Table of Contents

Miscellaneous Notes

(Written by Sylvain Bolay) (Updated March 07, 2008)

Linux

#modifie in /etc/inittab
#The system will automatically boot in text mode (3) or in graphical mode (5)

inittab/runlevel

id:3:initdefault
id:5:initdefault

To modifie in real time the runlevel write:

init 0 #to shutdown the system
init 3 #to start text mode
init 5 #to start graphical mode

Warning: the precedent runlevel will be closed by the new one. That means if the actual runlevel is 5 and you want to go to the runlevel 3 all the user connexions will be closed! See man init for other run level.

mount

/etc/fstab
mount /dev/sda1 /mnt/usb

lsmod

modproble usb-storage
dmesg

x86 config

See /etc/X11/XF86Config and /etc/X11/XF86Config-4 Use ImPS/2 instead of PS/2 to support wheel mouse

Reset Root Password

On Debian Sarge

  1. start using single mode
  2. grub PRESS e
  3. kernel /boot/vmlinuz-2.4.18-14 ro root=LABEL=/ PRESS e
  4. kernel /boot/vmlinuz-2.4.18-14 single ro root=LABEL=/ PRESS ENTER
  5. PRESS b
  6. vi /etc/shadow
  7. modify the line starting with root to become
  8. root::……
  9. reboot, and now passwd is empty

On Debian ETCH

  1. start up to the grub
  2. grub PRESS e
  3. kernel /boot/vmlinuz-2.6.18-14 ro root=LABEL=/ PRESS e
  4. kernel /boot/vmlinuz-2.6.18-14 ro root=LABEL=/ init=/bin/bash PRESS ENTER
  5. PRESS b
  6. mount -o remount,rw /
  7. nano /etc/shadow
  8. modify the line starting with root:aX3dat…:…. to become
  9. root::……
  10. save modifications (ctrl-X and Y(es))
  11. shutdown -rn now, and now passwd is empty

badblocks on /dev/hda

I start using this part when my computer doesn't start anymore because of the following error: - kernel Panic: VFS: Unable to mount root fs on 03:02

I finally found 390 badblocks on /dev/hda. To save my data I copied all this disk onto another one (1 night long) and made a repair on this new disk.

dd if=/dev/hda of=/dev/hdb (and add some options following man dd)
debugreiserfs /dev/hda2
#or
sfdisk -l /dev/hda
 
badblocks -o badblock.log -b 4096 /dev/hda2
fsck.reiserfs --rebuild-tree -B badblock.log /dev/hda2
mkfs.reiserfs
dd if=/dev/zero of=/dev/hda bs=4096 swk=theBadblock-1 count=1

Disk partition

error: Disk doesn't contain a valid partition table

fdisk /dev/hda
mke2fs /dev/hda2
mkswap /dev/hda1
#(82=linux swap; 83=linux)
debugreiserfs /dev/hda2
badblocks -o badblocks.log -b 4096 -v /dev/hda2

Rescue mode: starting, mounting and chrooting

Grub loading stage2…

see effect of: swapon /dev/hda1

on gento (tchetch)

GRUB

grub-install `awk -F='/^#boot/{print $2}'/boot/grub/grub.conf`
#(kernel-smp, mkinitrd, grub)
grub> root (hd0,1)
 
grub> install --stage2=/boot/grub/stage2 /d (hd0) / 0x800 (null)/
#or
grub> install --stage2=/boot/grub/stage2 --fare-lba /boot/grub/stage1 d (hd0) /boot/grub/stage2 0x800
#or
grub> install /boot/grub/stage1 d (hd0) /boot/grub/stage2 /boot/grub/menu.lst
 
#(this part can be completed with the help of tab-autocompletion)
grub> kernel (hd0,1)/boot/vmlinuz root=/dev/hda2 vga=0x317 desktop resume=/dev/hda1 splash=silent
grub> initrd (hd0,1)/boot/initrd

Kernel / System

to check kernel version to check system version to check system information

cpuinfo

cat /proc/cpuinfo
processor  : 0
vendor_id  : GenuineIntel
cpu family : 15
model      : 2
model name : Intel(R) Pentium(R) 4 CPU 2.40GHz
stepping   : 4
cpu MHz    : 2406.258
cache size : 512 KB
fdiv_bug   : no
hlt_bug    : no
f00f_bug   : no
coma_bug   : no
fpu        : yes
fpu_exception : yes
cpuid level   : 2
wp         : yes
flags      : fpu vme de pse tsc msr pae mce cx8
             sep mtrr pge mca cmov pat pse36
             clflush dts acpi mmx fxsr sse
             sse2 ss ht tm
bogomips   : 4751.36

