grabed nginx_0.6.31-2_i386.deb from http://packages.debian.org/sid/i386/nginx/download (latest stable build) nginx_*.deb in /var/cache/apt/archives/ installed apt-move configured in /etc/apt-move.conf...make sure the path matches the path you're adding in the /etc/apt/sources.list added file:// to /etc/apt/sources.list (get this detail from file) ran 'apt-move update' you may need to move to a directory where the .deb file is ran 'dpkg -i nginx_0.6.31-2_i386.deb'.
sudo apt-get install update-manager-core sudo do-release-upgrade (optional) sudo update-grub sudo restart lsb_release -a cat /etc/centos-release
cp /boot/grub/menu.lst /boot/grub/menu.lst.bkup vi /boot/grub/menu.lstdefault <num>
simply remove the kernel-images you don't want using apt-get, aptitude or whatever front end you choose: "aptitude remove (purge, I like) linux-image-2.6.20-15-386-generic" or whatever the name is. Once you removed what you want, I think just running "sudo grub-update" will take care of menu.list located in /boot/grub/ and you shouldn't have to edit the file. If you use lilo(prob not)you may have to edit lilo but it's been a while since I've used lilo. Hey, I'm no expert but I've done this before and it worked so I wouldn't be afraid to try. If I'm all wet on this then let the experts chime in. If grub update leaves some residue of removed kernels, I'd just remove the residue. As far as what to keep, don't really have any idea but the oldest kernel-image I have is a 2.6.20-15. The one I use is 2.6.20-16-lowlatency #2 SMP PREEMPT on a 2000 era Dell Dimensions desktop. I keep one or two extra kernels just in case one fails. apt-get runs update-grub automatically, but consider running /usr/sbin/update-grub as opposed to /sbin/update-grub...
--set-selections--set-selections--set-selections--set-selections--set-selectionsuname -a cat /etc/issue lsb_release -a cat /etc/lsb-release
The basics for any network based on *nix hosts is the Transport Control Protocol/ Internet Protocol (TCP/IP) combination of three protocols. This combination consists of the Internet Protocol (IP),Transport Control Protocol (TCP), and Universal Datagram Protocol (UDP).
By default, most of the users configure their network card during the installation of Ubuntu. You can however, use the ifconfig command at the shell prompt or Ubuntu's graphical network configuration tools, such as network-admin, to edit your system's network device information or to add or remove network devices on your system.
You can configure a network interface from the command line using the networking utilities. You configure your network client hosts with the command line by using commands to change your current settings or by editing a number of system files.
If you want to configure DHCP address you need to edit the /etc/network/interfaces and you need to enter the following lines replace eth0 with your network interface card
sudo vi /etc/network/interfaces
# The primary network interface - use DHCP to find our address
auto eth0
iface eth0 inet dhcp
sudo dhclient -v -r eth0 sudo dhclient -v eth0 OR sudo dhclient -v -r sudo dhclient -v
If you want to configure Static IP address you need to edit the /etc/network/interfaces and you need to enter the following lines replace eth0 with your network interface card
sudo vi /etc/network/interfaces
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.3.90
gateway 192.168.3.1
netmask 255.255.255.0
network 192.168.3.0
broadcast 192.168.3.255
IF THIS DOESN'T WORK, TAKE A LOOK AT (e.g. you're using Ubunbu/Mint network applet), check out /etc/NetworkManager/system-connections/ for your configured connection
[802-3-ethernet] duplex=full mac-address=00:11:22:33:44:55 [connection] id=Wired connection 2 uuid=12345678-1234-abcd-efgh-1234567890ab type=802-3-ethernet timestamp=1379955267 [ipv6] method=auto [ipv4] method=manual address1=169.1.2.3/32,0.0.0.0
After entering all the details you need to restart networking services using the following command
sudo /etc/init.d/networking restart
ORsudo ifdown eth0:1 && sudo ifup eth0:1
If you were DHCP, and restart doesn't work (e.g. you get a 'RTNETLINK answers: File exists' or some other weird error), try rebooting the box.
If you are a server system administrator or normal user some time you need to assign a second ipaddress to your Ubuntu machine.For this you need to edit the /etc/network/interfaces file and you need to add the following syntax.Below one is the only example you need to chnage according to your ip address settings
sudo vi /etc/network/interfaces
auto eth0:1
iface eth0:1 inet static
address 192.168.1.60
netmask 255.255.255.0
network x.x.x.x
broadcast x.x.x.x
gateway x.x.x.x
You need to enter all the details like address,netmask,network,broadcast and gateways values after entering all the values save this file and you need to restart networking services in debian using the following command to take effect of our new ipaddress.
After entering all the details you need to restart networking services using the following command
sudo /etc/init.d/networking restart
ORsudo ifdown eth0:1 && sudo ifup eth0:1
Setting up your hostname upon a ubuntu installation is very straightforward. You can directly query, or set, the hostname with the hostname command.
