Admin 2008 -->
Admin 2008 -->
WARNING!! If you install Linux/GRUB on or via your working default Windows system (Primary drive = hda or sda = C:) to a pendrive or other system drive/partition, make a copy of the Primary drives Master Boot Record incase of a mistake installing GRUB and overwriting the Win mbr etc.
Use: # dd if=/dev/sda of=/mbr bs=512 count=1
to copy and...Use: # dd if=mbr of=/dev/hda bs=1 count=64 skip=446 seek=446
to write it backThis is the WinNT cmd line for dd-0.5 that copies from the unmounted hidden partition0 on a Vista pc:
dd.exe if=\\?\Device\Harddisk0\Partition0 of=\\.\d:/mbr bs=512 count=1
Save yourself a LOT of time and aggro! You can at least revive your Windows by booting a live distro (RescueCD, Knoppix etc.) and pendrive mbr copy etc. should you overwrite the MBR. Remember, XP, Vista, Win7 NTFS partitions will NOT allow using DOS :>fdisk /mbr to write their mbr, only their own version recovery tool (DOS based utilities cant overwrite NTFS)!! If you dont have an original install DVD you cannot use fixmbr/bootsect.exe by pressing F8 at boot, which will be the case mostly now for systems with a D2D recovery partition or just a recovery DVD to factory defaults. You cannot rely on gpart -W /dev/sda /dev/sda to read and re-write the guessed partitions correctly and it will not overwrite a GRUB mbr. (I learned the hard way!!). Its a good idea to have copies of all pcs mbr's anyway in case of a boot sector virus.
Linux History, Overview and Basic Cmds.pdf
My Key (easily forgotten) Linux Commands
#ddclient -query (tells you your current dynamic IP address - ddclient for updating Apache webserver via www.dyndns.com
Learn VIM!!! Or another non-X windows text editor like Nano etc.
# apt-get install vim
# vimtutor
You can open a file at specific word using # vi +/"word" /file.txt
First some general Linux Concepts:Browser keys/shortcuts
Ctrl-T for new tab and in Linux, Ctrl + or - to magnify/shrink text; F3 for Find tab/next Find; F5 to refresh page
RSYNC and RSNAPSHOT
http://www.thegeekstuff.com/2009/08/tutorial-backup-linux-using-rsnapshot-rsync-utility/#rsnapshot configtest (tests /etc/rsnapshot.conf)
#rsync --dry-run -e ssh --verbose --progress --stats --compress --recursive --times --perms --links --delete --exclude "/sys" --exclude "/dev" --exclude "/proc" --exclude "*bak" /* user@remoteserver.com:backupfolder (..Notice the --dry-run option to just test the transfer without actually sending files. Note also the --delete option to delete any files in the remote location that no longer exist on the local server. Finally note the -e ssh to ensure the transfer is actually secuaqua. Once you are happy the process is working simple remove the --dry-run)
To backup a whole linux system for example, where a backup drive is on the same system and mounted under the root directory so that recursive copying can occur (as in mirrordir) you need to exclude the copying of the mounted backup drive, and also the /tmp and /proc directories if you want to use the backup to resurrect a whole system from scratch in the event of a system failure. You will have to add the /proc, /homes/* (for user cached junk) and /tmp directories as empty for the new system, as on a live system, the contents wont relate to the new system and may cause boot problems for /tmp and /process files that wont exist on a new system at boot. Try to copy the whole root dir / then copy that backup to a new drive and activate this as a cloned system after the appropriate GRUB MBR install. I have done this succesfully with mirrordir but had to manually stop the recursive copying of the mounted copy to drive by watching the output with mirrordir -vr, but this is not ideal, so I found the -X exclude switch in the man docs, but havent tried it yet...rsync has this option so unwanted recursive copying can be prevented with the --exclude /mounted_drive_for_copy switch. Try:Secure rsync server backups.html
#rsync -vr --times --stats --progress //from_this_server/share-dir username@to_server:shaaqua_dir (verbose, recursive dirs/files synchronised copy to/from other pc, using --e ssh or not)
#rsync -vr --times --stats --progress /mnt1/dir/* /mnt2/dir/ (Note the star here else rsync will copy the whole /dir/ and you get /mnt2/dir/dir; also NOTE the single -vr and --times etc.!)
#route add -net default gw x.x.x.x (sets the default gateway for pc with static IP set via #ifconfig - can be automated at boot by adding gateway=x.x.x.x to /etc/network/interfaces file)
GREP EXAMPLES PAGE
- c counts no occurrences of pattern
-l lists filenames only that contain .pattern.
-n lists line numbers with lines
-v list all BUT lines containing .pattern.
