Table of Contents
Miscellaneous Notes
(Written by Sylvain Bolay) (Updated March 07, 2008)
Linux
#modifie in /etc/inittab
#The system will automatically boot in text mode (3) or in graphical mode (5)
inittab/runlevel
id:3:initdefault id:5:initdefault
To modifie in real time the runlevel write:
init 0 #to shutdown the system init 3 #to start text mode init 5 #to start graphical mode
Warning: the precedent runlevel will be closed by the new one. That means if the actual runlevel is 5 and you want to go to the runlevel 3 all the user connexions will be closed! See man init for other run level.
mount
/etc/fstab mount /dev/sda1 /mnt/usb
lsmod
modproble usb-storage
dmesg
x86 config
See /etc/X11/XF86Config and /etc/X11/XF86Config-4 Use ImPS/2 instead of PS/2 to support wheel mouse
Reset Root Password
On Debian Sarge
- start using single mode
- grub PRESS e
- kernel /boot/vmlinuz-2.4.18-14 ro root=LABEL=/ PRESS e
- kernel /boot/vmlinuz-2.4.18-14 single ro root=LABEL=/ PRESS ENTER
- PRESS b
- vi /etc/shadow
- modify the line starting with root to become
- root::……
- reboot, and now passwd is empty
On Debian ETCH
- start up to the grub
- grub PRESS e
- kernel /boot/vmlinuz-2.6.18-14 ro root=LABEL=/ PRESS e
- kernel /boot/vmlinuz-2.6.18-14 ro root=LABEL=/ init=/bin/bash PRESS ENTER
- PRESS b
- mount -o remount,rw /
- nano /etc/shadow
- modify the line starting with root:aX3dat…:…. to become
- root::……
- save modifications (ctrl-X and Y(es))
- shutdown -rn now, and now passwd is empty
badblocks on /dev/hda
I start using this part when my computer doesn't start anymore because of the following error: - kernel Panic: VFS: Unable to mount root fs on 03:02
I finally found 390 badblocks on /dev/hda. To save my data I copied all this disk onto another one (1 night long) and made a repair on this new disk.
- Copy disk hda to disk hdb (normally both disk should have the same size and geometry):
dd if=/dev/hda of=/dev/hdb (and add some options following man dd)
- You may have to restore the disk partition (see section below). I don't remember exactly when you have to do that!
- and next repair the new disk:
debugreiserfs /dev/hda2 #or sfdisk -l /dev/hda badblocks -o badblock.log -b 4096 /dev/hda2 fsck.reiserfs --rebuild-tree -B badblock.log /dev/hda2 mkfs.reiserfs dd if=/dev/zero of=/dev/hda bs=4096 swk=theBadblock-1 count=1
Disk partition
error: Disk doesn't contain a valid partition table
fdisk /dev/hda mke2fs /dev/hda2 mkswap /dev/hda1 #(82=linux swap; 83=linux) debugreiserfs /dev/hda2 badblocks -o badblocks.log -b 4096 -v /dev/hda2
Rescue mode: starting, mounting and chrooting
Grub loading stage2…
- boot with dvd
- choose rescue mode
- cd /mnt
- mkdir hda
- mount -t reiserfs /dev/hda2 /mnt/hda
- chroot /mnt/hda /bin/bash
see effect of: swapon /dev/hda1
on gento (tchetch)
- mount /dev/hda3 /mnt/gentoo/
- mount /dev/hda1 /mnt/gentoo/boot
- swapon /dev/hda2
- mount none -t proc /mnt/gentoo/proc
- chroot /mnt/gentoo /bin/bash (root=/dev/hda3)
GRUB
grub-install `awk -F='/^#boot/{print $2}'/boot/grub/grub.conf` #(kernel-smp, mkinitrd, grub) grub> root (hd0,1) grub> install --stage2=/boot/grub/stage2 /d (hd0) / 0x800 (null)/ #or grub> install --stage2=/boot/grub/stage2 --fare-lba /boot/grub/stage1 d (hd0) /boot/grub/stage2 0x800 #or grub> install /boot/grub/stage1 d (hd0) /boot/grub/stage2 /boot/grub/menu.lst #(this part can be completed with the help of tab-autocompletion) grub> kernel (hd0,1)/boot/vmlinuz root=/dev/hda2 vga=0x317 desktop resume=/dev/hda1 splash=silent grub> initrd (hd0,1)/boot/initrd
Kernel / System
to check kernel version to check system version to check system information
cpuinfo
cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 15 model : 2 model name : Intel(R) Pentium(R) 4 CPU 2.40GHz stepping : 4 cpu MHz : 2406.258 cache size : 512 KB fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 2 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm bogomips : 4751.36
interrupts