As an user you can see your current hostname with
sudo /bin/hostname
Example
To set the hostname directly you can become root and run
sudo /bin/hostname newname
When your system boots it will automatically read the hostname from the file /etc/hostname
If you want to know more about how to setup host name check here
When it comes to DNS setup Ubuntu doesn't differ from other distributions. You can add hostname and IP addresses to the file /etc/hosts for static lookups.
To cause your machine to consult with a particular server for name lookups you simply add their addresses to /etc/resolv.conf.
For example a machine which should perform lookups from the DNS server at IP address 192.168.3.2 would have a resolv.conf file looking like this
sudo vi /etc/resolv.conf
enter the following details
search test.com
nameserver 192.168.3.2
apt-get install miredo
sudo add-apt-repository ppa:gwendal-lebihan-dev/cinnamon-stable sudo apt-get update sudo apt-get install cinnamon
Using medibuntu Repository
Medibuntu (Multimedia, Entertainment & Distractions In Ubuntu) is a repository of packages that cannot be included into the Ubuntu distribution for legal reasons (copyright, license, patent, etc).
Add gpg key using the following command
wget -q http://packages.medibuntu.org/medibuntu-key.gpg -O- | sudo apt-key add -
Edit sources.list with new repo data
sudo wget http://medibuntu.sos-sts.com/sources.list.d/feisty.list -O /etc/apt/sources.list.d/medibuntu.list
Update the source list using the following command
sudo apt-get update
Install acrobat reader with firefox plugin in Ubuntu
sudo apt-get install acroread mozilla-acroread acroread-plugins
This will complete the installation
If you want top open acrobat reader go to Applications -> Office -> Adobe Reader
Using cups-pdf, here's how I did this: $ sudo apt-get install cups-pdf (May already be there.) Add a new printer (system -> administration -> printing), select the "Print into PDF File" and click Forward. Select "Generic" under Makes, and click Forward. For Models I used "PDF File Generator." Give you new PDF printer a name, description (optional) and location (optional). Click Apply. The output gets stored in $HOME/PDF, and unfortunately you don't get to pick the file name on creation.
| Run-levels | Description |
|---|---|
| 0 | halt/poweroff |
| 1 | single-user |
| 2 | multi-user |
| 3 | user defined |
| 4 | user defined |
| 5 | user defined |
| 6 | reboot |
| S | single user |
#/etc/rc2.d/S99rc.local
#! /bin/sh
PATH=/sbin:/bin:/usr/sbin:/usr/bin
[ -f /etc/default/rcS ] && . /etc/default/rcS
. /lib/lsb/init-functions
do_start() {
if [ -x /etc/rc.local ]; then
log_begin_msg "Running local boot scripts (/etc/rc.local)"
/etc/rc.local
log_end_msg $?
fi
}
case "$1" in
start)
do_start
;;
restart|reload|force-reload)
echo "Error: argument '$1' not supported" >&2
exit 3
;;
stop)
;;
*)
echo "Usage: $0 start|stop" >&2
exit 3
;;
esac
Section "ServerFlags"
Option "BlankTime" "0"
EndSection
| -h, -help | Show summary of options. |
| -V, -version | Show version of program. |
| -e, -endding | Don't change the vendor bytes. |
| -a, -another | Set random vendor MAC of the same kind. |
| -A | Set random vendor MAC of any kind. |
| -r, -random | Set fully random MAC. |
| -l, -list[=keyword] | Print known vendors (with keyword in the vendor's description string) |
| -m, --mac XX:XX:XX:XX:XX:XX | Set the MAC XX:XX:XX:XX:XX:XX |
If you forgot you password for your ubuntu system you can recover using the following steps Turn your computer on. Press ESC at the grub prompt. Press e for edit. Highlight the line that begins kernel....... press e Go to the very end of the line, add rw init=/bin/bash press enter, then press b to boot your system. Your system will boot up to a passwordless root shell. Type in passwd username Set your password. Type in reboot
Microsoft Compiled HTML Help is a proprietary format for online help files, developed by Microsoft and first released in 1997 as a successor to the Microsoft WinHelp format.
You can use either kchmviewer or gnochm or xchm.
kchmviewer from KDE
kchmviewer is a CHM (Winhelp) files viewer written in Qt/ KDE. It can be build as a stand-alone Qt-based application or a KDE application. The main point is compatibility with non-English CHM files, including most international character sets. It has the features set of standard viewer: search (including non-English CHMs), bookmarking, font size changing, index/content browsing, codepage support, and more.
Install kchmviewer Using the following command
sudo aptitude install kchmviewer
gnochm from Gnome
GnoCHM is a CHM file viewer for GNOME. It is implemented in Python, using the PyCHM bindings for chmlib.
Install gnochm Using the following command
sudo aptitude install gnochm
xchm
xCHM is a cross-platform GUI front-end to chmlib, with borrowed bits from Pabs' chmdeco project. Originally written for UNIX systems (Linux, *BSD, Solaris), xCHM has been since ported to Mac OS X and Windows.
xCHM can show the content tree if one is available, print pages, change font face and size, remember bookmarks, display a searchable index, and search for words in the current page and the whole book.
