingly got no output. By this time, I was sure that this process was fishy. To find the directory from where this process was running, I ran pwdx with its pid. The output was:

<pid>: /tmp/ .

I immediately cd'ed to the /tmp/ directory.

Continue Reading...

Disable Piwik update notification emails

Today, I received an email from my server, notifying me of an updated version of Piwik being available. That's nice I thought, but the thing is that I never received such an email before, and I couldn't recall seeing any setting in Piwik's UI for configuring the same!

After a bit of searching around the net, I found that this setting was probably added with Piwik 2.4.0, at least that's when I started getting the notifications.

Anyway, if you don't want Piwik to send update notification emails for whatever reason, you can follow the given instructions.

Disabling all (core + plugins) update notification emails

By default, update notification emails are only enabled for Piwik's core, i.e., the main installation, and disabled for the plugins.

To disable updates to the Piwik core as well, you need to edit the config.ini.php file, present under the config directory of your Piwik installation.

Continue Reading...

Remind yourself to run Taskwarrior

After playing around with multiple techniques and programs for managing my todo tasks, I settled for Taskwarrior. I have been using Taskwarrior for a couple of months now, and I must say that it fits my requirements very nicely.

Initially, I was quite enthusiatic to play around with it, so I had no problem in actually remembering to run it every once in a while. But as it usually happens with todo managers and such, I actually started forgetting to run Taskwarrior to see what's on my list :P

This can be specially devastating if you happen to miss an important reminder, such as a bill payment reminder.

Continue Reading...

Arch Linux cronjobs repository


Since a few days ago, Arch Linux package maintainers have started replacing cron jobs shipped with several packages in favour of systemd timers. While this is fine for those who use systemd, it is not so fine for those of us using alternatives such as OpenRC, minirc, etc.

So, I decided to create a repository containing cron jobs for programs running on Arch Linux systems:

The present set of files has been retrieved from the Arch Linux svntogit repository. The same can be used to find the cron jobs which are not present in my repository, and have been removed from their respective packages as well.

Continue Reading...

Google: Account Information Leak

With an average computer user having online accounts on dozens of websites these days, it is not uncommon for people to lose access to their beloved accounts due to a variety of reasons. Companies often try their best to make it as easy as possible for the users to have access to their online accounts restored. Unfortunately, sometimes this can turn out to be too friendly, as I will demonstrate below.

Using Google Account Recovery, you can retrieve private information, such as names and profile photos, belonging to accounts other than yours too.

The only requirement is an email address associated with a Google account.

How it works

Upon reaching the Account Recovery page, you are presented with the following options:

Having trouble signing in?

  • I don't know my password

  • I don't know my username

  • I'm having other problems signing in

Continue Reading...

Mozilla tabzilla.js Easter Egg

While reading some documentation over at the Mozilla Developer Network (MDN), I found a nice hidden surprise in — guess where? Firebug's Console!

So what was the surprise?

Too curious, eh? See for yourself:

ASCII Mozilla Mascot

It's a nice ASCII version of the Mozilla mascot, which is accompanied by an invitation to work for Mozilla or contribute to Mozilla. It is loaded through a file named tabzilla.js.

Continue Reading...

Interesting Links - February 2014

Yet another month passed by, and many interesting events took place during this period. Here are a few of the highlights of the previous month.

World of FOSS:

Continue Reading...