Grafana 5.x Running on Raspberry Pi

Got around to upgrading my Raspberry Pi 3 Model B weather station with a newer version of Grafana, the Debian packages for ARM are hosted on Grafana’s download page under ARMv7.

Moving from a 2.x word to a 5.x has been impressive, most notably the drag, drop, and resize functionality.

I’m still using InfluxDB and Telegraf to store and populate my time data points.

Latest Raspbian’s (stretch) comes with Influx 1.0.2 and works nicely:

# dpkg -l | grep influxdb
ii  influxdb     1.0.2+dfsg1-1 armhf

While I needed to grab the Telegraf as a Linux Binary (ARM) from Influx’s download page.


File not found!

I’ve seen it before, a customer deletes a file and then needs it restored.

Normally a challenging request, but under special circumstances a process may have the file opened.

While showing my son some fun and exciting Linux security scenarios, I recalled all those times I was able to recover data from the /proc (in memory) filesystem. In order to visualize this scenario I threw together a small Dockerfile and had him poke around:

Once logged in you notice a script, for our scenario this is our companies server daemon. If we browse the code we notice a file named password.txt was opened, but never closed.

Ignore the sleep() function, this is just here to keep the file opened, and to simulate a daemon process.

The next things you should do it verify the server is actively running! If we hope to recover that file the server needs to have a lock on password.txt

root@4df66824ad14:~# ps aux
root   1  0.0  0.0  18504 3396 pts/0  Ss   01:37   0:00 /bin/bash
root  10  0.0  0.1  22548 6076 pts/0  S    01:37   0:00 python
root  24  0.0  0.0  34396 2904 pts/0  R+   01:45   0:00 ps aux

We are in luck!

From here we can use the lsof command to verify password.txt is still opened:

root@4df66824ad14:~# lsof | grep password.txt
python 10 root 3r REG 8,1 30 15860072 /root/password.txt (deleted)

Bingo! we see the file is opened, and it is marked for deletion. Good thing our service is still running!

All that is left is to track down our service’s process id (we see above it’s process id, or PID is 10).

We now have all the pieces to track down our password file from the in memory filesystem.

The /proc filesystem has a number of useful files, it also includes a directory for every running process (named after the PID).

Within the process directory we have a slew of files; however, the directory we care about is fd (standing for file descriptor):

root@4df66824ad14:~# cd /proc/10
root@4df66824ad14:/proc/10# ls -l fd
total 0
lr-x------ 1 root root 64 Sep 28 01:43 0 -> /dev/null
lrwx------ 1 root root 64 Sep 28 01:43 1 -> /dev/pts/0
lrwx------ 1 root root 64 Sep 28 01:43 2 -> /dev/pts/0
lr-x------ 1 root root 64 Sep 28 01:43 3 -> '/root/password.txt (deleted)'

And just like that we found a file representing our in memory password.txt file!

From here we can show its contents, or even restore it using cp:

root@4df66824ad14:/proc/10# cat fd/3

Happy hacking!

Curse of Strahd Miniatures

Like many others in the community I’ve been playing Curse of Strahd: A Dungeons & Dragons Sourcebook, and like others I’ve decided to 3D Print & paint a few of the miniatures you will meet throughout the introductory session Death House.

All minicatures were printed on a FlashForge Finder 3D Printer with default settings.

The models I used were downloaded from Thingiverse, and are all amazing; shout out to the gracious creators for sharing their work (see links below):

Dungeon Brawl

In order to re-familiarize myself with MongoDB I decided to write a little web application utilizing it as a backend datastore.

Dungeon Brawl is a Python Flask app that runs inside Docker with the help of docker-compose.

Using this application a Dungeon Master can easily track all things combat for their Dungeons and Dragons group.

Grab the source code from Github, or check out a demo.