Install gnochm Using the following command
sudo aptitude install xchm
openssl s_client -connect:636 -showcerts
View PEM encoded certificate ---------------------------- openssl x509 -in cert.pem -text -noout openssl x509 -in cert.cer -text -noout openssl x509 -in cert.crt -text -noout If you get the folowing error it means that you are trying to view a DER encoded certifciate and need to use the commands in the “View DER encoded certificate below” unable to load certificate 12626:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE View DER encoded Certificate View DER encoded Certificate ---------------------------- openssl x509 -in certificate.der -inform der -text -noout If you get the following error it means that you are trying to view a PEM encoded certificate with a command meant for DER encoded certs. Use a command in the “View PEM encoded certificate above unable to load certificate 13978:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN: wrong tag:tasn_dec.c:1306:13978:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:380:Type=X509
openssl genrsa -des3 -out server.key 2048 openssl rsa -in server.key -out server.key.insecure mv server.key server.key.secure mv server.key.insecure server.key openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
sudo cp server.crt /etc/ssl/certs sudo cp server.key /etc/ssl/private
vi /etc/ssh/sshd_config Port 1984 PermitRootLogin no #only allow ssh v2 protocol 2 PermitEmptyPasswords no #Allow only following users to login using ssh AllowUsers joe #user has to login in 30 seconds LoginGraceTime 30 #Disconnect ssh with 5 minutes no activity ClientAliveInterval 600 ClientAliveCountMax 0 # Turn on privilege separation UsePrivilegeSeparation yes # Prevent the use of insecure home directory and key file permissions StrictModes yes # Turn on reverse name checking # VerifyReverseMapping yes # Do you need port forwarding? AllowTcpForwarding no X11Forwarding no # Specifies whether password authentication is allowed. The default is yes. # PasswordAuthentication no #The option ServerKeyBits specifies how many bits to use in the server key. These bits are used when the daemon starts to generate its RSA key. ServerKeyBits 1024 HostbasedAuthentication no IgnoreRhosts yes #The option IgnoreRhosts specifies whether rhosts or shosts files should not be used in authentication. For security reasons it is recommended to no use rhosts or shosts files for authentication. IgnoreUserKnownHosts yes #The option IgnoreUserKnownHosts specifies whether the ssh daemon should ignore the user's $HOME/.ssh/known_hosts during RhostsRSAAuthentication. StrictModes yes #The option StrictModes specifies whether ssh should check user's permissions in their home directory and rhosts files before accepting login. This option must always be set to yes because sometimes users may accidentally leave their directory or files world-writable. X11Forwarding no #The option X11Forwarding specifies whether X11 forwarding should be enabled or not on this server. Since we setup a server without GUI installed on it, we can safely turn this option off. PrintMotd yes #The option PrintMotd specifies whether the ssh daemon should print the contents of the /etc/motd file when a user logs in interactively. The /etc/motd file is also known as the message of the day. SyslogFacility AUTH #The option SyslogFacility specifies the facility code used when logging messages from sshd. The facility specifies the subsystem that produced the message--in our case, AUTH. LogLevel INFO #The option LogLevel specifies the level that is used when logging messages from sshd. INFO is a good choice. See the man page for sshd for more information on other possibilities. RhostsAuthentication no #The option RhostsAuthentication specifies whether sshd can try to use rhosts based authentication. Because rhosts authentication is insecure you shouldn't use this option. RhostsRSAAuthentication no #The option RhostsRSAAuthentication specifies whether to try rhosts authentication in concert with RSA host authentication. RSAAuthentication yes #The option RSAAuthentication specifies whether to try RSA authentication. This option must be set to yes for better security in your sessions. RSA use public and private key pairs created with the ssh-keygen1utility for authentication purposes. #the following copied from https://calomel.org/openssh.html. Banner /etc/banner #ChallengeResponseAuthentication no Ciphers aes256-ctr,aes192-ctr,aes128-ctr ClientAliveInterval 60 ClientAliveCountMax 3 Compression no GatewayPorts no #LogLevel VERBOSE #LoginGraceTime 50s MACs hmac-sha2-512-96,hmac-sha2-512,hmac-sha2-256-96,hmac-sha2-256,hmac-sha1-96,hmac-sha1 