interrupts

cat /proc/interrupts
CPU0
0: 185214164 XT-PIC timer
1: 84002 XT-PIC i8042
2: 0 XT-PIC cascade
5: 0 XT-PIC uhci_hcd
8: 2 XT-PIC rtc
9: 28452 XT-PIC acpi, Intel 82801DB-ICH4, uhci_hcd, uhci_hcd, ohci1394
10: 2202424 XT-PIC eth0
11: 0 XT-PIC libata, ehci_hcd
12: 1502787 XT-PIC i8042
14: 320185 XT-PIC ide0
15: 1355351 XT-PIC ide1
NMI: 0
LOC: 0
ERR: 1
MIS: 0

ioports

cat /proc/ioports
0000-001f : dma1
0020-0021 : pic1
0040-005f : timer
0060-006f : keyboard
0070-0077 : rtc
0080-008f : dma page reg
00a0-00a1 : pic2
00c0-00df : dma2
00f0-00ff : fpu
0170-0177 : ide1
01f0-01f7 : ide0
02f8-02ff : serial
0376-0376 : ide1
03c0-03df : vesafb
03f6-03f6 : ide0
03f8-03ff : serial
0cf8-0cff : PCI conf1
8400-843f : 0000:00:1f.5
8800-88ff : 0000:00:1f.5
9800-987f : 0000:02:04.0
9800-987f : sata_promise
a000-a00f : 0000:02:04.0
a000-a00f : sata_promise
a400-a43f : 0000:02:04.0
a400-a43f : sata_promise
a800-a87f : 0000:02:03.0
b000-b01f : 0000:00:1d.2
b000-b01f : uhci_hcd
b400-b41f : 0000:00:1d.1
b400-b41f : uhci_hcd
b800-b81f : 0000:00:1d.0
b800-b81f : uhci_hcd
d000-dfff : PCI Bus #01
d800-d8ff : 0000:01:00.0
e800-e81f : 0000:00:1f.3
f000-f00f : 0000:00:1f.1
f000-f007 : ide0
f008-f00f : ide1

meminfo

cat /proc/meminfo
MemTotal:     516472 kB
MemFree :       7680 kB
Buffers:       39416 kB
Cached:       127304 kB
SwapCached:        0 kB
Active:       395488 kB
Inactive:      24652 kB
HighTotal:         0 kB
HighFree:          0 kB
LowTotal:     516472 kB
LowFree:        7680 kB
SwapTotal:   2255896 kB
SwapFree:    2255756 kB
Dirty:            44 kB
Writeback:         0 kB
Mapped:       342656 kB
Slab:          79360 kB
Committed_AS: 395772 kB
PageTables:     2324 kB
VmallocTotal: 507896 kB
VmallocUsed:   37260 kB
VmallocChunk: 469148 kB
HugePages_Total:   0
HugePages_Free:    0
Hugepagesize:   4096 kB

partitions

cat /proc/partitions

major minor #blocks name
3 0 78150744 hda
3 1 12568 hda1
3 2 2255904 hda2
3 3 75882240 hda3

swaps

cat /proc/swaps
Filename	Type		Size	Used	Priority
/dev/hda2	partition	2255896	140	42

version

cat /proc/version
Linux version 2.6.5-7.104-default (geeko@buildhost)
(gcc version 3.3.3 (SuSE Linux)) #1 Wed Jul 28 16:42:13 UTC 2004

redhat-release or SuSE-release

cat /etc/redhat-release
#or
cat /etc/SuSE-release
 
SuSE Linux 9.1 (i586)
VERSION = 9.1

uname

uname --version
>uname (coreutils) 5.2.1
 
uname --kernel-name
>Linux
 
uname --nodename
>linuxSBServer
 
uname --kernel-release
>2.6.5-7.111-smp
 
uname --kernel-version
>#1 SMP Wed Oct 13 15:45:13 UTC 2004
 
uname --machine
>i686
 
uname --processor	
>i686
 
uname --hardware-platform
>i386
 
uname --operating-system	
>GNU/Linux
 
uname --all
>Linux linuxSBServer 2.6.5-7.111-smp #1 SMP Wed Oct 13 15:45:13 UTC 2004 i686 i686 i386 GNU/Linux

arch

gives the architecture of your machine (ex: 686)

The Intel architecture model 80×86 designates each processor core. The X is a number from 0 to infinite but for now it is from 0 to 7. Each model adds few more instructions and sometimes a new feature although each model does not have to increase transistor count. If you have an 80686 processor, you can run software that was compiled for 80686 and lower. If you have an 80386, you can only run software compiled as 80386 and lower. Each increasing model should be better but it seems that Intel likes the yo-yo effect when they introduce new processors.

There are some 80486 (I think 80486DX2-66 or 80486DX4-120) that are or the right term were faster than 80586 (aka Pentium). Have look at sandpile for informations.

x86 is the CPU architeture family. These go along the lines of i286, i386, i486, i586, etc… where the x is used as a variable for the 2, 3, 4, 5, etc.

Each of the chips has extra transitors and instruction sets, so if you download a distro that was compile for your chip, it should, in theory, run better. Also, You have to meet the architecture number or older to use the distro to.

