SELAMAT TAHUN BARU 2021

Selamat Tahun Baru 2021! Semoga di tahun 2021 ini Coronavirus(Covid-19) dapat segera berakhir, semoga apa yang direncanakan dapat terwujud, dan ke depannya menjadi lebih baik lagi.
Aamiin.

Image Credit: Eugine Cholo

Malware alert? kdevtmpfsi get cpu high usage

Well, a couple days ago my friend contacted me that his server on Linode Cloud Hosting & Linux Servers was infected a malware. His server that had cpu high usage. After checking in-depth that the name of malware is kinsing, and was owned by postgres user.

Removing the malware
On this step we'll remove the malware manually. FYI, the characteristic of malware that he will create a kdevtmpfsi on /tmp and kinsing on /var/tmp directory, and the impact is it will consuming high CPU on the server. Every time I tried to removed the kdevtmpfsi and kinsing file on /tmp and /var/tmp but no luck, it will recreating by itself and running as postgres user.

As you can see above, the malware tried to download kinsing file from ip address 188.119.112.132.

Step to remove
As describe here, assuming you have been removed the malware on /tmp and /var/tmp directory, then create a kdevtmpfsi and kinsing file as follow:
At first, find and remove it:

# find / -iname kdevtmpfsi -exec rm -fv {} \;
# find / -iname kinsing -exec rm -fv {} \;    

Then create it:

# touch /tmp/kdevtmpfsi && touch /var/tmp/kinsing
# chmod 000 /tmp/kdevtmpfsi && chmod 000 /var/tmp/kinsing
# chattr +i /tmp/kdevtmpfsi && chattr +i /var/tmp/kinsing

Then purge remove of postgresql.

# apt-get remove --purge postgresql

After the step above, please reboot the server, and then install again the postgresql.

That's all!

References:
https://boxmatrix.info/wiki/Property:kdevtmpfs
https://en.wikipedia.org/wiki/Chattr#In_Linux_systems_.28chattr_and_lsattr.29
https://htop.dev/
https://linux.die.net/man/1/top

Pyenv shims cannot find executables

After I upgrade python to the new version on my laptop, and when I run python I got this warning:

/Users/darm/.pyenv/shims/python3: line 21: /usr/local/Cellar/pyenv/1.2.18/libexec/pyenv: No such file or directory

To solve the issue, you have to rehash it, like below.

pyenv rehash

PostgreSQL: password authentication failed for user "postgres"

In our development environment we use postgresql for our database engine. We just create a new database, and our developer requested that they want have new role. The new role will have SELECT access into tables that they requested before.
But something happen when our developer trying to run sql command like below:

# select * from table_name;
ERROR:  could not connect to server "server_master"
DETAIL:  FATAL:  password authentication failed for user "postgres"

In this situation we have to check one by one what's the password of user postgres, and we found the password is different. To check current password of user mappings, you can type \deu+ on psql console.
In this case we will change the password of user mappings. To change the password, assuming you are on the right database, and run this on psql console:

# ALTER USER MAPPING FOR postgres SERVER server_master OPTIONS (SET password 'YOUR_NEW_PASSWORD');

Then check it again the user mappings with \deu+.
Then try it once again.

Cool, we have no error found anymore!
Reference: https://www.postgresql.org/docs/10/sql-alterusermapping.html

Linux Kernel 5.8 relased!

Well, as we know that Kernel 5.8 has announced by Linus Torvalds. You guys can directly check his announcement on Linux Kernel Mailing List(LMKM).

And I'm going to upgrade my kernel on Arch Linux. Stay tuned!