MaxAuthTries 6 #10 bad logins before 30% drop linearly, all at 30 MaxStartups 10:30:30 PasswordAuthentication yes PermitEmptyPasswords no #PermitOpen localhost:80 PermitRootLogin no PermitUserEnvironment no PidFile /var/run/sshd.pid PrintLastLog yes PrintMotd no PubkeyAuthentication yes StrictModes yes Subsystem sftp /usr/libexec/sftp-server SyslogFacility AUTH #spoofable tcp ack? TCPKeepAlive no #only useful for old rsh configs UseDNS no UseLogin no UsePrivilegeSeparation yes X11DisplayOffset 10 X11Forwarding no X11UseLocalhost yes #Match User anoncvs # X11Forwarding no # AllowTcpForwarding no #install DenyHosts #install OpenSSHGateKeeper with Google Authenticator # Verify your sshd_config file before restarting / reloading changes: /usr/sbin/sshd -t sudo service ssh restart sudo restart ssh tail -f /var/log/auth.log ssh -v username@host (shows verbose logging locally)
vi /etc/ssh/sshd_config PermitRootLogin no adduser <anewusername> mkdir /home/<anewusername> chown <anewusername> /home/<anewusername> passwd <anewusername> usermod -aG sudo <anewusername> /etc/init.d/ssh restart
sudo gedit /etc/default/bootlogd # Run bootlogd at startup ? BOOTLOGD_ENABLE=No (change to yes) /var/log/boot will be createdThis also doesn't work
update-rc.d -f bootlogd remove update-rc.d bootlogd defaults /var/log/boot should populate
in ~/Desktop (sample shortcut file to run /usr/bin/nautilus) #!/usr/bin/env xdg-open [Desktop Entry] Version=1.0 Type=Application Terminal=false Icon[en_US]=nautilus Name[en_US]=/usr/bin/nautilus Exec=/usr/bin/nautilus Name=/usr/bin/nautilus Icon=nautilus
sudo apt-get install tomcat7 vi /etc/tomcat7/server.xml (change ports?) vi /etc/tomcat7/tomcat-users.xml (add admin user if you need to custom configure)sudo apt-get install tomcat7-docs http://yourserver:8080/docs sudo apt-get install tomcat7-admin http://yourserver:8080/manager/html (server status / restart webapps) http://yourserver:8080/host-manager/html (create virtual hosts) sudo apt-get install tomcat7-examples http://yourserver:8080/examples enable admin application deployment, virtual host creation ---------------------------------------------------------- sudo chgrp -R tomcat7 /etc/tomcat7 sudo chmod -R g+w /etc/tomcat7 restarting tomcat sudo service tomcat7 restart
This is the default Tomcat home page. It can be found on the local filesystem at: /var/lib/tomcat7/webapps/ROOT/index.html
Tomcat7 veterans might be pleased to learn that this system instance of Tomcat is installed with CATALINA_HOME in /usr/share/tomcat7 and CATALINA_BASE in /var/lib/tomcat7, following the rules from /usr/share/doc/tomcat7-common/RUNNING.txt.gz.
You might consider installing the following packages, if you haven't already done so:
tomcat7-docs: This package installs a web application that allows to browse the Tomcat 7 documentation locally. Once installed, you can access it by clicking here.
tomcat7-examples: This package installs a web application that allows to access the Tomcat 7 Servlet and JSP examples. Once installed, you can access it by clicking here.
tomcat7-admin: This package installs two web applications that can help managing this Tomcat instance. Once installed, you can access the manager webapp and the host-manager webapp.
NOTE: For security reasons, using the manager webapp is restricted to users with role "manager-gui". The host-manager webapp is restricted to users with role "admin-gui". Users are defined in /etc/tomcat7/tomcat-users.xml.
auto lo
iface lo inet loopback
iface eth0 inet dhcp
allow-hotplug wlan0
auto wlan0
iface wlan0 inet dhcp
wpa-ssid "ssid"
wpa-psk "password"auto lo iface lo inet loopback iface eth0 inet dhcp auto wlan0 allow-hotplug wlan0 iface wlan0 inet dhcp wpa-scan-ssid 1 wpa-ap-scan 1 wpa-key-mgmt WPA-PSK wpa-proto RSN WPA wpa-pairwise CCMP TKIP wpa-group CCMP TKIP wpa-ssid "My Secret SSID" wpa-psk "My SSID PSK" iface default inet dhcp
yum install net-tools ip addr show (should see loopback and dhcp should have provided ip addr)
cd /etc/sysconfig/network-scripts dir or ls -aF vi <ifcfg-(interface)> (You should be able to get interface anme from ip addr show above.)TYPE=Ethernet BOOTPROTO=none (dhcp ... if dhcp) IPADDR = "[Enter your static IP here]" PREFIX="number of bits in subnet mask" GATEWAY = "[Enter your Default Gateway]" DNS1 = "[Your Domain Name System 1]" DNS2 = "[Your Domain Name System 2]" ONBOOT=yesservice network restart ip addr show ping mit.edu set hostname vi /etc/hostname (set hostname if nec) echo $hostname ---fix dns /etc/resolv.conf and nmtui , nmcli yum update && yum upgrade (say y) yum install lync (or links) ###rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm ---mod ssh--- ---put in whatever port you need to allow thru fw firewall-cmd --zone=public --add-port=8080/tcp --permanent firewall-cmd --zone=public --remove-port=8080/tcp --permanent # firewall-cmd --reload
