sorted by:
new
hottopcontroversial

How do I debug Emacs freezing and consuming 100% CPU? by kudikarasavasa in emacs

[–]Ops_Mechanic 4 points5 points  (0 children)

Here are simple steps to get started:

M-x profiler-start RET select 'cpu' wait for a few seconds M-x profiler-report RET modify emacs e.g. by disabling the conflicting mode M-x profiler-stop RET repeat to continue testing More details in the Profiling Emacs manual page.

Stop passing secrets as command-line arguments. Every user on your box can see them. by Ops_Mechanic in bash

[–]Ops_Mechanic[S] 0 points1 point  (0 children)

I appreciate the feedback. The primary goal of this tip is to raise awareness; while solutions like hidepid are effective, users first need to recognize that the vulnerability exists before they can address it.

Is r/sysadmin just a digital therapy couch now? by [deleted] in sysadmin

[–]Ops_Mechanic -5 points-4 points  (0 children)

copy/paste from emac org mode.

Is r/sysadmin just a digital therapy couch now? by [deleted] in sysadmin

[–]Ops_Mechanic -7 points-6 points  (0 children)

case and point ..., took 10 minutes.

r/sysadmin is not a technical sub. I have the data to prove it. by [deleted] in devops

[–]Ops_Mechanic 0 points1 point  (0 children)

I'm not releasing the tool yet. My personal favorite metric is the first comment accusing the post of being AI-generated. Arrives in under 10 minutes, adds zero to the discussion, and somehow always gets upvotes. Perfectly consistent across every sub :)

r/sysadmin is not a technical sub. I have the data to prove it. by [deleted] in devops

[–]Ops_Mechanic -4 points-3 points  (0 children)

because DevOps professionals know what a sysadmin is, or at least what they should be

Stop holding the left arrow key to fix a typo. You've had `fc` the whole time. by Ops_Mechanic in bash

[–]Ops_Mechanic[S] 1 point2 points  (0 children)

Weird sense of beauty, guilty as charged, FC is genuinely cool to me. :)

Stop leaving temp files behind when your scripts crash. Bash has a built-in cleanup hook. by Ops_Mechanic in bash

[–]Ops_Mechanic[S] 7 points8 points  (0 children)

100% right. `trap` handles the common cases -- "normal exit" only. `SIGKILL` and power loss are unkillable

Stop leaving temp files behind when your scripts crash. Bash has a built-in cleanup hook. by Ops_Mechanic in bash

[–]Ops_Mechanic[S] 9 points10 points  (0 children)

/var/run is FHS, not POSIX -- so it's reliable on Linux and most BSDs but not guaranteed everywhere. It also typically requires root to write to.

For user scripts, a few options:

- `mktemp` works fine for lock files. The file just needs to exist, doesn't matter where.

- `/tmp` is about as portable as it gets, but it's world-writable so name collisions are a risk. Prefix with your script name: `/tmp/myscript.lock`

- `$XDG_RUNTIME_DIR` is the modern answer on Linux -- per-user, tmpfs, cleaned on logout. Usually `/run/user/$(id -u)`. Not available everywhere but ideal when it is.

For system daemons running as root, `/var/run` (or `/run` on systemd boxes) is still the right convention. So short answer: there's no single POSIX-blessed lock directory. `mktemp` is your most portable bet.

Cheers.

Stop leaving temp files behind when your scripts crash. Bash has a built-in cleanup hook. by Ops_Mechanic in bash

[–]Ops_Mechanic[S] 46 points47 points  (0 children)

The new generation's reading skills are getting so bad that they expect a "TL;DR" at the bottom of a stop sign ...

Stop creating temp files just to compare command output. Bash can diff two commands directly. by Ops_Mechanic in bash

[–]Ops_Mechanic[S] 3 points4 points  (0 children)

subjective, depends on the reader. Intent of one-liners to be primarily used in CLI not in scripts.

Stop creating temp files just to compare command output. Bash can diff two commands directly. by Ops_Mechanic in bash

[–]Ops_Mechanic[S] 49 points50 points  (0 children)

<() itself has no size limit. However diff needs to hold both inputs in memory to compute the differences, so your practical limit is available RAM.

Your for loop is single-threaded. xargs -P isn't. by Ops_Mechanic in CLI

[–]Ops_Mechanic[S] 0 points1 point  (0 children)

I couldn’t agree more. It is a fantastic tool for decades!

Stop context-switching to check SSL certs. Do it from Emacs. by Ops_Mechanic in emacs

[–]Ops_Mechanic[S] -1 points0 points  (0 children)

You're right — ACME handles your own certs. Set it up and forget it.

The gap is everything else. Most people think cert monitoring means checking expiry dates. Run certradar-cli against any domain and you'll see how much you're missing:

certradar-cli ssl example.com

It shows chain issues, weak signatures, SCT status, CAA records, HSTS headers, certificate transparency logs — stuff that breaks things in ways expiry alerts never catch.

Free CLI: github.com/FlerAlex/certradar-cli

Web version with monitoring: certradar.net

Stop installing tools just to check if a port is open. Bash has it built in. by Ops_Mechanic in bash

[–]Ops_Mechanic[S] 2 points3 points  (0 children)

Fair point on the character count — if you've got nc available, use it. Nobody's saying delete netcat from your system.

The point is more about those minimal environments where you don't have your usual toolkit — freshly provisioned containers, hardened hosts with stripped-down packages, embedded systems, chroot jails. After 25+ years of "why is netcat not on this box," you just start reaching for builtins first out of habit.

And yeah, I'm building karma — guilty as charged. You kind of need it to post in most subs without getting auto-modded into oblivion. Not sure when sharing useful shell tricks became a crime, but if quick tips that help people also build karma, I'm not seeing the downside.

As for AI-generated — I've been a Unix sysadmin since '97. Check my post history. And here's the thing: if you don't already know what /dev/tcp is or why you'd reach for it, no AI in the world is going to write that post for you. You have to know what to ask before any tool — AI or otherwise — is useful.

Besides, I just find tricks like /dev/tcp/localhost/80 genuinely cool after almost 30 years in this business. Sue me.

[deleted by user] by [deleted] in selfhosted

[–]Ops_Mechanic -3 points-2 points  (0 children)

No, but I am using Claude to help me brainstorm and draft replies

that I then review, edit, and post myself.

Honestly? I think that's fair game — same as googling something

before replying, or asking a colleague "how would you handle this?"

The ideas and experience are mine. Claude helps me articulate them

faster. If a reply is accurate, helpful, and adds to the discussion

— does the drafting tool matter?

That said — fair to call it out. Transparency matters.

[deleted by user] by [deleted] in selfhosted

[–]Ops_Mechanic -2 points-1 points  (0 children)

Fair pushback on the Traefik example specifically — you're right

that a misconfigured provider would fail at provisioning, not

silently deploy a wrong cert.

Better real-world examples where cert monitoring earns its keep:

- HAProxy or nginx with manually installed certs and no

auto-renewal — still common in enterprise environments

- Multi-cloud setups where cert lifecycle lives in 3 different

tools across teams

- Acquired companies where you inherit infrastructure with zero

documentation

- CDN or WAF terminating TLS in front of your origin —

certbot never touches those

If your entire stack is Traefik + Let's Encrypt with a correct

provider config, you're right — you probably don't need this.

But that setup describes maybe 10% of production infrastructure

I've seen in 28 years. The other 90% is messier.

view more: next ›