*fdisk utilities

There are several *fdisk programs around. Each has its problems and strengths. Try them in the order: cfdisk, fdisk, sfdisk.

cfdisk

Is a beautiful program that has strict requirements on the partition tables it accepts, and produces high quality partition tables. Use it if you can.

fdisk

Is a buggy program that does fuzzy things - usually it happens to produce reasonable results. Its single advantage is that it has some support for BSD disk labels and other non-DOS partition tables. Avoid it if you can.

sfdisk

The user interface is terrible, but it is more correct than fdisk and more powerful than both fdisk and cfdisk. Moreover, it can be used noninteractively. Is for hackers only.

cfdisk

Curses based disk partition table manipulator for Linux

cfdisk 2.11u
Disk Drive: /dev/sda
Size: 72802631680 bytes, 72.8 GB
Heads: 254	Sectors per Track: 63	Cylinders: 8885
Name Flags Part Type FS Type [Label] Size (MB)
sda1 Primary Linux ext3 [/boot] 106.51
sda2 Boot Primary Linux ReiserFS 70296.15
Pri/Log Free Space 1319.08
sda3 Primary Linux swap 1073.29

[Bootable][Delete][Help][Maximize][Print][Quit][Type][Units][Write]

fdisk

Partition table manipulator for Linux

fdisk -l
Disk /dev/sda: 254 heads, 63 sectors, 8885 cylinders
Units = cylinders of 16002 * 512 bytes
Device Boot Start End Blocks Id System
/dev/sda1 1 13 103981+ 83 Linux
/dev/sda2 * 14 8593 68648580 83 Linux
/dev/sda3 8755 8885 1048131 82 Linux swap
sfdisk

Partition table manipulator for Linux

sfdisk version 3.07 (aeb@cwi.nl, 990908)
Usage: sfdisk [options] device ...
device: something like /dev/hda or /dev/sda
useful options:
-s [or --show-size]	:list size of a partition
-c [or --id]		:print or change partition Id
-l [or --list]		:list partitions of each device
-d [or --dump]		:idem, but in a format suitable for later input
-i [or --increment]	:number cylinders etc. from 1 instead of from 0
-uS, -uB, -uC, -uM	:accept/report in units of sectors/blocks/cylinders/MB
-T [or --list-types]	:list the known partition types
-D [or --DOS]		:for DOS-compatibility: waste a little space
-R [or --re-read]	:make kernel reread partition table
-N#			:change only the partition with number #
-n			:do not actually write to disk
-O file			:save the sectors that will be overwritten to file
-I file			:restore these sectors again
-v [or --version]	:print version
-? [or --help]		:print this message
 
dangerous options:
-g [or --show-geometry]	:print the kernel's idea of the geometry
-x [or --show-extended]	:also list extended partitions on output or expect descriptors for them on input
-L [or --Linux]		:do not complain about things irrelevant for Linux
-q [or --quiet]		:suppress warning messages
 
You can override the detected geometry using:
-C# [or --cylinders #]	:set the number of cylinders to use
-H# [or --heads #]	:set the number of heads to use
-S# [or --sectors #]	:set the number of sectors to use
 
You can disable all consistency checking with:
-f [or --force]		:do what I say, even if it is stupid
sfdisk -l
Disk /dev/sda: 8885 cylinders, 254 heads, 63 sectors/track
Units = cylinders of 8193024 bytes, blocks of 1024 bytes, counting from 0
Device Boot Start End #cyls #blocks Id System
/dev/sda1 0+ 12 13- 103981+ 83 Linux
/dev/sda2 * 13 8592 8580 68648580 83 Linux
/dev/sda3 8754 8884 131 1048131 82 Linux swap
/dev/sda4 0 - 0 0 0 Empty

lvmdiskscan

scan for all disks / multiple devices / partitions available

lvmdiskscan -- reading all disks / partitions (this may take a while...)
lvmdiskscan -- /dev/sda1   [101.54MB] Primary LINUX native partition [0x83]
lvmdiskscan -- /dev/sda2   [65.47 GB] Primary LINUX native partition [0x83]
lvmdiskscan -- /dev/sda3 [1023.57 MB] Primary LINUX swap partition [0x82]
lvmdiskscan -- 1 disk
lvmdiskscan -- 0 whole disks
lvmdiskscan -- 0 loop devices
lvmdiskscan -- 0 multiple devices
lvmdiskscan -- 0 network block devices
lvmdiskscan -- 3 partitions
lvmdiskscan -- 0 LVM physical volume partitions

hwscan

Show information about currently known hardware.