su - OR sudo -i (Devices/Install Guest Additions menu to mount ISO for install) cd /media/VirtualBoxGuestAdditions yum update kernel reboot su - rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm yum install gcc kernel-devel kernel-headers dkms make bzip2 perl KERN_DIR=/usr/src/kernels/`uname -r` (command line and .bashrc) export KERN_DIR (command line and .bashrc) cd /media/VirtualBoxGuestAdditions ./VBoxLinuxAdditions.run reboot
yum install <program> yum localinstall ... (installs downloaded rpm) yum upgrade yum check-update (check what is available before upgrading) yum localupdate yum remove yum search <string> yum list installed|available|updates|extras|recent yum info <program/package> yum groupinstall (install package groups) yum groupupdate yum groupremove yum groupinfo <group package>
yum -y clean yum -y check-update yum -y check-update | grep kernel (looking for kernel updates) yum -y update kernel yum -y update
# cd /etc/sysconfig/network-scripts/ # dir ifcfg* ifcfg-eno16777736 ifcfg-lo # vi ifcfg-eno16777736 TYPE="Ethernet" BOOTPROTO="static" DEFROUTE="yes" PEERDNS="yes" PEERROUTES="yes" IPV4_FAILURE_FATAL="no" IPADDR=192.168.160.39 NETMASK=255.255.255.0 IPV6INIT="yes" IPV6_AUTOCONF="yes" IPV6_DEFROUTE="yes" IPV6_PEERDNS="yes" IPV6_PEERROUTES="yes" IPV6_FAILURE_FATAL="no" NAME="eno16777736" DNS1=192.168.160.2 UUID="c6ce7134-1d2d-4265-81c6-ee31d52a60be" DEVICE="eno16777736" ONBOOT="yes"
#vi /etc/sysconfig/network #(add) NETWORKING=yes HOSTNAME=dahostname GATEWAY=192.168.160.2
systemctl status network.service systemctl restart network.service
cp /etc/resolv.conf.backup /etc/resolv.conf
ip link set dev eth0 mtu 1350 vi /etc/sysconfig/network-scripts/ifcfg-eth0 (add MTU=1350) service network restart eth0 ip link list ifconfig eth0
cd ~ mv .gconf .gconf.old (???gnome should reset???) ---SIMILAR FOR XFCE--- mv .config/xfce4 config_xfce4.old (xfce should recreate default version)
xrdb $HOME/.Xresources #probably don't need this for gnome xsetroot -solid grey x-terminal-emulator -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" & #this was in the original #x-window-manager & #taken from http://blog.yclian.com/2007/12/3-solutions-to-gnomevnc-keyboard.html #run the following in xstartup manually...things are still ugly #gnome-wm & #gnome-panel & #gnome-cups-icon & #gnome-volume-manager & #taken from http://blog.yclian.com/2007/12/3-solutions-to-gnomevnc-keyboard.html #run gconf-editor #navigate to desktop > gnome > peripherals > keyboard > kbd #replace [] or [us] with anything - say [foo] #close app - problem fixed #---alternate--- #gconftool --set /desktop/gnome/peripherals/keyboard/kbd/layouts --type List --list-type String [foo] gnome-session &
got this from Ubuntu Geek
You need to run the following command
you might not see anything, or, if you.re like me, you.ll see about 2 000 files. you.ll probably want to delete them or simply .empty. the trash.
locate defaults.list vi the files here to modify defaults at various levels
GUI FTP Clients Gftp Filezilla Kasablanca Fireftp KFTPgrabber WinSCP on WINE GNOME Commander Sitecopy FileRunner konqueror Command line FTP Clients Ftp Cftp Lftp Ftpcopy Ncftp Tnftp GNU Midnight Commander Yafc Ftp-ssl
> df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/VG0-LV0 27G 3.2G 22G 13% / tmpfs 939M 0 939M 0% /dev/shm /dev/sda1 380M 99M 261M 28% /boot > du -h 140K ./bkup 36K ./5508old 8.0K ./.vim 56K ./.ssh 344K ./bin_redhat 32K ./ucxn 8.1M .
| watch -n1 -d ls -l |
-nN runs every N seconds (2 is default) -d highlights changes |
| watch -n1 -d=cumulative ls -l | -d=cumulative will maintain changes highlighted on the screen |
| watch -d=cumulative -n1 ls -lt /var/log | watch log dir for changes |
| watch -n60 from | watch for new email |
| watch -n10 free -m | monitor free memory |
| watch -n1 -d 'netstat -an | grep ESTABLISHED' | monitor established connections |
tom ALL=ALL # gives tom access to do everything after a pw entry tom ALL=NOPASSWD:ALL # gives tom access to do everything with no pw
cat /proc/meminfo
free cat /proc/swaps vmstat (watch si (swap in) and so (swap out)) vmstat 1 (watch it every second) vmstat 1 5 (watch it every second for 5 iterations)
If you want to tell init to change run levels, use the telinit command. For example, to switch from the current run level to single-user mode, change to a text window (Ctrl+Alt+F1) and use sudo telinit 1 or sudo telinit s. Running the shutdown command is similar to running sudo telinit 0. Run-level 0 is the shutdown mode.
