This article is the best I've ever seen about the subject of gun ownership. Thank God for sheepdogs.

Reposted from: Marine Corps Moms August 15, 2004


This essay, by Lt.Col. Dave Grossman, former West Point psychology professor and retired Army Ranger, was sent by the wife of a retired Marine. She notes, "I've met many Marines in the past 25 years, all the same type: Strong, compassionate, patriotic, brave. Many of our non-military friends say they can't understand why Marines are the way they are. I thought the following article shed a bit of light on these brave men."
Warrior Ethos
"Honor never grows old, and honor rejoices the heart of age. It does so because honor is, finally, about defending those noble and worthy things that deserve defending, even if it comes at a high cost. In our time, that may mean social disapproval, public scorn, hardship, persecution, or as always, even death itself. The question remains: What is worth defending? What is worth dying for? What is worth living for?" - William J. Bennett - in a lecture to the United States Naval Academy, November 24, 1997
One Vietnam veteran, an old retired colonel, once said this to me: "Most of the people in our society are sheep. They are kind, gentle, productive creatures who can only hurt one another by accident." This is true. Remember, the murder rate is six per 100,000 per year, and the aggravated assault rate is four per 1,000 per year. What this means is that the vast majority of Americans are not inclined to hurt one another. Some estimates say that two million Americans are victims of violent crimes every year, a tragic, staggering number, perhaps an all-time record rate of violent crime. But there are almost 300 million Americans, which means that the odds of being a victim of violent crime is considerably less than one in a hundred on any given year. Furthermore, since many violent crimes are committed by repeat offenders, the actual number of violent citizens is considerably less than two million.
Thus there is a paradox, and we must grasp both ends of the situation: We may well be in the most violent times in history, but violence is still remarkably rare. This is because most citizens are kind, decent people who are not capable of hurting each other, except by accident or under extreme provocation. They are sheep.
I mean nothing negative by calling them sheep. To me it is like the pretty, blue robin's egg. Inside it is soft and gooey but someday it will grow into something wonderful. But the egg cannot survive without its hard blue shell. Police officers, soldiers, and other warriors are like that shell, and someday the civilization they protect will grow into something wonderful. For now, though, they need warriors to protect them from the predators.
"Then there are the wolves," the old war veteran said, "and the wolves feed on the sheep without mercy." Do you believe there are wolves out there that will feed on the flock without mercy? You better believe it. There are evil men in this world and they are capable of evil deeds. The moment you forget that or pretend it is not so, you become a sheep. There is no safety in denial.
"Then there are sheepdogs," he went on, "and I'm a sheepdog. I live to protect the flock and confront the wolf."