--list			:show list of known hardware
--cfg=state id		:change 'configured' status; id is one of the ids from 'hwscan --list', state is one of new, no, yes
--avail=state id	:change 'available' status
--need=state id		:change 'needed' status
--hw_item		:probe for hw_item and update status info. hw_item is one of:
				cdrom, floppy, disk, mouse, gfxcard, monitor, network, sound, modem,
				printer, storage-ctrl, netcard, camera, isdn, tv, dvb, scanner, joystick,
				usb, pci, isapnp, framebuffer, keyboard, chipcard, braille, partition,
				usb-ctrl, sys, cpu, bios, bridge, hub, memory
hwscan --list
vSkL.qRXhw9SR8eF: (cfg=new, avail=yes, need=no) bridge Intel PCI bridge
x0Ln.orocOxRg9gF: (cfg=yes, avail=yes, need=no) network IBM NetXtreme BCM5703X Gigabit Ethernet
JspL.4uf42CeQ14C: (cfg=new, avail=yes, need=no) unknown IBM 82870P2 P64H2 I/OxAPIC
rdCR.lZF+r4EgHp4: (cfg=no,  avail=yes, need=no) bios BIOS
hgAj.CQxngn4zpw3: (cfg=new, avail=yes, need=no) unknown IBM Unclassified device
T4wH.4uf42CeQ14C: (cfg=new, avail=yes, need=no) unknown IBM 82870P2 P64H2 I/OxAPIC
rdCR.EY_qmtb9YY0: (cfg=yes, avail=yes, need=yes)monitor Generic Monitor
vayM.pa4s74HebeD: (cfg=yes, avail=yes, need=no) usb controller IBM 82801DB USB (Hub #2)
Ikk3.7IxpIoQ+NDC: (cfg=yes, avail=yes, need=yes)graphics card IBM Rage XL
rdCR.CxwsZFjVASF: (cfg=no,  avail=yes, need=no) memory Main Memory
1GTX.nlBMAx1EYtC: (cfg=yes, avail=yes, need=no) usb controller IBM 82801DB USB (Hub #1)
W60f.AiiszuDFBEE: (cfg=new, avail=yes, need=no) sound IBM 82801DB AC'97 Audio
rdCR.iWbWo71vw2C: (cfg=yes, avail=yes, need=yes) keyboard PC Keyboard
sPPV.oZ89vuho4Y3: (cfg=yes, avail=yes, need=no) floppy Floppy Disk
3Okj.Jt1hg9mdkyE: (cfg=new, avail=yes, need=no) hub Hub
BUZT.rA8dZcrCAA4: (cfg=new, avail=yes, need=no) bridge Intel 82801DB ISA Bridge (LPC)
B3Fu.Jt1hg9mdkyE: (cfg=new, avail=yes, need=no) hub Hub
ruGf.IWXKQ_Ne1vF: (cfg=new, avail=yes, need=no) unknown IBM Unclassified device
wiDZ.Jt1hg9mdkyE: (cfg=new, avail=yes, need=no) hub Hub
rdCR.n_7QNeEnh23: (cfg=no,  avail=yes, need=no) system System
yibb.g++hATXqKsF: (cfg=yes, avail=yes, need=yes) mouse Generic PS/2 Mouse
dtXw.Y0ml26UcBkD: (cfg=yes, avail=yes, need=no) storage IBM ServeRAID 5i
4t_9.SWk4Ex6vaS2: (cfg=yes, avail=yes, need=no) disk IBM SERVERAID
rdCR.xXVvziWR6cC: (cfg=yes, avail=yes, need=no) framebuffer ATI MACH64 MACH64GM
B3Fu.zxRvAUHA3eD: (cfg=new, avail=yes, need=no) unknown American Power Conversion Back-UPS 350 FW: 5.5.I USB FW: c1
3p2J.Nei02VKmZT6: (cfg=no,  avail=yes, need=no) storage IBM 82801DB ICH4 IDE
nS1_.Kb0XA3A2UVB: (cfg=new, avail=yes, need=no) unknown IBM 82801DB SMBus
qLht.HjLo1lfzn_F: (cfg=new, avail=yes, need=no) bridge IBM Host bridge
Ozsp.gW_slCquqh5: (cfg=new, avail=yes, need=no) bridge Intel 82870P2 P64H2 Hub PCI Bridge
YBzl.gW_slCquqh5: (cfg=new, avail=yes, need=no) bridge Intel 82870P2 P64H2 Hub PCI Bridge
08OF.wQq3lwZp4Y5: (cfg=yes, avail=yes, need=no) network 3Com 3C905C-TX Fast Etherlink for PC Management NIC
5YuN.yJAnkGqksw5: (cfg=yes, avail=yes, need=no) usb controller IBM 82801DB USB EHCI Controller
_Znp.LsTRPkZ8g00: (cfg=new, avail=yes, need=no) bridge Intel PCI bridge
rdCR.3wRL2_g4d2B: (cfg=no,  avail=yes, need=no) storage Floppy disk controller
6NW+.ccU5FZC1tz2: (cfg=new, avail=yes, need=no) bridge Intel 82801BA/CA/DB PCI Bridge
nBbg.74_e3eJ82F7: (cfg=yes, avail=yes, need=no) cdrom HL-DT-ST CD-ROM GCR-8480B

automount windows partitions

vi /etc/fstab
/dev/hda5 /mnt/d vfat defaults,codepage=936,iocharset=cp936 0 0

auto synchronize time

vi /etc/crontab
add line
00 0 1 * * root rdate -s time.nist.gov

or use xntp or use ntpdate (Debian package) In Switzerland you can use ntp.metas.ch which is the official swiss time server.