The file /etc/inittab tells init what to do at each run level, what processes to spawn, and how to handle hardware signals such as Ctrl+Alt+Delete, Alt+UpArrow, and power modes such as low battery. After modifying the inittab, you will need to tell init to re-examine (query) the file. This is done using telinit q.
ps -ef | grep acpid (note exact cmdline exec'ed)
kill <pid>
/usr/sbin/acpid <exact cmdline args> -d
(turn on debug)
(once lines settled - press key of interest)
...
12 acpid: completed event "ibm/hotkey HKEY 0000080 00001007"
...
xrandr -q (list screen chars)
| Directory | Description |
| /etc/cron.d/ | Put all scripts here and call them from /etc/crontab file. |
| /etc/cron.daily/ | Run all scripts once a day |
| /etc/cron.hourly/ | Run all scripts once an hour |
| /etc/cron.monthly/ | Run all scripts once a month |
| /etc/cron.weekly/ | Run all scripts once a week |
| Special string | Meaning |
| @reboot | Run once, at startup. |
| @yearly | Run once a year, "0 0 1 1 *". |
| @annually | (same as @yearly) |
| @monthly | Run once a month, "0 0 1 * *". |
| @weekly | Run once a week, "0 0 * * 0". |
| @daily | Run once a day, "0 0 * * *". |
| @midnight | (same as @daily) |
| @hourly | Run once an hour, "0 * * * *". |
MAILTO="JoeUser@domain.com" 0 3 * * * /usr/local/backup.sh 0 4 * * * /usr/local/donothing.sh >/dev/null 2>&1
[1] http://wiki.wireshark.org/Development/PrivilegeSeparation
[2] http://wiki.wireshark.org/CaptureSetup/CapturePrivileges
[3] https://blog.wireshark.org/2010/02/running-wireshark-as-you
[4] http://wiki.wireshark.org/SNMP
[5] http://wiki.debian.org/NonFreeIETFDocuments
[6] http://www.debian.org/doc/debian-policy/ch-archive.html#s-non-free
[7] http://www.debian.org/doc/debian-policy/ch-archive.html#s-main
-----------------------------------------------------
copy of /usr/share/doc/wireshark-common/README.Debian
I. Capturing packets with Wireshark/Tshark
There are two ways of installing Wireshark/Tshark on Debian:
I./a. Installing dumpcap without allowing non-root users to capture packets
Only root user will be able to capture packets. It is advised to capture
packets with the bundled dumpcap program as root and then run
Wireshark/Tshark as an ordinary user to analyze the captured logs. [2]
This is the default on Debian systems.
I./b. Installing dumpcap and allowing non-root users to capture packets
Members of the wireshark group will be able to capture packets on network
interfaces. This is the preferred way of installation if Wireshark/Tshark
will be used for capturing and displaying packets at the same time, since
that way only the dumpcap process has to be run with elevated privileges
thanks to the privilege separation[1].
Note that no user will be added to group wireshark automatically, the
system administrator has to add them manually.
The additional privileges are provided using the Linux Capabilities
system where it is available and resort to setting the set-user-id bit
of the dumpcap binary as a fall-back, where the Linux Capabilities system
is not present (Debian GNU/kFreeBSD, Debian GNU/Hurd).
Linux kernels provided by Debian support Linux Capabilities, but custom
built kernels may lack this support. If the support for Linux
Capabilities is not present at the time of installing wireshark-common
package, the installer will fall back to set the set-user-id bit to
allow non-root users to capture packets.
If installation succeeds with using Linux Capabilities, non-root users
will not be able to capture packets while running kernels not supporting
Linux Capabilities.
Note that capturing USB packets is not enabled for non-root users by using
Linux Capabilities. You have to capture the packets using the method
described in I./a., setting the set-user-id permanently using
dpkg-statoverride or running Wireshark as root.
The installation method can be changed any time by running:
dpkg-reconfigure wireshark-common
II. Installing SNMP MIBs
SNMP [4] OIDs can be decoded using MIBs provided by other packages.
wireshark-common suggests snmp-mibs-downloader which package can be used to
download a set of common MIBs Wireshark/Tshark tries to load at startup.
At the time of writing, MIBs are distributed under DFSG incompatible terms
[5] thus snmp-mibs-downloader has to be in the non-free archive area.
To keep wireshark in the main area [7], wireshark-common does not depend on
or recommend snmp-mibs-downloader and as a result snmp-mibs-downloader is
not installed automatically with wireshark.
To make Wireshark/Tshark able to decode OIDs, please install
snmp-mibs-downloader manually.
To help Wireshark/Tshark to decode OIDs without having to install packages
manually, please support the initiative of requesting additional rights
from RFC authors [5].