If you have no capacity for violence then you are a healthy productive citizen, a sheep. If you have a capacity for violence and no empathy for your fellow citizens, then you have defined an aggressive sociopath, a wolf. But what if you have a capacity for violence, and a deep love for your fellow citizens? What do you have then? A sheepdog, a warrior, someone who is walking the hero's path. Someone who can walk into the heart of darkness, into the universal human phobia, and walk out unscathed.
Let me expand on this old soldier's excellent model of the sheep, wolves, and sheepdogs. We know that the sheep live in denial, which is what makes them sheep. They do not want to believe that there is evil in the world. They can accept the fact that fires can happen, which is why they want fire extinguishers, fire sprinklers, fire alarms and fire exits throughout their kids' schools.
But many of them are outraged at the idea of putting an armed police officer in their kid's school. Our children are thousands of times more likely to be killed or seriously injured by school violence than fire, but the sheep's only response to the possibility of violence is denial. The idea of someone coming to kill or harm their child is just too hard, and so they chose the path of denial.
The sheep generally do not like the sheepdog. He looks a lot like the wolf. He has fangs and the capacity for violence. The difference, though, is that the sheepdog must not, cannot and will not ever harm the sheep. Any sheep dog who intentionally harms the lowliest little lamb will be punished and removed. The world cannot work any other way, at least not in a representative democracy or a republic such as ours.
Still, the sheepdog disturbs the sheep. He is a constant reminder that there are wolves in the land. They would prefer that he didn't tell them where to go, or give them traffic tickets, or stand at the ready in our airports in camouflage fatigues holding an M-16. The sheep would much rather have the sheepdog cash in his fangs, spray paint himself white, and go, "Baa."
Until the wolf shows up! Then the entire flock tries desperately to hide behind one lonely sheepdog.
The students, the victims, at Columbine High School were big, tough high school students, and under ordinary circumstances they would not have had the time of day for a police officer. They were not bad kids; they just had nothing to say to a cop. When the school was under attack, however, and SWAT teams were clearing the rooms and hallways, the officers had to physically peel those clinging, sobbing kids off of them. This is how the little lambs feel about their sheepdog when the wolf is at the door.
Look at what happened after September 11, 2001 when the wolf pounded hard on the door. Remember how America, more than ever before, felt differently about their law enforcement officers and military personnel? Remember how many times you heard the word hero?
Understand that there is nothing morally superior about being a sheepdog; it is just what you choose to be. Also understand that a sheepdog is a funny critter: He is always sniffing around out on the perimeter, checking the breeze, barking at things that go bump in the night, and yearning for a righteous battle. That is, the young sheepdogs yearn for a righteous
battle. The old sheepdogs are a little older and wiser, but they move to the sound of the guns when needed right along with the young ones.
Here is how the sheep and the sheepdog think differently. The sheep pretend the wolf will never come, but the sheepdog lives for that day. After the attacks on September 11, 2001, most of the sheep, that is, most citizens in America said, "Thank God I wasn't on one of those planes." The sheepdogs, the warriors, said, "Dear God, I wish I could have been on one of those planes. Maybe I could have made a difference." When you are truly transformed into a warrior and have truly invested yourself into warriorhood, you want to be there. You want to be able to make a difference.
There is nothing morally superior about the sheepdog, the warrior, but he does have one real advantage. Only one. And that is that he is able to survive and thrive in an environment that destroys 98 percent of the population.
There was research conducted a few years ago with individuals convicted of violent crimes. These cons were in prison for serious, predatory crimes of violence: assaults, murders and killing law enforcement officers. The vast majority said that they specifically targeted victims by body language: slumped walk, passive behavior and lack of awareness. They chose their victims like big cats do in Africa, when they select one out of the herd that is least able to protect itself.
Some people may be destined to be sheep and others might be genetically primed to be wolves or sheepdogs. But I believe that most people can choose which one they want to be, and I'm proud to say that more and more Americans are choosing to become sheepdogs.
Seven months after the attack on September 11, 2001, Todd Beamer was honored in his hometown of Cranbury, New Jersey. Todd, as you recall, was the man on Flight 93 over Pennsylvania who called on his cell phone to alert an operator from United Airlines about the hijacking. When he learned of the other three passenger planes that had been used as weapons, Todd dropped his phone and uttered the words, "Let's roll," which authorities believe was a signal to the other passengers to confront the terrorist hijackers. In one
hour, a transformation occurred among the passengers - athletes, business people and parents. -- From sheep to sheepdogs and together they fought the wolves, ultimately saving an unknown number of lives on the ground.
"Do you have any idea how hard it would be to live with yourself after that?"
"There is no safety for honest men except by believing all possible evil of evil men." - Edmund Burke
Here is the point I like to emphasize; especially to the thousands of police officers and soldiers I speak to each year. In nature the sheep, real sheep, are born as sheep. Sheepdogs are born that way, and so are wolves. They didn't have a choice. But you are not a critter. As a human being, you can be whatever you want to be. It is a conscious, moral decision.
If you want to be a sheep, then you can be a sheep and that is okay, but you must understand the price you pay. When the wolf comes, you and your loved ones are going to die if there is not a sheepdog there to protect you. If you want to be a wolf, you can be one, but the sheepdogs are going to hunt you down and you will never have rest, safety, trust or love. But if you want to be a sheepdog and walk the warrior's path, then you must make a conscious and moral decision every day to dedicate, equip and prepare yourself to thrive in that toxic, corrosive moment when the wolf comes knocking at the door.
For example, many officers carry their weapons in church. They are well concealed in ankle holsters, shoulder holsters or inside-the-belt holsters tucked into the small of their backs. Anytime you go to some form of religious service, there is a very good chance that a police officer in your congregation is carrying. You will never know if there is such an individual in your place of worship, until the wolf appears to massacre you and your loved ones.
I was training a group of police officers in Texas, and during the break, one officer asked his friend if he carried his weapon in church. The other cop replied, "I will never be caught without my gun in church." I asked why he felt so strongly about this, and he told me about a cop he knew who was at a church massacre in Ft. Worth, Texas in 1999. In that incident, a mentally deranged individual came into the church and opened fire, gunning down fourteen people. He said that officer believed he could have saved every life that day if he had been carrying his gun. His own son was shot, and all he could do was throw himself on the boy's body and wait to die. That cop looked me in the eye and said, "Do you have any idea how hard it would be to live with yourself after that?"
Some individuals would be horrified if they knew this police officer was carrying a weapon in church. They might call him paranoid and would probably scorn him. Yet these same individuals would be enraged and would call for "heads to roll" if they found out that the airbags in their cars were defective, or that the fire extinguisher and fire sprinklers in their kids' school did not work. They can accept the fact that fires and traffic accidents can happen and that there must be safeguards against them.
Their only response to the wolf, though, is denial, and all too often their response to the sheepdog is scorn and disdain. But the sheepdog quietly asks himself, "Do you have and idea how hard it would be to live with yourself if your loved ones were attacked and killed, and you had to stand there helplessly because you were unprepared for that day?"
It is denial that turns people into sheep. Sheep are psychologically destroyed by combat because their only defense is denial, which is counterproductive and destructive, resulting in fear, helplessness and horror when the wolf shows up.
Denial kills you twice. It kills you once, at your moment of truth when you are not physically prepared: you didn't bring your gun, you didn't train. Your only defense was wishful thinking. Hope is not a strategy. Denial kills you a second time because even if you do physically survive, you are psychologically shattered by your fear helplessness and horror at your moment of truth.