TAR

This is the command to create a tar archive named file.tar that contains file1, file2 and fileX

tar -cf file.tar directory1/file1 directory2/file2 directoryX/fileX

This is the command to list a tar archive named file.tar that contains file1, file2 and fileX

tar -tf file.tar
#or
tar --list --file=file.tar /this/is/a/directory/file1
#or
tar --gzip --list --file=file.tgz /this/is/a/directory/file1

With all these commands you can use one (-v) or two (-vv) verbose options

tar -tvvf file.tar

DAT - TAPE (Backup)

#man mt
#man tar
#see SIRO_backup.sh in /
#The device is /dev/st0
 
tar --list --verbose -f /dev/st0
mt --file=/dev/st0 status
mt --file=/dev/st0 rewind
mt -f /dev/st0 status
 
#To go to 1 backup backward
mt -f /dev/nst0 bsf 1
 
#To go to 1 backup forward:
mt -f /dev/nst0 fsf 1<br>

File and Directory

listing files

ls -a (all)
ls -l (long)

viewing files

cat
#or
more
#or
less
</bash>
 
==== symbolic links ====
<code bash>
#creat a link named prog that points to the actual file named prog.1.1
ln -s prog.1.1 prog
 
#update the symbolic link to point to the new library
ln -sf /lib/libncurses.so.5.4 /lib/libncurses.so.5

to read pdf file

xpdf shoot.pdf

to see the usage of harddisk

df -k
df -h

to see the size of a directory

du -sh %dirname%

unzip

tar jxvf example.tar.bz2
tar zxvf example.tar.gz
unzip example.zip
compression utilities
 
gzip garbage.txt
gzip -l garbage.txt.gz #(get information on a gzipped file)
gunzip garbage.txt.gz
 
#(tar a directory mt)
tar cvf mt.tar mt 
 
#(untar)
tar xvf mt.tar
 
#(tar and compress)
tar zcvf mt.tar.gz mt
 
#(extract and untar)
tar zxvf mt.tar.gz

search a file in a multi-level directory

find -name filename.ext
#or
du -a | grep filename.ext
#or
updatedb
locate filename.ext

redirection / pipes

ls /bin ~/binaries

#(sort the output of disk usage) du | sort -nr

#(use a second pipe) du | sort -nr | more

more aFile | grep aKeyword

./theExecutedSoft 2>&1 | tee log.txt </code> In this above command the stderr(2) output descriptor is redirected (>&) in the stdout(1) output descriptor. All this is finally piped to the tee function how allows to see both standard output to the screen and in the same time written in the file log.txt

changing owner, group and permissions

chown joe dir/
chmod +x header
chmod -x header
 
#(only assign execute permission to myself)
chmod u+x header 
 
#(assign execute permission to both myself and the file's group)
chmod ug+x header
 
#(assign multiple types of permissions)
chmod ug+rwx header
User Group Other
read write exec read write exec read write exec
400 200 100 40 20 10 4 2 1
#(just give yourself read permission)
chmod 400 header
 
#(give everybody read permission)
chmod 444 header 
 
#(give everybody read/exec permission)
chmod 555 header 
 
#(rwxr-xr-x)
chmod 755 header

X11 forwarding through SSH

In order to use X11 forwarding through ssh, you have to: on debian (server)

login to the server ssh -X -v -v -v root@xxx.xxx.xxx.xxx The triple -v is to obtain debug up to level 3 and -X is to enable X11forwarding to the client side but seems not be absolutely necessary to make the X11 tunnel working. You can now try “xclock &” included in the xbase-client package to test the X11 connection.

If you get an error such as

root@siro2:~# xclock
_X11TransSocketINETConnect() can't get address for localhost:6013: Name or service not known
Error: Can't open display: localhost:13.0

The main reasons of that can be (from linuxquestions.org):

Might be that ssh is doing the right thing and don't let you use X11 over ssh as root.

You should instead login as a normal user and configure the /etc/sudoers file with visudo to let your normal user accessing some files with sudo.

If you are login as a normal user and you have the same error, you may need to issue an

export DISPLAY="hostname:10.0"

before it works. You can also add this command in the user's .bashrc file.