[1] http://wiki.wireshark.org/Development/PrivilegeSeparation
[2] http://wiki.wireshark.org/CaptureSetup/CapturePrivileges
[3] https://blog.wireshark.org/2010/02/running-wireshark-as-you
[4] http://wiki.wireshark.org/SNMP
[5] http://wiki.debian.org/NonFreeIETFDocuments
[6] http://www.debian.org/doc/debian-policy/ch-archive.html#s-non-free
[7] http://www.debian.org/doc/debian-policy/ch-archive.html#s-main
| tshark -f '(tcp port 23)' | (capture filter) |
| tshark -R ip.addr==192.168.1.10 | (read/display filter) |
| tshark -R http.response.code == 404 | (any dissector will work) |
| tshark -R http.cookie contains "sessionid" | |
| tshark -R ip and ip.geoip.country == "China" | (Use GeoIP to query MaxMind Geo IP database for country filter data) |
| tshark -w outfile.bin -S | (save raw output to outfile.bin) |
| (Decode/display packets simultaneously) | |
| tshark -r outfile.bin -V | (read input from outfile.bin) |
| (Display packet details (not summary)) | |
| tshark -i eth0 -b filesize:10240 -b files:1000 -w if-eth0 | (store a ring buffer with 1000 files 10MB each with timestamped filenames) (files can be merged with mergecap) |
tcpdump -i eth0 -n | grep SIP | grep <ipaddr> tcpdump -w filename.pcap -s0 -vvv -e -n -i eth0 host <ipaddr> tcpdump -w filename2.pcap -s0 -vvv -e -n -i eth0 port 5060
If you need to make changes, edit /etc/postfix/main.cf (and others) as needed. To view Postfix configuration values, see postconf(1). After modifying main.cf, be sure to run '/etc/init.d/postfix reload'.
| /dev/ | /media/floppy0 | auto | rw,user,noauto | 0 | 0 |
| /dev/sdb1 | /media/usbdrive | auto | rw,nosuid,dev,exec,auto,nouser,async | 0 | 2 |
| /dev/sdb1 | /media/usbfat32drive | vfat | rw,nosuid,dev,exec,auto,nouser,async,nobootwait,umask=007,uid=1000 | 0 | 2 (nobootwait doesn't wait for disk to mount in event of failure - allows Ubuntu to boot up without intervention, umask is inverse permission bits, uid is owner) |
| block device | mount point | filesystem type | mount options. defaults is rw, suid, dev, exec, auto, nouser, async. | does fs have to be dumped, 0 or blank is no | order of filesystem should fsck check. root should be 1. other should be 2 or greater. 0 or blank is don't check |
lsof
dmesg (to see where usb drive is) fdisk /dev/sdb (assuming the usb drive is at /dev/sdb) p (print the partition table) d (delete the partition table) n (create a new partition - follow prompts) t (change partition's system ID - b is FAT32) w (write and exit) mkdosfs -F 32 -v /dev/sdb1 (assuming dostools are loaded, -F makes it FAT32, -v verbose) (if necessary...) dosfsck -a -w -v /dev/sdb1 (-a automatically fix, -w auto write changes, -v verbose) (re-label) sudo mlabel -i /dev/sdb1 -s ::newlable (make the label) blkid (check the label)
fdisk
n (to make a new partition . will prompt for cylinders)
p (to print partitions (including those to be written)
w (to write to the partition table)
fdisk -l (lists partitions)
sfdisk -l (lists partitions)
parted
gnu - using parted
sudo lshw -C disk
[sudo] password for user:
...
*-disk:1
description: SCSI Disk
physical id: 0.1.0
bus info: scsi@2:0.1.0
logical name: /dev/sdb
size: 450GiB (483GB)
capabilities: partitioned partitioned:dos
configuration: sectorsize=512 signature=abcdefgh
...
sudo fdisk /dev/sdb
...
Command (m for help): n
Partition type:
p primary (0 primary, 0 extended, 4 free)
e extended
Select (default p): p
Partition number (1-4, default 1):
Using default value 1
First sector (2048-943718399, default 2048):
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-943718399, default 943718399):
Using default value 943718399
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.
...
sudo mkfs -t ext4 /dev/sdb1
mke2fs 1.42.9 (4-Feb-2014)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
29491200 inodes, 117964544 blocks
5898227 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=4294967296
3600 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624, 11239424, 20480000, 23887872, 71663616, 78675968,
102400000
Allocating group tables: 0/3600 done
Writing inode tables: 0/3600 done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: 0/3600 done
cat /etc/fstab
...