cat /proc/interrupts CPU0 0: 185214164 XT-PIC timer 1: 84002 XT-PIC i8042 2: 0 XT-PIC cascade 5: 0 XT-PIC uhci_hcd 8: 2 XT-PIC rtc 9: 28452 XT-PIC acpi, Intel 82801DB-ICH4, uhci_hcd, uhci_hcd, ohci1394 10: 2202424 XT-PIC eth0 11: 0 XT-PIC libata, ehci_hcd 12: 1502787 XT-PIC i8042 14: 320185 XT-PIC ide0 15: 1355351 XT-PIC ide1 NMI: 0 LOC: 0 ERR: 1 MIS: 0
ioports
cat /proc/ioports 0000-001f : dma1 0020-0021 : pic1 0040-005f : timer 0060-006f : keyboard 0070-0077 : rtc 0080-008f : dma page reg 00a0-00a1 : pic2 00c0-00df : dma2 00f0-00ff : fpu 0170-0177 : ide1 01f0-01f7 : ide0 02f8-02ff : serial 0376-0376 : ide1 03c0-03df : vesafb 03f6-03f6 : ide0 03f8-03ff : serial 0cf8-0cff : PCI conf1 8400-843f : 0000:00:1f.5 8800-88ff : 0000:00:1f.5 9800-987f : 0000:02:04.0 9800-987f : sata_promise a000-a00f : 0000:02:04.0 a000-a00f : sata_promise a400-a43f : 0000:02:04.0 a400-a43f : sata_promise a800-a87f : 0000:02:03.0 b000-b01f : 0000:00:1d.2 b000-b01f : uhci_hcd b400-b41f : 0000:00:1d.1 b400-b41f : uhci_hcd b800-b81f : 0000:00:1d.0 b800-b81f : uhci_hcd d000-dfff : PCI Bus #01 d800-d8ff : 0000:01:00.0 e800-e81f : 0000:00:1f.3 f000-f00f : 0000:00:1f.1 f000-f007 : ide0 f008-f00f : ide1
meminfo
cat /proc/meminfo MemTotal: 516472 kB MemFree : 7680 kB Buffers: 39416 kB Cached: 127304 kB SwapCached: 0 kB Active: 395488 kB Inactive: 24652 kB HighTotal: 0 kB HighFree: 0 kB LowTotal: 516472 kB LowFree: 7680 kB SwapTotal: 2255896 kB SwapFree: 2255756 kB Dirty: 44 kB Writeback: 0 kB Mapped: 342656 kB Slab: 79360 kB Committed_AS: 395772 kB PageTables: 2324 kB VmallocTotal: 507896 kB VmallocUsed: 37260 kB VmallocChunk: 469148 kB HugePages_Total: 0 HugePages_Free: 0 Hugepagesize: 4096 kB
partitions
cat /proc/partitions
major | minor | #blocks | name |
---|---|---|---|
3 | 0 | 78150744 | hda |
3 | 1 | 12568 | hda1 |
3 | 2 | 2255904 | hda2 |
3 | 3 | 75882240 | hda3 |
swaps
cat /proc/swaps Filename Type Size Used Priority /dev/hda2 partition 2255896 140 42
version
cat /proc/version Linux version 2.6.5-7.104-default (geeko@buildhost) (gcc version 3.3.3 (SuSE Linux)) #1 Wed Jul 28 16:42:13 UTC 2004
redhat-release or SuSE-release
cat /etc/redhat-release #or cat /etc/SuSE-release SuSE Linux 9.1 (i586) VERSION = 9.1
uname
uname --version >uname (coreutils) 5.2.1 uname --kernel-name >Linux uname --nodename >linuxSBServer uname --kernel-release >2.6.5-7.111-smp uname --kernel-version >#1 SMP Wed Oct 13 15:45:13 UTC 2004 uname --machine >i686 uname --processor >i686 uname --hardware-platform >i386 uname --operating-system >GNU/Linux uname --all >Linux linuxSBServer 2.6.5-7.111-smp #1 SMP Wed Oct 13 15:45:13 UTC 2004 i686 i686 i386 GNU/Linux
arch
gives the architecture of your machine (ex: 686)
The Intel architecture model 80×86 designates each processor core. The X is a number from 0 to infinite but for now it is from 0 to 7. Each model adds few more instructions and sometimes a new feature although each model does not have to increase transistor count. If you have an 80686 processor, you can run software that was compiled for 80686 and lower. If you have an 80386, you can only run software compiled as 80386 and lower. Each increasing model should be better but it seems that Intel likes the yo-yo effect when they introduce new processors.
- Pentium III is not an 80386 its an 80686.
- A Pentium 4 is an 80768 but it is not any better than some 80686 processors.
- AMD Athlons are 80686 even though some are 32-bit and 64-bit processors.
There are some 80486 (I think 80486DX2-66 or 80486DX4-120) that are or the right term were faster than 80586 (aka Pentium). Have look at sandpile for informations.
x86 is the CPU architeture family. These go along the lines of i286, i386, i486, i586, etc… where the x is used as a variable for the 2, 3, 4, 5, etc.
- i586 is the same as a pentium and amd k1
- i686 is the same as pentium II and amd k2, and so on.
- x86-64 stands for 64-bit processors like Athlon-64's and Opteron that operate off of the x86 family.
Each of the chips has extra transitors and instruction sets, so if you download a distro that was compile for your chip, it should, in theory, run better. Also, You have to meet the architecture number or older to use the distro to.