Gavin de Becker puts it like this in �Fear Less,� his superb post-9/11 book, which should be required reading for anyone trying to come to terms with our current world situation: "...denial can be seductive, but it has an insidious side effect. For all the peace of mind deniers think they get by saying it isn't so, the fall they take when faced with new violence is all the more unsettling."
Denial is a save-now-pay-later scheme, a contract written entirely in small print, for in the long run, the denying person knows the truth on some level.
And so the warrior must strive to confront denial in all aspects of his life, and prepare himself for the day when evil comes.
If you are warrior who is legally authorized to carry a weapon and you step outside without that weapon, then you become a sheep, pretending that the bad man will not come today. No one can be "on" 24/7, for a lifetime. Everyone needs down time. But if you are authorized to carry a weapon, and you walk outside without it, just take a deep breath, and say this to yourself... "Baa."
This business of being a sheep or a sheep dog is not a yes-no dichotomy. It is not an all-or-nothing, either-or choice. It is a matter of degrees, a continuum. On one end is an abject, head-in-the-sand-sheep and on the other end is the ultimate warrior. Few people exist completely on one end or the other. Most of us live somewhere in between. Since 9-11 almost everyone in America took a step up that continuum, away from denial. The sheep took a few steps toward accepting and appreciating their warriors, and the warriors started taking their job more seriously. The degree to which you move up that continuum, away from sheephood and denial, is the degree to which you and your loved ones will survive, physically and psychologically at your moment of truth.
Lt. Col. Grossman is an expert in the study of violence in war and killing. I first read his work when I took a graduate class on the subject of children and violence; it was refreshing to find research by someone who had both academic expertise and real world experience. After reading this, my overwhelming reaction is, thank God for sheepdogs.