/dev/sdb1 /drv ext4 rw,nosuid,dev,exec,auto,nouser,async,nobootwait 0 2
sudo mkdir /drv
sudo mount -a
chown -R daowner /drv
sudo chmod -R 755 /drv
sudo mount -t vboxsf dashare /mnt/dashare /etc/fstab entry dashare /mnt/dashare vboxsf rw,nosuid,dev,noexec,auto,nouser,async,uid=1000,gid=1000 0 0 1000 is first user ID... consider uid=0,gid=0 (root) if you want everyone on system to access.
mdadm --remove /dev/md0 /dev/sda1 halt (replace disk and start the machine) mdadm --add /dev/md0 /dev/sda1
cat /proc/mdstat (drive shows up as (U_) or (_U) ) mdadm --manage /dev/md0 --fail /dev/sdb1 (or whtevr drive is) cat /proc/mdstat mdadm --manage /dev/md0 --remove /dev/sdb1 cat /proc/mdstat (power down and replace hd) #create identical partitioning sfdisk -d /dev/sda | sfdisk /dev/sdb fdisk -l (is partitioning the same) mdadm --manage /dev/md0 --add /dev/sdb1 cat /proc/mdstat (you should see the drives synchronizing)
dd_rhelp /dev/KANGARU /KANGARU-bkup.img OR maybe dd_rhelp /dev/sda1 /KANGARU-bkup.img (also look at dd_rescue and ddrescue) fsck -y /KANGARU-bkup.img OR dosfsck -y /KANGARU-bkup.img (there are different types of fsck) mkdir /dev/recoverydata mount /KANGARU-bkup.img /dev/recoverydata/ -o ro,loop -t vfat (copy everything to new directory)
genisoimage -joliet-long -iso-level 4 -o dvd.iso -R -J dvdsourcdir -joliet-long allows up to 103 Unicode chars -iso-level 4 dirs not limited to 8 levels no need for file to contain a dot dots have no special meanings filenames do not have version numbers filenames can be up to 207 chars long, or 197 chars if Rock Ridge is used -o dvd.iso outputs to dvd.iso -R Rock Ridge extensions (linux/unix) -J Joliet extensions (windows) dvdsourcdir input directory
| CR | 0x0d | ^M |
| LF | 0x0a | ^J |
/sbin/service cups stop
If you get random install messages, try using the vmware-any-any-tool available from http://ftp.cvut.cz/vmware/, or http://groups.google.com/group/vmkernelnewbies/files.
Additional References
include/asm/bitops_32.h:9:2: error: #error onlycan be included directly
sudo apt-get install build-essential linux-headers-$(uname -r) (looking for [kernelsource path]/include/linux/version.h, it.s not there.) sudo ln -s /usr/src/linux-headers-$(uname -r)/include/generated/uapi/linux/version.h /usr/src/linux-headers-$(uname -r)/include/linux/version.h (re-install vmware-tools) sudo ./vmware-install.pl
You must restart your X session before any mouse or graphics changes take effect. You can now run VMware Tools by invoking "/usr/bin/vmware-toolbox-cmd" from the command line or by invoking "/usr/bin/vmware-toolbox" from the command line during an X server session. To enable advanced X features (e.g., guest resolution fit, drag and drop, and file and text copy/paste), you will need to do one (or more) of the following: 1. Manually start /usr/bin/vmware-user 2. Log out and log back into your desktop session; and, 3. Restart your X session.
Example line: account required pam_stack.so service=system-auth
ftpasswd --passwd --file=/usr/local/etc/ftpd/passwd --name=bob --uid=1001 --home=/home/bob --shell=/bin/false /etc/proftpd.conf put AuthUserFile into /etc/proftpd.conf to enable logging in via ftpasswd file also (in addition to PAM)ProFTPD home page including docs et. al.
[global]
server string = %h server (Samba, Ubuntu)
map to guest = Bad User
obey pam restrictions = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 10000
dns proxy = No
panic action = /usr/share/samba/panic-action %d
idmap config * : backend = tdb
[files]
path = /srv/dafiles
valid users = username1, username2
write list = username1, username2
force group = sambashare
read only = No
create mask = 0755
force create mode = 0775
force directory mode = 0775
browseable = No | trunk | cutting-edge version that is being actively developed |
| branches | alternative copies of the project. could be for reorg of sw files, or different set of functionality, or massive re-write with lots of bugs to be ironed out. Eventually, you may want to merge changes into the trunk |
| tags | milstone release. allows you to go back to old version of the code |
svn checkout <url> (get the latest copy) svn copy trunk/ tags/1.0 svn status (make sure it is ready to be checked in) svn delete tags/1.0/ (delete if necessary before commit) svn commit --message="v1.0"
nmap -p [port] hostName ## Scan port 80 nmap -p 80 192.168.1.1 ## Scan TCP port 80 nmap -p T:80 192.168.1.1 ## Scan UDP port 53 nmap -p U:53 192.168.1.1 ## Scan two ports ## nmap -p 80,443 192.168.1.1 ## Scan port ranges ## nmap -p 80-200 192.168.1.1 ## Combine all options ## nmap -p U:53,111,137,T:21-25,80,139,8080 192.168.1.1 nmap -p U:53,111,137,T:21-25,80,139,8080 server1.cyberciti.biz nmap -v -sU -sT -p U:53,111,137,T:21-25,80,139,8080 192.168.1.254 ## Scan all ports with * wildcard ## nmap -p "*" 192.168.1.1 ## Scan top ports i.e. scan $number most common ports ## nmap --top-ports 5 192.168.1.1 nmap --top-ports 10 192.168.1.1