*fdisk utilities
There are several *fdisk programs around. Each has its problems and strengths. Try them in the order: cfdisk, fdisk, sfdisk.
cfdisk
Is a beautiful program that has strict requirements on the partition tables it accepts, and produces high quality partition tables. Use it if you can.
fdisk
Is a buggy program that does fuzzy things - usually it happens to produce reasonable results. Its single advantage is that it has some support for BSD disk labels and other non-DOS partition tables. Avoid it if you can.
sfdisk
The user interface is terrible, but it is more correct than fdisk and more powerful than both fdisk and cfdisk. Moreover, it can be used noninteractively. Is for hackers only.
cfdisk
Curses based disk partition table manipulator for Linux
cfdisk 2.11u Disk Drive: /dev/sda Size: 72802631680 bytes, 72.8 GB Heads: 254 Sectors per Track: 63 Cylinders: 8885
Name | Flags | Part | Type | FS Type | [Label] | Size (MB) |
---|---|---|---|---|---|---|
sda1 | Primary | Linux | ext3 | [/boot] | 106.51 | |
sda2 | Boot | Primary | Linux | ReiserFS | 70296.15 | |
Pri/Log | Free Space | 1319.08 | ||||
sda3 | Primary | Linux | swap | 1073.29 |
[Bootable][Delete][Help][Maximize][Print][Quit][Type][Units][Write]
fdisk
Partition table manipulator for Linux
fdisk -l Disk /dev/sda: 254 heads, 63 sectors, 8885 cylinders Units = cylinders of 16002 * 512 bytes
Device | Boot | Start | End | Blocks | Id | System |
---|---|---|---|---|---|---|
/dev/sda1 | 1 | 13 | 103981+ | 83 | Linux | |
/dev/sda2 | * | 14 | 8593 | 68648580 | 83 | Linux |
/dev/sda3 | 8755 | 8885 | 1048131 | 82 | Linux swap |
sfdisk
Partition table manipulator for Linux
sfdisk version 3.07 (aeb@cwi.nl, 990908) Usage: sfdisk [options] device ... device: something like /dev/hda or /dev/sda useful options: -s [or --show-size] :list size of a partition -c [or --id] :print or change partition Id -l [or --list] :list partitions of each device -d [or --dump] :idem, but in a format suitable for later input -i [or --increment] :number cylinders etc. from 1 instead of from 0 -uS, -uB, -uC, -uM :accept/report in units of sectors/blocks/cylinders/MB -T [or --list-types] :list the known partition types -D [or --DOS] :for DOS-compatibility: waste a little space -R [or --re-read] :make kernel reread partition table -N# :change only the partition with number # -n :do not actually write to disk -O file :save the sectors that will be overwritten to file -I file :restore these sectors again -v [or --version] :print version -? [or --help] :print this message dangerous options: -g [or --show-geometry] :print the kernel's idea of the geometry -x [or --show-extended] :also list extended partitions on output or expect descriptors for them on input -L [or --Linux] :do not complain about things irrelevant for Linux -q [or --quiet] :suppress warning messages You can override the detected geometry using: -C# [or --cylinders #] :set the number of cylinders to use -H# [or --heads #] :set the number of heads to use -S# [or --sectors #] :set the number of sectors to use You can disable all consistency checking with: -f [or --force] :do what I say, even if it is stupid
sfdisk -l Disk /dev/sda: 8885 cylinders, 254 heads, 63 sectors/track Units = cylinders of 8193024 bytes, blocks of 1024 bytes, counting from 0
Device | Boot | Start | End | #cyls | #blocks | Id | System |
---|---|---|---|---|---|---|---|
/dev/sda1 | 0+ | 12 | 13- | 103981+ | 83 | Linux | |
/dev/sda2 | * | 13 | 8592 | 8580 | 68648580 | 83 | Linux |
/dev/sda3 | 8754 | 8884 | 131 | 1048131 | 82 | Linux swap | |
/dev/sda4 | 0 | - | 0 | 0 | 0 | Empty |
lvmdiskscan
scan for all disks / multiple devices / partitions available
lvmdiskscan -- reading all disks / partitions (this may take a while...) lvmdiskscan -- /dev/sda1 [101.54MB] Primary LINUX native partition [0x83] lvmdiskscan -- /dev/sda2 [65.47 GB] Primary LINUX native partition [0x83] lvmdiskscan -- /dev/sda3 [1023.57 MB] Primary LINUX swap partition [0x82] lvmdiskscan -- 1 disk lvmdiskscan -- 0 whole disks lvmdiskscan -- 0 loop devices lvmdiskscan -- 0 multiple devices lvmdiskscan -- 0 network block devices lvmdiskscan -- 3 partitions lvmdiskscan -- 0 LVM physical volume partitions
hwscan
Show information about currently known hardware.