... Fortunately, the responsibility for providing evidence is on the part of the person making the claim, not the critic. It is not the responsibility of UFO skeptics to prove that a UFO has never existed, nor is it the responsibility of paranormal-health-claims skeptics to prove that crystals or colored lights never healed anyone. The skeptic's role is to point out claims that are not adequately supported by acceptable evidcence and to provide plausible alternative explanations that are more in keeping with the accepted body of scientific evidence. ... - Thomas L. Creed, The Skeptical Inquirer, Vol. XII No. 2, pg. 215

How to mount LVM partitions from rescue mode (Fedora/CentOS/RedHat)

Boot your rescue media.
Scan for volume groups:
# lvm vgscan -v
Activate all volume groups:
# lvm vgchange -a y
List logical volumes:
# lvm lvs –all
With this information, and the volumes activated, you should be able to mount the volumes:
# mount /dev/volumegroup/logicalvolume /mountpoint

How to convert RHEL5 to CentOS5

# Determine version and architecture of installed RHEL
cat /etc/redhat-release
uname -i

# Go to working directory
mkdir /root/centos5

cd /root/centos5
# Download the necessary files
wget http://mirror.umd.edu/centos/5.8/os/x86_64/CentOS/centos-release-notes-5.8-0.x86_64.rpm
wget http://mirror.umd.edu/centos/5.8/os/x86_64/CentOS/centos-release-5-8.el5.centos.x86_64.rpm
wget http://mirror.umd.edu/centos/5.8/os/x86_64/CentOS/yum-3.2.22-39.el5.centos.noarch.rpm
wget http://mirror.umd.edu/centos/5.8/os/x86_64/CentOS/yum-fastestmirror-1.1.16-21.el5.centos.noarch.rpm
wget http://mirror.umd.edu/centos/5.8/os/x86_64/CentOS/yum-utils-1.1.16-21.el5.centos.noarch.rpm
wget http://mirror.umd.edu/centos/5.8/os/x86_64/RPM-GPG-KEY-CentOS-5

# Import the rpm gpg signing key
rpm --import RPM-GPG-KEY-CentOS-5

# Remove the following packages
rpm -e --nodeps redhat-release-5Server
rpm -e yum-rhn-plugin rhn-check rhnsd rhn-setup rhn-client-tools rhncfg rhncfg-client rhncfg-actions subscription-manager

# Force install the five rpm files in the working directory
rpm -Uvh --force *.rpm

# Yum update the system
yum update

# Reboot
shutdown -r now

# To avoid confusion later
sed -i 's/Red Hat Enterprise Linux Server/CentOS Server/g' /boot/grub/grub.conf

How to convert RHEL6 to CentOS6

# Remove all the yum metadata from the system
yum clean all

# Make a working directory and go there
mkdir /root/centos
cd /root/centos/

# Check the version and architecture of RHEL 

# currently installed
cat /etc/redhat-release
uname -i

# Download the following 4 RPM files and 1 RPM-GPG-KEY file

# from http://mirror.umd.edu/centos/{VER}/os/{ARCH}/
# In this example, we are converting RHEL 6.1 x86_64. We will 

# use the latest available version of the following packages.

wget http://mirror.umd.edu/centos/6.2/os/x86_64/Packages/centos-release-6-2.el6.centos.7.x86_64.rpm
wget http://mirror.umd.edu/centos/6.2/os/x86_64/Packages/yum-3.2.29-22.el6.centos.noarch.rpm
wget http://mirror.umd.edu/centos/6.2/os/x86_64/Packages/yum-utils-1.1.30-10.el6.noarch.rpm
wget http://mirror.umd.edu/centos/6.2/os/x86_64/Packages/yum-plugin-fastestmirror-1.1.30-10.el6.noarch.rpm
wget http://mirror.umd.edu/centos/6.2/os/x86_64/RPM-GPG-KEY-CentOS-6