If you put instead export DISPLAY=“127.0.0.1:10.0” the .Xauthority may be corrupted and the X redirection will not work and will display a warning such as: Warning: No xauth data; using fake authentication data for X11 forwarding. As soon as you got once this error, before trying another solution, you have to restart your Xserver (ctrl+alt+enter) to regenerate a trusted Xsession.

You can see wich are your actual Xauthority setting with:

xauth info
xauth list

and if you need to add a new Xauthority to the .Xauthority file, you can issue:

xauth add `echo "${DISPLAY}" | sed 's/.*\(:.*\)/\1/'` . `mcookie`

Below is displayed the settings of the /etc/ssh_config which is the client configuration file:

Host *
#   ForwardAgent no
#   ForwardX11 yes
#   ForwardX11Trusted yes
#   RhostsRSAAuthentication no
#   RSAAuthentication yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/identity
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   Port 22
#   Protocol 2,1
#   Cipher 3des
#   Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
    SendEnv LANG LC_*
    HashKnownHosts yes
    GSSAPIAuthentication yes
    GSSAPIDelegateCredentials no

And last, below is displayed the /etc/sshd_config file which is the configuration on the server side:

# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes
 
# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768
 
# Logging
SyslogFacility AUTH
LogLevel INFO
 
# Authentication:
LoginGraceTime 120
PermitRootLogin no
StrictModes yes
 
RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile     %h/.ssh/authorized_keys
 
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
 
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
 
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
 
# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes
 
# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
 
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
 
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
 
#MaxStartups 10:30:60
#Banner /etc/issue.net
 
# Allow client to pass locale environment variables
AcceptEnv LANG LC_*
 
Subsystem sftp /usr/lib/openssh/sftp-server
 
UsePAM yes

MySQL

/etc/init.d/mysql start/status/stop

Set the MySQL root password

PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER ! To do so, start the server, then issue the following commands:

/usr/bin/mysqladmin -u root password 'new-password'
#or
/usr/bin/mysqladmin -u root -h example.com password 'new-password'

Test the MySQL daemon

You can test the MySQL daemon with the benchmarks in the 'sql-bench' directory:

cd /usr/share/mysql/sql-bench
perl run-all-tests

Default options are read from the following files in the given order: /etc/my.cnf /var/lib/mysql/my.cnf and ~/.my.cnf

Create a DB

In the below example, “intranet” is the name of your database.

mysqladmin -u root -p create intranet

Create a table

Create the tables using an example.sql file:

mysql -u root -p intranet < example.sql

See the content of the database

See the content of the intranet db

mysqlshow -u root -p intranet

Add Privileges to a database

mysql -u root -p intranet
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 96 to server version: 4.0.18
 
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
 
mysql> GRANT ALL PRIVILEGES ON *.* TO "myDatabase"@"localhost";

CUPS

/etc/cups

cupsd.conf

(2 modifications)

  1. # DocumentRoot: the root directory for HTTP documents that are served.
    # By default "/usr/share/doc/packages/cups".
    #
    DocumentRoot /usr/share/cups/doc/
  2. <Location /admin>
    # You definitely will want to limit access to the administration functions.
    # The default configuration requires a local connection from a user who
    # is a member of the system group to do any admin tasks. You can change
    # the group name using the SystemGroup directive.
     
    AuthType BasicDigest
    AuthClass Group
    AuthGroupName sys
     
    ## Restrict access to local domain
    Order Deny,Allow
    Deny From All
    Allow From 127.0.0.1
    Allow From 192.168.1.20 (sb-linux)
    Allow From 192.168.1.23 (sb-win)
     
    #Encryption Required
    </Location>

printers.conf

(below an example)

<Printer HP_Laserjet_6MP>
Info B&W_Laser_Printer
Location 1st_Floor/Room_215
DeviceURI socket://192.168.1.11
State Idle
Accepting Yes
JobSheets none none
QuotaPeriod 0
PageLimit 0
KLimit 0
</Printer>

SOME ADVICES log: /var/log/cups/ daemon cupsd: /usr/sbin/cupsd (man cupsd) server = /usr/lib/cups/daemon/cups-lpd (in /etc/xinetd.d/cups-lpd)

Creating root access (by default cups will have no user and pw) lppasswd -g sys -a root #this command will allow you to login as root for administration task in cups

restart the server siro:/etc/init.d # ./cups restart Shutting down cupsd done Starting cupsd done

For probleme with the lp command, see below: when I want to print with lp or lpr I always get the following errormsg: lp: error - scheduler not responding! or lpr: error - scheduler not responding! By the way, cups prints its testpage correctly, only lp® doesn't work! What can I do?

These “lp” and “lpr” commands or for CUPS, they work only with running CUPS daemon (the scheduler) or with a remote CUPS server specified in /etc/cups/client.conf. If you want to use LPD or LPRng, you need the appropriate “lpr” and/or “lp” executables.

