ZFS selinux centos automount on restart

Selinux does not allow
/etc/init.d/zfs-mount
to auto mount. This is shown in
dmesg or /var/log/messages
as below.
hostname kernel: type=1400 audit(1507795184.331:7): avc:  denied  { open } for  pid=4158 comm="mount.zfs" name="zfs" dev=devtmpfs ino=12977 scontext=system_u:system_r:mount_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=chr_file
hostname kernel: type=1400 audit(1507795660.920:10): avc:  denied  { open } for  pid=4613 comm="mount.zfs" name="zfs" dev=devtmpfs ino=12977 scontext=unconfined_u:system_r:mount_t:s0 tcon

Before proceeding check if zfs/zpool is available but not mounted
zfs get used,compressratio,compression,logicalused
zpool status
Verify it here: In my case, audit was empty.
ls /var/log/audit/
Check for audit.
yum list audit audit-libs
Installed Packages
audit.x86_64           2.4.5-6.el6          @Centos-base
audit-libs.x86_64      2.4.5-6.el6          @Centos-base
The packages were installed OK. In case zfs is running:
service zfs-mount stop
In my case auditd was not running.
service auditd (re)start
create a local folder
su -
mkdir selinux_zfs
cd selinux_zfs
Turn SELinux enforcing mode off for now, and reload the policy so we have a clean slate of access violations
setenforce 0
load_policy
Whatever it was that was getting denied, do it again! In this case the system was trying to mount the ZFS volumes during boot, but we can achieve the same thing with:
service zfs-mount start
Generate a module for this action using audit2allow, feeding it the system audit log:
audit2allow -M zfs_centos69 -l -i /var/log/audit/audit.log
You can name it anything, but try to be a bit specific so you know what it is without having to go to too much trouble. It will be saved to the local directory (hopefully you created a working space?). Turn SELinux enforcing back on and load the new module:
setenforce 1
semodule -i zfs_centos69.pp
Note. There are 2 files in this directory. I do not know what these mean but it works.
zfs_centos69.pp  zfs_centos69.te
Now, restart the machine - ZFS volumes must mount. You can test it with:
service zfs-mount start
Adapted from https://mjanja.ch/2013/03/centos-6-4-with-selinux-enforcing-denies-mount-action-to-glusterd/

oldest to newest file in directory tree and delete each file interactively

oldest to newest file in directory tree and delete each file interactively
find -type f -printf '%T+ %p\n' | sort | cut -c32- | xargs -p -n1 -d '\n' rm
where
-p, --interactive
Prompt the user about whether to run each command line and read a line from the terminal. Only run the command line if the response starts with y or Y.
-n max-args, --max-args=max-args
Use at most max-args arguments per command line.
-d delim 
Input items are terminated by the specified character. Reference: https://superuser.com/questions/1187850/oldest-to-newest-file-in-directory-tree-and-delete-each-file-interactively

Baloo

configure Baloo
$HOME/.kde/share/config/baloofilerc
and set
[Basic Settings]
Indexing-Enabled=true

[General]
exclude filters=autom4te,*.rcore,CTestTestfile.cmake,*.o,*.omf,.hg,*.m4,*.orig,.obj,moc_*.cpp,conftest,.pch,.xsession-errors*,CMakeTmpQmake,*.tmp,qrc_*.cpp,po,.svn,.histfile.*,lzo,.bzr,.git,litmain.sh,cmake_install.cmake,CMakeFiles,*.pc,*.nvram,*.elc,*.la,.moc,CMakeCache.txt,confdefs.h,*.gmo,*.csproj,*.rej,config.status,lost+found,confstat,*.pyc,_darcs,CVS,.uic,*.part,libtool,*.aux,*.po,CMakeTmp,Makefile.am,*.lo,ui_*.h,*.loT,*~,*.moc,*.vm*,*.class,core-dumps
exclude filters version=2
exclude folders[$e]=/data3/,/data2/,/mnt/ISO/,$HOME/Archive/
first run=false
folders[$e]=$HOME/
index hidden folders=true
only basic indexing=true
balooctl disable
And restart
balooctl enable

Disable webrtc in Firefox

Disable webrtc in Firefox. Open
about:config
and set
media.peerconnection.enabled to false
Verify it here: http://net.ipcalf.com/

VPN Uni Frankfurt

Enable VPN under Linux for Goethe Uni Frankfurt
apt-get install  network-manager-openconnect-gnome

















Block Facebook

apt-get install dnsmasq
Verify that the file
 NetworkManager/NetworkManager.conf 
has dnsmasq
[main]
plugins=ifupdown,keyfile,ofono
dns=dnsmasq

[ifupdown]
managed=false
Now Edit
/etc/dnsmasq.d/dnsmasq-block.conf 
Here address block entire domains and server blocks individual servers!
address=/facebook.com/127.0.0.1
address=/facebook.com/127.0.0.1
address=/facebook.com/127.0.0.1
address=/facebook.net/127.0.0.1
address=/facebook.fr/127.0.0.1
address=/facebook.de/127.0.0.1
address=/fb.com/127.0.0.1
address=/fb.me/127.0.0.1
address=/fbcdn.net/127.0.0.1
address=/fbcdn.com/127.0.0.1
address=/tfbnw.net/127.0.0.1
server=/01.sharedsource.org/
Edit
 /etc/dhcp/dhclient.conf
change
#prepend domain-name-servers 127.0.0.1;
to
prepend domain-name-servers 127.0.0.1;
Now restart
service network-manager restart
service dnsmasq restart

get new lists from
https://github.com/tbds/FreeContributor/tree/master/data 
https://github.com/jmdugan/blocklists

Blocking tool for OSX - Creative Commons Attribution-ShareAlike 4.0 International License - from the following webpage
https://www.perpetual-beta.org/weblog/blocking-facebook-on-os-x.html
 
whois -h whois.radb.net '!gAS32934' | tr ' ' ', '
Paste the csv to
table  persist { 204.15.20.0/22, 69.63.176.0/20, 66.220.144.0/20, 66.220.144.0/21 }
block quick to 
load the rules into PF:
sudo pfctl -f /private/etc/pf.conf
This location of this file is /private/etc on my Mac. It might be in a different path on your machine. Use:
sudo find / -name "pf.conf" to locate it.

perl regex

grep "block-link__overlay-link"  clips  > clips1
perl -ne 'while(/\bprogrammes\/\w+/g){print "$&\n";}' clips1