--list :show list of known hardware --cfg=state id :change 'configured' status; id is one of the ids from 'hwscan --list', state is one of new, no, yes --avail=state id :change 'available' status --need=state id :change 'needed' status --hw_item :probe for hw_item and update status info. hw_item is one of: cdrom, floppy, disk, mouse, gfxcard, monitor, network, sound, modem, printer, storage-ctrl, netcard, camera, isdn, tv, dvb, scanner, joystick, usb, pci, isapnp, framebuffer, keyboard, chipcard, braille, partition, usb-ctrl, sys, cpu, bios, bridge, hub, memory
hwscan --list vSkL.qRXhw9SR8eF: (cfg=new, avail=yes, need=no) bridge Intel PCI bridge x0Ln.orocOxRg9gF: (cfg=yes, avail=yes, need=no) network IBM NetXtreme BCM5703X Gigabit Ethernet JspL.4uf42CeQ14C: (cfg=new, avail=yes, need=no) unknown IBM 82870P2 P64H2 I/OxAPIC rdCR.lZF+r4EgHp4: (cfg=no, avail=yes, need=no) bios BIOS hgAj.CQxngn4zpw3: (cfg=new, avail=yes, need=no) unknown IBM Unclassified device T4wH.4uf42CeQ14C: (cfg=new, avail=yes, need=no) unknown IBM 82870P2 P64H2 I/OxAPIC rdCR.EY_qmtb9YY0: (cfg=yes, avail=yes, need=yes)monitor Generic Monitor vayM.pa4s74HebeD: (cfg=yes, avail=yes, need=no) usb controller IBM 82801DB USB (Hub #2) Ikk3.7IxpIoQ+NDC: (cfg=yes, avail=yes, need=yes)graphics card IBM Rage XL rdCR.CxwsZFjVASF: (cfg=no, avail=yes, need=no) memory Main Memory 1GTX.nlBMAx1EYtC: (cfg=yes, avail=yes, need=no) usb controller IBM 82801DB USB (Hub #1) W60f.AiiszuDFBEE: (cfg=new, avail=yes, need=no) sound IBM 82801DB AC'97 Audio rdCR.iWbWo71vw2C: (cfg=yes, avail=yes, need=yes) keyboard PC Keyboard sPPV.oZ89vuho4Y3: (cfg=yes, avail=yes, need=no) floppy Floppy Disk 3Okj.Jt1hg9mdkyE: (cfg=new, avail=yes, need=no) hub Hub BUZT.rA8dZcrCAA4: (cfg=new, avail=yes, need=no) bridge Intel 82801DB ISA Bridge (LPC) B3Fu.Jt1hg9mdkyE: (cfg=new, avail=yes, need=no) hub Hub ruGf.IWXKQ_Ne1vF: (cfg=new, avail=yes, need=no) unknown IBM Unclassified device wiDZ.Jt1hg9mdkyE: (cfg=new, avail=yes, need=no) hub Hub rdCR.n_7QNeEnh23: (cfg=no, avail=yes, need=no) system System yibb.g++hATXqKsF: (cfg=yes, avail=yes, need=yes) mouse Generic PS/2 Mouse dtXw.Y0ml26UcBkD: (cfg=yes, avail=yes, need=no) storage IBM ServeRAID 5i 4t_9.SWk4Ex6vaS2: (cfg=yes, avail=yes, need=no) disk IBM SERVERAID rdCR.xXVvziWR6cC: (cfg=yes, avail=yes, need=no) framebuffer ATI MACH64 MACH64GM B3Fu.zxRvAUHA3eD: (cfg=new, avail=yes, need=no) unknown American Power Conversion Back-UPS 350 FW: 5.5.I USB FW: c1 3p2J.Nei02VKmZT6: (cfg=no, avail=yes, need=no) storage IBM 82801DB ICH4 IDE nS1_.Kb0XA3A2UVB: (cfg=new, avail=yes, need=no) unknown IBM 82801DB SMBus qLht.HjLo1lfzn_F: (cfg=new, avail=yes, need=no) bridge IBM Host bridge Ozsp.gW_slCquqh5: (cfg=new, avail=yes, need=no) bridge Intel 82870P2 P64H2 Hub PCI Bridge YBzl.gW_slCquqh5: (cfg=new, avail=yes, need=no) bridge Intel 82870P2 P64H2 Hub PCI Bridge 08OF.wQq3lwZp4Y5: (cfg=yes, avail=yes, need=no) network 3Com 3C905C-TX Fast Etherlink for PC Management NIC 5YuN.yJAnkGqksw5: (cfg=yes, avail=yes, need=no) usb controller IBM 82801DB USB EHCI Controller _Znp.LsTRPkZ8g00: (cfg=new, avail=yes, need=no) bridge Intel PCI bridge rdCR.3wRL2_g4d2B: (cfg=no, avail=yes, need=no) storage Floppy disk controller 6NW+.ccU5FZC1tz2: (cfg=new, avail=yes, need=no) bridge Intel 82801BA/CA/DB PCI Bridge nBbg.74_e3eJ82F7: (cfg=yes, avail=yes, need=no) cdrom HL-DT-ST CD-ROM GCR-8480B
automount windows partitions
vi /etc/fstab /dev/hda5 /mnt/d vfat defaults,codepage=936,iocharset=cp936 0 0
auto synchronize time
vi /etc/crontab add line 00 0 1 * * root rdate -s time.nist.gov
or use xntp or use ntpdate (Debian package) In Switzerland you can use ntp.metas.ch which is the official swiss time server.