FTP

vsftpd: (man vsftpd) The vsftpd FTP server serves FTP connections. It uses normal, unencrypted usernames and passwords for authentication. vsftpd is designed to be secure.

daemon configuration file: /etc/vsftpd.conf (man vsftpd.conf) daemon location: /usr/sbin/vsftpd

/etc/xinetd.conf

service ftp
{
 #server_args = -a
 #log_on_success += DURATION USERID
 #log_on_failure += USERID
 #nice = 10
 socket_type = stream
 protocol = tcp
 wait = no
 user = root
 server = /usr/sbin/vsftpd
 instances = UNLIMITED
}

At this time I don't understand every options in this service (TODO)

/etc/vsftpd.conf

# Local FTP user Settings
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=022
#
# Uncomment to put local users in a chroot() jail in their home directory after login.
chroot_local_user=YES
#
# Set to NO if you want to disallow the PASV method of obtaining a data connection.
# Note: if this setting is disabled, windows stations will not be able to login.
pasv_enable=YES

NFS

Example to connect NeXT computers (This example is with SuSe):

Server

In YaST → Network Services → NFS Server : Start NFS Server (go next) Set Directories to: /server/public/NeXT_Data_Server Set Hosts wildcard to: * Set Options to: rw, root_squash, sync (if set to rw the directory is set as read-write; if set ro ro the directory is set ro read-only)

chmod 777 /server chmod 777 /server/public chmod 777 /server/public/NeXT_Data_Server (This part may also work with other folder rights if users are logged in. But this part has to be completed)

Client

Open a terminal on a NeXT computer: NextApps → Terminal.app

  1. cd /etc (where all services are located as the function ” mount” …)
  2. vi /etc/hosts and add eg. “192.168.1.22 siro”
  3. as root: cd /etc

mount -t nfs siro:/server/public/NeXT_Data_Server /Users/iro/siro_projects

or 3b) NextAdmin -&gt; NFSManager.app

in the window named “/- Imported Directories” add… server name: siro; Remote Directory: /server/public/NeXT_Data_Server; Set; Mount Point: /Users/iro/siro_projects (This setting will mount automatically the directory during the startup process) - NextAdmin → UserManager.app (login as root) User → open … select: iro and change the pw to iroiro and confirm the pw. (this setting should allow the user to login to the NFS server if special settings are made on the shared directory)

SAMBA

Connection error

If a user can not login normally on the XP computer:

  1. printers can not be add correctly (error 5 given by Kixtart - rights error)
  2. Users can simply not loggin on the computer (windows says pw error!)

I dont know exactly the reason of that but it seems that is caused by a sid error or something like this. To get right of this problem we have to clean the user profile.

  1. Loggoff the user witch as the problematic profile
  2. mv /server/profile/“theProblematicProfile/” /server/profile/“theProblematicProfile.bck”/
  3. mkdir /server/profile/“theNewProfileDirectory”/
  4. chmod and chown
  5. To resolve this you can either:
    • Logon on a machine where the user does not yet has a saved profile with is username and pw to recreate a “clean” profile or
    • Logon to the machine usually used by the user as local/administrator
      1. Suppress the local copy of profiles: My Computer -&gt; properties -&gt; Advanced -&gt; UserProfiles…
      2. settings: remove all profiles except local\administrator
      3. regedit the registry and suppress everything about the user (make some searches with specific keywords)
      4. Restart the computer
      5. login as network\administrator (to install and reset the registry with clean values - see kixtart script)
      6. logoff
      7. login as the user to recreate a “clean” profile
  6. logoff the user
  7. On the server copy all relevant/interesting folders/data as favorites; Desktop; Application Data … mail and others; check the MyDocument folder; …
  8. chmod / chown on this folders
  9. Done… and the user can loggin back on computers and everything should be ok.
Do not mv but cp data from the backuped folder to the new one and keep it for days to be able to give user back some possible forgotten data!

mapping a windows group to a UNIX/LINUX group

net groupmap add ntgroup=“Users” UNIXgroup=users net groupmap list

pour recuperer vos anciens profils, il faut les migrer de l'ancien SID vers le nouveau comme ceci:

donc la marche a suivre est la suivante :

ensuite c'est simple, profiles ntuser.dat va vous afficher plein de lignes cherchez le SID dedans et faite un remplacement comme ceci:

inetd / xinetd

all ports are listed in /etc/services

/var/log/xinetd.log /etc/xinetd.conf /etc/xinetd.d/

starting the xinetd daemon: sudo /etc/init.d/xinetd start/stop/restart restart xinetd daemon to take in acount the new configuration (This is an old method)

su
ps -u root | grep xinetd (get PID of xinetd)
kill -s SIGUSR1 "PID of xinetd"

Now you can simply /etc/init.d/xinetd restart/reload

nmap / xnmap

test open ports on an given host nmap / xnmap (==nmapfe) (from package nmap-gtk which is a nmap frontend) example: nmap localhost

Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-09-17 11:52 CEST Interesting ports on localhost (127.0.0.1): (The 1652 ports scanned but not shown below are in state: closed)

PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
901/tcp open samba-swat

Nmap run completed – 1 IP address (1 host up) scanned in 0.356 seconds

to scan the complete network: 192.168.1.0/24 (/24 is equivalent to the subnet mask 255.255.255.0. The calculation is 8bits + 8bits + 8bits + 0bits = 24bits )

netstat

I'don't know now what it does… netstat -acntu

nmblookup

return the ip adresse given a machineName

an equivalent on windows is nbtstat (nbtstat -a “machineName”)

findsmb

return all smb client/server in the lan

nslookup / dig / host

return the domaine name given the ip and vice-versa

ifconfig

returns the actual settings on localhost (to be used as SU)

e-mail settings: /etc/postfix/ :This directory containes the majors email configurations files /etc/aliases :This is the aliases file - it says who gets mail for whom. /usr/lib/postfix/ :this directory contains all binaries that are used by an email software /usr/lib/sendmail /usr/sbin/sendmail

Referer
Other:

or

or

/etc/resolv.conf (dns server)

/etc/host.conf

/etc/hosts

hostname:

change IP address permanently

Shell

shells

Useful keys and how to set them to work

csh

Using EMACS

Repaint screen

Undo last edit(can be repeated)

#Redo last

to abort any control or escape sequence

move cursor to line beginning

move cursor to line end

to mark block beginning

cutting the block

pasting the block(can also paste the clipboard from other program)

copy the block

delete from cursor to line end

C-s search the document forward for string you name C-r search the document backward for string you name

CVS

remote cvs if using ssh (bash/) To set an environment variable in sh or ksh, use the syntax VAR=value;export VAR, where VAR is the name of the environment variable and value is the value you wish to assign. Do not put spaces on either side of the equals sign. The export command instructs the shell to propagate the value of the variable to all programs that are run by the shell. If an environment variable is reset, but not exported, the change will only apply to the shell itself.

[root@localhost root]# CVS_RSH=ssh
[root@localhost root]# export CVS_RSH
[root@localhost root]# echo $CVS_RSH

using csh

[root@localhost root]# setenv CVS_RSH ssh

cvs checkout

cvs -d :ext:%username%@%server_domain%:%cvs_root_directory% checkout %modulename%

cvs KEY LETTERS

Adding action in right clic

kde

for one specific user add in

or for all users add in

a file named openassu.desktop that contains:

[Desktop Entry]
ServiceTypes=inode/directory,inode/directory-locked
Actions=openassu
 
[Desktop Action openassu]
Name=Open as Root
Name[fr]=Ouvrire en temp que root
Name[de]=Als root offnen
Icon=kfm
Exec=kdesu "konqueror --profile filemanagement %U"

or another file named runassu.desktop that contains:

[Desktop Entry]
ServiceTypes=application/x-executable,application/x-shellscript,application/x-python,application/x-perl
Actions=runassu
 
[Desktop Action runassu]
Name=Run as Root
Name[fr]=Executer en temp que root
Name[de]=Als root ausfhren
Name[cs]=Spustit jako root
Icon=kfm
Exec=kdesu -c

gnome

Add in directory ~/.gnome2/nautilus-scripts/ a file named “Open\ as\ root” that contains:

!/bin/sh
openas-root:
#nautilus script for opening the selected files as superuser (uid=0),
#utilizing the appropriate applications.
 
for uri in $NAUTILUS_SCRIPT_SELECTED_URIS; do
gnome-sudo "gnome-open $uri" &
done

for more information see: http://ubuntuguide.org/#openfilesasrootviarightclick

Installing/Upgrading Software

upgrading software

ldd /usr/bin/X11/xterm (list the shared libraries on which a given executable depends)

using RPM
using DEB

Hardware

to eject cd tray

eject -r

Programming

debug core file

gdb <programe> <core>

ERRORS

GTK-WARNING XXX:Cannot open display

Question

I'm compiling wxGTK on Redhat Linux 6.1: the following are my step when compiled wxGTK:

then edit /etc/ld.so.conf and add /usr/local/lib then I tried to compile calendar application:

when i run calendar application error happend: GTK-WARNING XXX:Cannot open display. What should i do ?.

Answer

I see 3 cases :

  1. You are not directly log on the computer where you run the programme (you do a rlogin or a telnet), in this case you have to set the DISPLAY variable to your computer display (export DISPLAY=mycomputeur.mydomain.org:0) on the remote computer and the X-Server must accept connection from this host (ugly autorisation with xhost : xhost +theremotecomputeur, right config with Mit-Magic-Cookie).
  2. You log as user1, and after that you do a su and try to run the program as root. In this case the Xserver is the property of user1 and you try to access it as root, so it refused the connection. solution: run the programme as user1 (good one), or log as root (bad one).
  3. Last you dont have an xserver on the computer.

I think in your case the most probable is the 2)