# Import the GPG signing key
rpm --import RPM-GPG-KEY-CentOS-6

# Remove the following RPMS from the system
rpm -e --nodeps redhat-release-server
rpm -e yum-rhn-plugin rhn-check rhnsd rhn-setup rhn-setup-gnome
# If the second rpm command fails because a package is not installed, 

# remove the name of that package from
# the command line and re-run the command.

# Force install all 4 RPMS in the working directory
rpm -Uvh --force *.rpm

# Do a yum upgrade. It should go to a CentOS download site and ask 

# to upgrade a lot of packages
yum upgrade

# Reboot the system
shutdown -r now

List all installed perl modules from the command line

perl -MFile::Find=find -MFile::Spec::Functions -Tlw -e 'find { wanted => sub{ print canonpath $_ if /\.pm\z/ }, no_chdir => 1 }, @INC'

In the above example (which is all on one line),

File::Find and File::Spec::Functions module are used to list all installed modules.
-M option loads the module. It executes use module before executing the script
-T option enables taint checking, which instructs perl to keep track of data from the user and avoid doing anything insecure with it. Here this option is used to avoid taking the current directory name from the @INC variable and listing the available .pm files from the directory recursively.
-l option enables automatic line-ending processing in the output. Print statements will have the new line separator (\n) added at the end of each line.
-w option prints any warning messages.
-e option indicates that the following string is to be interpreted as a perl script (i.e., sequence of commands).

mount: could not find any free loop device

You can see what is being used by a loop device with losetup:

  # losetup /dev/loop0
  /dev/loop0: [fd06]:234921356 (/linux/isos/backtrack.iso)

It is possible to increase the number of available loop devices. Free
all loop devices, and add a line with the following to

     options loop max_loop=64

(maximum is 256)

Then, do:  
     rmmod loop && modprobe loop

If you get an error that the module couldn't be removed, you still have loop 
devices in use.

Newer kernels (2.6.21 or 2.6.22) use a dynamic allocation of loop devices, 
so you will only have to create the filesystem representation of the devices:

  for ((i=8;i<64;i++)); do
    [ -e /dev/loop$i ] || mknod -m 0600 /dev/loop$i b 7 $i

Happy Pi Day!

And don’t forget 6:28pm (Tau Time)!

Future Holidays to look forward to:
  • March 14, 2015 = Pi Day (to 4 decimal places)
  • April 4, 2016 = Square Root Day
  • 6:02am on October 23, 2012 = Mole Day (6:02 10/23)

Swap Your Laptop for an iPad + Linode

Here's an excellent Linux Journal Article which talks about using an iPad with a Bluetooth keyboard, to ssh into a Linux host:

The Linux host is a virtualized node in "the cloud":

And the SSH client for iPad can be found here:
iSSH for iPad app: http://itunes.apple.com/us/app/issh-ssh-vnc-console/id287765826?mt=8

I've tried this app on my iPad and I think this works a lot better than I thought it would!

IT Certification Master

I found a new site with lots of IT Certification infomation. It's new, but it looks like a really good start. Check it out here: http://www.itcertificationmaster.com/

Scripting: Is today the last day of the month?

Here's an easy way to check. Very useful when scripting an action (like a backup for example) that needs to happen on the last day of the month.
[ `date --date='next day' +'%B'` == `date +'%B'` ] || echo 'end of month' && echo 'not end of month'

Does MCSA equate to MCITP: Server Administrator and does MCSE equate to MCITP: Enterprise Administrator?

No, not exactly. The MCITP on Windows Server 2008 certification requires a new skill set—in some cases, a more robust one—that differs from the skill set needed for MCSA and MCSE certifications.
  • MCITP: Server Administrator certification covers more operations-related job skills than the MCSA certification.
  • MCITP: Enterprise Administrator maps to an actual job role profile, whereas the MCSE certification does not. The latter combines technology and job skills.

How do I get RHN Satellite Server on RHEL6.2 to authenticate to MS Active Directory on a host with Centrify installed?