TAR
This is the command to create a tar archive named file.tar that contains file1, file2 and fileX
tar -cf file.tar directory1/file1 directory2/file2 directoryX/fileX
This is the command to list a tar archive named file.tar that contains file1, file2 and fileX
tar -tf file.tar #or tar --list --file=file.tar /this/is/a/directory/file1 #or tar --gzip --list --file=file.tgz /this/is/a/directory/file1
With all these commands you can use one (-v) or two (-vv) verbose options
tar -tvvf file.tar
DAT - TAPE (Backup)
#man mt #man tar #see SIRO_backup.sh in / #The device is /dev/st0 tar --list --verbose -f /dev/st0 mt --file=/dev/st0 status mt --file=/dev/st0 rewind mt -f /dev/st0 status #To go to 1 backup backward mt -f /dev/nst0 bsf 1 #To go to 1 backup forward: mt -f /dev/nst0 fsf 1<br>
File and Directory
listing files
ls -a (all) ls -l (long)
viewing files
cat #or more #or less </bash> ==== symbolic links ==== <code bash> #creat a link named prog that points to the actual file named prog.1.1 ln -s prog.1.1 prog #update the symbolic link to point to the new library ln -sf /lib/libncurses.so.5.4 /lib/libncurses.so.5
to read pdf file
xpdf shoot.pdf
to see the usage of harddisk
df -k df -h
to see the size of a directory
du -sh %dirname%
unzip
tar jxvf example.tar.bz2 tar zxvf example.tar.gz unzip example.zip compression utilities gzip garbage.txt gzip -l garbage.txt.gz #(get information on a gzipped file) gunzip garbage.txt.gz #(tar a directory mt) tar cvf mt.tar mt #(untar) tar xvf mt.tar #(tar and compress) tar zcvf mt.tar.gz mt #(extract and untar) tar zxvf mt.tar.gz
search a file in a multi-level directory
find -name filename.ext #or du -a | grep filename.ext #or updatedb locate filename.ext
redirection / pipes
ls /bin ~/binaries
#(sort the output of disk usage) du | sort -nr
#(use a second pipe) du | sort -nr | more
more aFile | grep aKeyword
./theExecutedSoft 2>&1 | tee log.txt </code> In this above command the stderr(2) output descriptor is redirected (>&) in the stdout(1) output descriptor. All this is finally piped to the tee function how allows to see both standard output to the screen and in the same time written in the file log.txt
changing owner, group and permissions
chown joe dir/ chmod +x header chmod -x header #(only assign execute permission to myself) chmod u+x header #(assign execute permission to both myself and the file's group) chmod ug+x header #(assign multiple types of permissions) chmod ug+rwx header
User | Group | Other | ||||||
---|---|---|---|---|---|---|---|---|
read | write | exec | read | write | exec | read | write | exec |
400 | 200 | 100 | 40 | 20 | 10 | 4 | 2 | 1 |
#(just give yourself read permission) chmod 400 header #(give everybody read permission) chmod 444 header #(give everybody read/exec permission) chmod 555 header #(rwxr-xr-x) chmod 755 header
X11 forwarding through SSH
In order to use X11 forwarding through ssh, you have to: on debian (server)
- apt-get install xbase-client
- in /etc/ssh/sshd_config → X11Forwarding yes
- Restart ssh daemon /etc/ssh restart
login to the server ssh -X -v -v -v root@xxx.xxx.xxx.xxx The triple -v is to obtain debug up to level 3 and -X is to enable X11forwarding to the client side but seems not be absolutely necessary to make the X11 tunnel working. You can now try “xclock &” included in the xbase-client package to test the X11 connection.
If you get an error such as
root@siro2:~# xclock _X11TransSocketINETConnect() can't get address for localhost:6013: Name or service not known Error: Can't open display: localhost:13.0
The main reasons of that can be (from linuxquestions.org):
- You should NEVER EVER login as root.
- You should REALLY REALLY use sudo(1) or su(1) when you need to run one command whith root privilege
Might be that ssh is doing the right thing and don't let you use X11 over ssh as root.
You should instead login as a normal user and configure the /etc/sudoers file with visudo to let your normal user accessing some files with sudo.
If you are login as a normal user and you have the same error, you may need to issue an
export DISPLAY="hostname:10.0"
before it works. You can also add this command in the user's .bashrc file.
If you put instead export DISPLAY=“127.0.0.1:10.0” the .Xauthority may be corrupted and the X redirection will not work and will display a warning such as: Warning: No xauth data; using fake authentication data for X11 forwarding. As soon as you got once this error, before trying another solution, you have to restart your Xserver (ctrl+alt+enter) to regenerate a trusted Xsession.
You can see wich are your actual Xauthority setting with:
xauth info xauth list
and if you need to add a new Xauthority to the .Xauthority file, you can issue:
xauth add `echo "${DISPLAY}" | sed 's/.*\(:.*\)/\1/'` . `mcookie`
Below is displayed the settings of the /etc/ssh_config which is the client configuration file:
Host * # ForwardAgent no # ForwardX11 yes # ForwardX11Trusted yes # RhostsRSAAuthentication no # RSAAuthentication yes # PasswordAuthentication yes # HostbasedAuthentication no # BatchMode no # CheckHostIP yes # AddressFamily any # ConnectTimeout 0 # StrictHostKeyChecking ask # IdentityFile ~/.ssh/identity # IdentityFile ~/.ssh/id_rsa # IdentityFile ~/.ssh/id_dsa # Port 22 # Protocol 2,1 # Cipher 3des # Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc # EscapeChar ~ # Tunnel no # TunnelDevice any:any # PermitLocalCommand no SendEnv LANG LC_* HashKnownHosts yes GSSAPIAuthentication yes GSSAPIDelegateCredentials no
And last, below is displayed the /etc/sshd_config file which is the configuration on the server side:
# What ports, IPs and protocols we listen for Port 22 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 768 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 PermitRootLogin no StrictModes yes RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords #PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server UsePAM yes
MySQL
/etc/init.d/mysql start/status/stop
Set the MySQL root password
PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER ! To do so, start the server, then issue the following commands:
/usr/bin/mysqladmin -u root password 'new-password' #or /usr/bin/mysqladmin -u root -h example.com password 'new-password'
Test the MySQL daemon
You can test the MySQL daemon with the benchmarks in the 'sql-bench' directory:
cd /usr/share/mysql/sql-bench perl run-all-tests
Default options are read from the following files in the given order: /etc/my.cnf /var/lib/mysql/my.cnf and ~/.my.cnf
Create a DB
In the below example, “intranet” is the name of your database.
mysqladmin -u root -p create intranet
Create a table
Create the tables using an example.sql file:
mysql -u root -p intranet < example.sql
See the content of the database
See the content of the intranet db
mysqlshow -u root -p intranet
Add Privileges to a database
mysql -u root -p intranet Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 96 to server version: 4.0.18 Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> GRANT ALL PRIVILEGES ON *.* TO "myDatabase"@"localhost";
CUPS
/etc/cups
cupsd.conf
(2 modifications)
# DocumentRoot: the root directory for HTTP documents that are served. # By default "/usr/share/doc/packages/cups". # DocumentRoot /usr/share/cups/doc/
<Location /admin> # You definitely will want to limit access to the administration functions. # The default configuration requires a local connection from a user who # is a member of the system group to do any admin tasks. You can change # the group name using the SystemGroup directive. AuthType BasicDigest AuthClass Group AuthGroupName sys ## Restrict access to local domain Order Deny,Allow Deny From All Allow From 127.0.0.1 Allow From 192.168.1.20 (sb-linux) Allow From 192.168.1.23 (sb-win) #Encryption Required </Location>
printers.conf
(below an example)
<Printer HP_Laserjet_6MP> Info B&W_Laser_Printer Location 1st_Floor/Room_215 DeviceURI socket://192.168.1.11 State Idle Accepting Yes JobSheets none none QuotaPeriod 0 PageLimit 0 KLimit 0 </Printer>
SOME ADVICES log: /var/log/cups/ daemon cupsd: /usr/sbin/cupsd (man cupsd) server = /usr/lib/cups/daemon/cups-lpd (in /etc/xinetd.d/cups-lpd)
Creating root access (by default cups will have no user and pw) lppasswd -g sys -a root #this command will allow you to login as root for administration task in cups
restart the server siro:/etc/init.d # ./cups restart Shutting down cupsd done Starting cupsd done
For probleme with the lp command, see below: when I want to print with lp or lpr I always get the following errormsg: lp: error - scheduler not responding! or lpr: error - scheduler not responding! By the way, cups prints its testpage correctly, only lp® doesn't work! What can I do?
These “lp” and “lpr” commands or for CUPS, they work only with running CUPS daemon (the scheduler) or with a remote CUPS server specified in /etc/cups/client.conf. If you want to use LPD or LPRng, you need the appropriate “lpr” and/or “lp” executables.
FTP
vsftpd: (man vsftpd) The vsftpd FTP server serves FTP connections. It uses normal, unencrypted usernames and passwords for authentication. vsftpd is designed to be secure.
daemon configuration file: /etc/vsftpd.conf (man vsftpd.conf) daemon location: /usr/sbin/vsftpd
/etc/xinetd.conf
service ftp { #server_args = -a #log_on_success += DURATION USERID #log_on_failure += USERID #nice = 10 socket_type = stream protocol = tcp wait = no user = root server = /usr/sbin/vsftpd instances = UNLIMITED }
At this time I don't understand every options in this service (TODO)
/etc/vsftpd.conf
# Local FTP user Settings # # Uncomment this to allow local users to log in. local_enable=YES # # Default umask for local users is 077. You may wish to change this to 022, # if your users expect that (022 is used by most other ftpd's) local_umask=022 # # Uncomment to put local users in a chroot() jail in their home directory after login. chroot_local_user=YES # # Set to NO if you want to disallow the PASV method of obtaining a data connection. # Note: if this setting is disabled, windows stations will not be able to login. pasv_enable=YES
- changing local_umask=077 to 022 allows users (for example the xerox scanner) to put in the directory (for example /server/printers/xerox/NETSCAN.XSM/) the scanned files with the rights 744 (see man umask to understand the umask settings) instead of 700. The NETSCAN.XSM directory is set to 770 and is owned by xerox.users
- The vsftpd daemon has to be restarted with /etc/init.d/xinetd restart
NFS
Example to connect NeXT computers (This example is with SuSe):
Server
In YaST → Network Services → NFS Server : Start NFS Server (go next) Set Directories to: /server/public/NeXT_Data_Server Set Hosts wildcard to: * Set Options to: rw, root_squash, sync (if set to rw the directory is set as read-write; if set ro ro the directory is set ro read-only)
chmod 777 /server chmod 777 /server/public chmod 777 /server/public/NeXT_Data_Server (This part may also work with other folder rights if users are logged in. But this part has to be completed)
Client
Open a terminal on a NeXT computer: NextApps → Terminal.app
- cd /etc (where all services are located as the function ” mount” …)
- vi /etc/hosts and add eg. “192.168.1.22 siro”
- as root: cd /etc
mount -t nfs siro:/server/public/NeXT_Data_Server /Users/iro/siro_projects
or 3b) NextAdmin -> NFSManager.app
in the window named “/- Imported Directories” add… server name: siro; Remote Directory: /server/public/NeXT_Data_Server; Set; Mount Point: /Users/iro/siro_projects (This setting will mount automatically the directory during the startup process) - NextAdmin → UserManager.app (login as root) User → open … select: iro and change the pw to iroiro and confirm the pw. (this setting should allow the user to login to the NFS server if special settings are made on the shared directory)
SAMBA
Connection error
If a user can not login normally on the XP computer:
- printers can not be add correctly (error 5 given by Kixtart - rights error)
- Users can simply not loggin on the computer (windows says pw error!)
I dont know exactly the reason of that but it seems that is caused by a sid error or something like this. To get right of this problem we have to clean the user profile.