My Server has:

Red Hat Enterprise Linux Server 6.2
Red Hat Network Satellite Server 5.4.1
CentrifyDC 5.0.1-177

1. Edit the rhn.conf file:

echo "pam_auth_service = password-auth" >> /etc/rhn/rhn.conf

2. Restart the Satellite Server:   

/usr/sbin/rhn-satellite restart

3. Login to your RHN Satellite web gui

4. Create a new user, as in the following example:
Go to "Users" tab -> "Create New User" -> 

Desired Login*:  centrifyuserid
Desired Password *:  Keep Blank 
Confirm Password *:  Keep Blank
Pluggable Authentication Modules (PAM):  Enable Checkbox 

Pass Firstname , Lastname & email -> click on "Create Login" 
Your user should now be able to login with their AD credentials.
You will still need to specify what permissions they have in 
RHN Satellite.

Migrating from RHEL6 to CentOS6...

Why would anyone ever want to do this???
mkdir TMP
yum remove rhnlib abrt-plugin-bugzilla redhat-release-notes*
rpm -e --nodeps redhat-release redhat-indexhtml
cd TMP
wget http://mirror.centos.org/centos/6/os/x86_64/Pack\
wget http://mirror.centos.org/centos/6/os/x86_64/Pack\
wget http://mirror.centos.org/centos/6/os/x86_64/Pack\
wget http://mirror.centos.org/centos/6/os/x86_64/Pack\
rpm -Uvh *.rpm
cd ..
rm -rf TMP
yum clean all
yum upgrade

How to Migrate from RHEL5 to CentOS5...

# cp /etc/redhat-release /etc/redhat-release-saved
# rpm -e --nodeps redhat-release-notes redhat-release \
yum-rhn-plugin redhat-logos
# rpm -ivh \
CentOS/centos-release-5-5.el5.centos.1.i386.rpm  \
CentOS/centos-release-notes-5.5-0.i386.rpm \
# yum update

How to make a RHEL Auto-Install DVD

This is how I make a bootable Red Hat Enterprise Linux installation DVD, that includes a customized kickstart file. Installation is automatic and no questions are asked. 
Make a directory called ./dvd/

Loop mount the ISO image of the DVD and copy all of its contents (intact) to ./dvd/

Unmount the ISO image.

The kickstart file is named ks.cfg and is placed in the root directory of the DVD.

In the ks.cfg file:


This specifies cdrom as the installation source and causes the machine to power off when done installing, so we can remove the DVD from the drive.

In the isolinux/isolinux.cfg file:

default linux    
prompt 1
timeout 6        
display boot.msg
label linux
  kernel vmlinuz
  append initrd=initrd.img method=cdrom ks=cdrom:/ks.cfg   

Change the timeout to something quicker. The default statement specifies which menu option is selected automatically. In the menu option, we specify cdrom as the installation method, and the location and name of the kickstart file (which has to be named ks.cfg).

Create the new ISO file from the contents of the ./dvd/ directory:

/usr/bin/mkisofs -o dvd.iso -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -R -J -v -T ./dvd/

The -o option lets you name the ISO image file anything you want. 
Copy the resulting dvd.iso file to your PC and burn it to a DVD.

How to create an SSH tunnel for vncviewer

What I'm doing is using a vncviewer to connect to a vncserver, via an intermediary host (such as a firewall), using a SSH Tunnel between HostA and HostC, to encrypt communications.

I have the same unprivileged userid on all three hosts. Also, I used ssh keys for authentication, just to speed things up. Otherwise, you can specify username@host and enter the password when asked.

$ ssh -N -T -X -f HostB.example.com -L 5905:HostC.example.com:5905 --sleep +30m
$ vncviewer localhost:5905 &

Change the “+30m” to however long you want the ssh tunnel to stay open. You can also use “+8h” or “+1d”.

+----------+        +----------------+        +-------------+
| Host A   |        |                |        |   Host C    |
|          |------->|  Host B        |------->| destination |
| vncviewer|        | "intermediary" |        | vncserver   |
+----------+        +----------------+        +-------------+