- Loggoff the user witch as the problematic profile
- mv /server/profile/“theProblematicProfile/” /server/profile/“theProblematicProfile.bck”/
- mkdir /server/profile/“theNewProfileDirectory”/
- chmod and chown
- To resolve this you can either:
- Logon on a machine where the user does not yet has a saved profile with is username and pw to recreate a “clean” profile or
- Logon to the machine usually used by the user as local/administrator
- Suppress the local copy of profiles: My Computer -> properties -> Advanced -> UserProfiles…
- settings: remove all profiles except local\administrator
- regedit the registry and suppress everything about the user (make some searches with specific keywords)
- Restart the computer
- login as network\administrator (to install and reset the registry with clean values - see kixtart script)
- logoff
- login as the user to recreate a “clean” profile
- logoff the user
- On the server copy all relevant/interesting folders/data as favorites; Desktop; Application Data … mail and others; check the MyDocument folder; …
- chmod / chown on this folders
- Done… and the user can loggin back on computers and everything should be ok.
mapping a windows group to a UNIX/LINUX group
net groupmap add ntgroup=“Users” UNIXgroup=users net groupmap list
pour recuperer vos anciens profils, il faut les migrer de l'ancien SID vers le nouveau comme ceci:
- les mettre sur le serveur en mode itinerant (c'est mieux avec samba au depart pour la migration
- partager le dossier comme necessaire (voir la doc de samba sur les profils)
- une fois tous les profils sur le serveur disons dans le dossier /users dans chaque dossier utilisateur /user/user1, /users/user2 etc… vous trouverez le fichier ntuser.dat (la ruche HKEY_CURRENT_USER). Le probleme c'est qu'elle contient les SID de l'ancien compte or le domaine SAMBA possede son propre SID qui est different de celui de l'ancien domaine de rattachement du profil.
donc la marche a suivre est la suivante :
- vous creez les users dans samba: smbpasswd etc…
- vous recuperez le SID de l'utilisateur
- pdbedit -Lv user1 et cherchez la ligne SID (sous l forme S-X-……)
ensuite c'est simple, profiles ntuser.dat va vous afficher plein de lignes cherchez le SID dedans et faite un remplacement comme ceci:
- profiles ntuser.dat OLDSID NEWSID sur les PC
- ensuite dans document and settings supprimez TOUS les profils sur toutes les machines correspondants a ceux que vous avez envoyé sur le serveur.
- y a plus qu'a vous logguer et vous n'aurez plus de dossier sous la forme User.DOMAINE
inetd / xinetd
all ports are listed in /etc/services
/var/log/xinetd.log /etc/xinetd.conf /etc/xinetd.d/
starting the xinetd daemon: sudo /etc/init.d/xinetd start/stop/restart restart xinetd daemon to take in acount the new configuration (This is an old method)
su ps -u root | grep xinetd (get PID of xinetd) kill -s SIGUSR1 "PID of xinetd"
Now you can simply /etc/init.d/xinetd restart/reload
nmap / xnmap
test open ports on an given host nmap / xnmap (==nmapfe) (from package nmap-gtk which is a nmap frontend) example: nmap localhost
Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-09-17 11:52 CEST Interesting ports on localhost (127.0.0.1): (The 1652 ports scanned but not shown below are in state: closed)
PORT | STATE | SERVICE |
---|---|---|
22/tcp | open | ssh |
25/tcp | open | smtp |
80/tcp | open | http |
111/tcp | open | rpcbind |
139/tcp | open | netbios-ssn |
445/tcp | open | microsoft-ds |
901/tcp | open | samba-swat |
Nmap run completed – 1 IP address (1 host up) scanned in 0.356 seconds
to scan the complete network: 192.168.1.0/24 (/24 is equivalent to the subnet mask 255.255.255.0. The calculation is 8bits + 8bits + 8bits + 0bits = 24bits )
netstat
I'don't know now what it does… netstat -acntu
nmblookup
return the ip adresse given a machineName
- nmblookup “machineName”
an equivalent on windows is nbtstat (nbtstat -a “machineName”)
findsmb
return all smb client/server in the lan
nslookup / dig / host
return the domaine name given the ip and vice-versa
ifconfig
returns the actual settings on localhost (to be used as SU)
e-mail settings: /etc/postfix/ :This directory containes the majors email configurations files /etc/aliases :This is the aliases file - it says who gets mail for whom. /usr/lib/postfix/ :this directory contains all binaries that are used by an email software /usr/lib/sendmail /usr/sbin/sendmail
Referer
Other:
- before configuration, stop network: ifdown eth0
or
- /etc/init.d/network stop
- verify the network module is loaded by issuing /sbin/lsmod
- activate the eth0 by issuing ifup eth0
or
- /etc/rc.d/init.d/network start
/etc/resolv.conf (dns server)
- name server 151.201.0.39 # same as the DNS servers IP in windows ipconfig
/etc/host.conf
- order hosts, bind
- multi on
/etc/hosts
- 127.0.0.1 localhost loopback
- 192.168.0.1 this.host.name
hostname:
- /etc/sysconfig/network
change IP address permanently
- ifconfig eth0 %newip%
- vi /etc/sysconfig/network-scripts/ifcfg-eth0 (change ip)
Shell
shells
- echo $SHELL (what my shell is)
- chsh (change shell)
Useful keys and how to set them to work
- stty -a (to check the list of the current terminal settings)
- stty erase ^H
- stty kill ^U
- unset var_name
csh
- setenv var_name var_value
- unsetenv var_name
Using EMACS
- exit: CTRL+XC
- help: CTRL+H
- open file: CTRL+XF (or new file)
- save file: CTRL+XS
- save as: CTRL+XW
Repaint screen
- CTRL+l (lowcased L)
Undo last edit(can be repeated)
- CTRL+/(CTRL+SHIFT+MINUS)
#Redo last
to abort any control or escape sequence
- CTRL+G
move cursor to line beginning
- CTRL+A
move cursor to line end
- CTRL+E
to mark block beginning
- CTRL+@
cutting the block
- CTRL+W
pasting the block(can also paste the clipboard from other program)
- CTRL+Y
copy the block
- ESC+W
delete from cursor to line end
- CTRL+K
C-s search the document forward for string you name C-r search the document backward for string you name
CVS
remote cvs if using ssh (bash/) To set an environment variable in sh or ksh, use the syntax VAR=value;export VAR, where VAR is the name of the environment variable and value is the value you wish to assign. Do not put spaces on either side of the equals sign. The export command instructs the shell to propagate the value of the variable to all programs that are run by the shell. If an environment variable is reset, but not exported, the change will only apply to the shell itself.
[root@localhost root]# CVS_RSH=ssh [root@localhost root]# export CVS_RSH [root@localhost root]# echo $CVS_RSH
using csh
[root@localhost root]# setenv CVS_RSH ssh
cvs checkout
cvs -d :ext:%username%@%server_domain%:%cvs_root_directory% checkout %modulename%
cvs KEY LETTERS
- P: the file has been updated. The P is shown if the file has been added to the repository in the meantime or if it has been changed, but you have not made any changes to this file yourself.
- U: You have changed this file in the meantime, but nobody else has.
- M: You have changed this file in the meantime, and somebody else has checked in a newer version. All the changes have been merged successfully.
- C: You have changed this file in the meantime, and somebody else has checked in a newer version. During the merge attempt, conflicts have arisen.
- ?: CVS has no information about this file - that is, this file is not under CVS's control.
Adding action in right clic
kde
for one specific user add in
- ~/.kde/share/apps/konqueror/servicemenus
or for all users add in
- /usr/share/apps/konqueror/servicemenus
a file named openassu.desktop that contains:
[Desktop Entry] ServiceTypes=inode/directory,inode/directory-locked Actions=openassu [Desktop Action openassu] Name=Open as Root Name[fr]=Ouvrire en temp que root Name[de]=Als root offnen Icon=kfm Exec=kdesu "konqueror --profile filemanagement %U"
or another file named runassu.desktop that contains:
[Desktop Entry] ServiceTypes=application/x-executable,application/x-shellscript,application/x-python,application/x-perl Actions=runassu [Desktop Action runassu] Name=Run as Root Name[fr]=Executer en temp que root Name[de]=Als root ausfhren Name[cs]=Spustit jako root Icon=kfm Exec=kdesu -c
gnome
Add in directory ~/.gnome2/nautilus-scripts/ a file named “Open\ as\ root” that contains:
!/bin/sh openas-root: #nautilus script for opening the selected files as superuser (uid=0), #utilizing the appropriate applications. for uri in $NAUTILUS_SCRIPT_SELECTED_URIS; do gnome-sudo "gnome-open $uri" & done
for more information see: http://ubuntuguide.org/#openfilesasrootviarightclick
Installing/Upgrading Software
upgrading software
ldd /usr/bin/X11/xterm (list the shared libraries on which a given executable depends)
using RPM
- rpm -i SuperFrob-4.i386.rpm (install a new package)
- rpm -U SuperFrob-4.i386.rpm (update a package that is already installed)
- rpm -e SuperFrob-5 (uninstall)
- rpm -q SuperFrob (find the version number of an installed package)
- rpm -qa (get a list of all installed package)
- rpm -qf /usr/bin/dotherpb (find out to which package a file belongs)
- rpm -qi gcc (display information about the specified package)
- rpm -qpl SuperFrob-5.i386.rpm (show the files that will be installed for the specified package file)
using DEB
- deb file:/cdrom/ sarge main
- deb http://mirror.switch.ch/ftp/mirror/debian/ stable main
- deb-src http://mirror.switch.ch/ftp/mirror/debian/ stable main
- deb http://claws.sylpheed.org/debian/ unstable main
- deb-src http://claws.sylpheed.org/debian/ unstable main
- deb http://security.debian.org/ stable/updates main contrib non-free
Hardware
to eject cd tray
eject -r
Programming
debug core file
gdb <programe> <core>
ERRORS
GTK-WARNING XXX:Cannot open display
Question
I'm compiling wxGTK on Redhat Linux 6.1: the following are my step when compiled wxGTK:
- ./configure
- make
- make install
- ldconfig
then edit /etc/ld.so.conf and add /usr/local/lib then I tried to compile calendar application:
- make -f makefile.unx
when i run calendar application error happend: GTK-WARNING XXX:Cannot open display. What should i do ?.
Answer
I see 3 cases :
- You are not directly log on the computer where you run the programme (you do a rlogin or a telnet), in this case you have to set the DISPLAY variable to your computer display (export DISPLAY=mycomputeur.mydomain.org:0) on the remote computer and the X-Server must accept connection from this host (ugly autorisation with xhost : xhost +theremotecomputeur, right config with Mit-Magic-Cookie).
- You log as user1, and after that you do a su and try to run the program as root. In this case the Xserver is the property of user1 and you try to access it as root, so it refused the connection. solution: run the programme as user1 (good one), or log as root (bad one).
- Last you dont have an xserver on the computer.
I think in your case the most probable is the 2)