-h omits filenames when searching multiple files
-fx display entire line matched (fgrep)
Define a string as a variable:
# stg = steve edwards
# grep $stg /filename
char* matches zero or more instances of char
char. matches any single character
[pqr] matches singles chars p,q or r
[cl-cL] matches ASCII range
[!pqr] matches single chars that are NOT p,q or r
^pattern matches pattern at start of line
pattern$ matches pattern at end of line
char\{m} matches m instances of char
char\{m,n\} matches m-n range of instances of char
ls -a /share/ | grep "^f" (find a file in /share beginning with "f")
fdformat.txt
ls -a /share/ | grep "[^f]^f" (find a file in /share NOT beginning with "f" - NOTE diff meanings of ^ inside [ie NOT = ] or outside the []s), ie ^=start of line..!
........trunc.............
DWDM.rar
Edwards1, S 14.xls
Edwards2, S 14.xls
Edwards, Steve.xls
EmailCoverLetter.doc
eRecovery
GpartMBR_files.....trunc..
root@compaqdeb:~# ls -a /share/ | grep "e\{2,\}" (match a min of 2 occurences of e [ie "ee"] in filenames in /share)
Alcatel CIT - Timesheet & EXP 2007_Book_Blank.xls
Alcatel CIT - Timesheet & EXP 2007.xls
C band - Wikipedia, the free encyclopedia_files
Like solving crosswords..? Use the "." for a single character match of 5 letter words starting with c and ending with h: # grep " \ < c...h \ > " /usr/share/dict/words
NOTE: because of formating of special shell chars (ie ! $ ^ < > \ * etc.) in VIM that you type this search WITHOUT the spaces on the CMD line!! If you want to display lines containing the literal dot character, use the -F option to grep (= # fgrep). Also as a curious aside, how many words are in this dictionary..? Use # wc -l /usr/share/dict/words --> 98569 /usr/share/dict/words
Note the above line can use the start of line char "^" also so is = # grep "^c...h\>" /usr/share/dict/words
catch
clash
cloth
coach
couch
cough
crash
crush
You can also OP the contents of a whole file like using #cat by finding ALL the chars in a file eg: #grep '.*' /etc/passwd
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
...trunc...Also, my grep OP is colorised aqua for easy result view from editing the .bashrc file in home dir, and adding grep = grep -r as an alias, as other examples given
MORE PATTERN MATCHING EXAMPLES..
DMESG (gives debug info of current startup events) and Notices
# dmesg
or can be read/searched directly from file: # vi /var/log/dmesg
Edit /etc/syslog.conf removing the # on the news, debug and notice /dev/tty8 lines as below to show system notices, like info on a newly plugged USB stick etc. Press Ctrl-Alt-F8 to see tty8.
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#daemon,mail.*;\
news.=crit;news.=err;news.=notice;\
*.=debug;*.=info;\
*.=notice;*.=warn /dev/tty8
The following command will list all the files in the system greater than 100MB.
# find / -type f -size +100M
Mirrordir
mirrordir is a DANGEROUS command because files or directories that exist in mirror that don't exist in control are deleted. If control is entirely empty, then all files and directories in mirror will be deleted. If mirror is entirely empty, then all files and directories in control will be copied.#mirrordir -v /source_dir /destination_dir (mirrors, copies recursively, an exact clone of a directory/whole OS, great for cloning an installed Linux OS to transfer to 2nd pc. Dont forget the -v so you can see when the copy copies itself when mounted dir is on on same disk, Ctrl-C to abort as usual to stop prog)
Networking
ifconfig eth0 10.0.0.1 netmask 255.0.0.0
# vi /etc/network/interfaces (edit with vim, the net conf file for static ip or dhcp
# The loopback network interface
auto lo
iface lo inet loopback
auto eth1
iface eth1 inet static
address 192.168.1.10
netmask 255.255.255.0
gateway 192.168.1.1
#mount -t smbfs //server/share /dir (mounts a XP/Vista share on Linbox via Samba. Note, Vista security requires Netcard having Netbios, port 139 enabled in Properties/Advanced/WINS tab)
#mount -t cifs //server/share /dir -o username=user (Note: this CIFS [Common Inet File Sys] format now supercedes SMBFS to mount a XP/Vista share on Linbox via Samba. Note, Vista security requires Netcard having Netbios, port 139 enabled in Properties/Advanced/WINS tab)
#netstat -an | grep ssh (searches for string with particular number associated eg for seeing connection state info on a network service eg ssh/apache2 service connected or listening, [also use # nmap 127.0.0.1] )
unix 2 [ ACC ] STREAM LISTENING 6987 /var/run/apache2/cgisock.2685
#nmap -PO x.x.x.x (uses varied pings to try penetrate a stealthed IP)
#tcpdump -vv eth0 ( 2 Vs - puts netcard into promiscuous listening mode to view, Very Verbosely, bcast address info, eg to find a lost subnet addr on a preconfiguaqua net device with no reset to default button)
#socat (netcat on steroids supposedly - look into this...)
socat The General Bidirectional Pipe Handler.mht
# socat - TCP:localhost:www,crnl (fetches whole webpage.html after 2 way pipe is open and GET / typed)
GET /
#Ctrl A/E (move cursor to start/end of cmd line [cisco IOS also!])
#Ctrl S (halts fast scrolling OP, Ctrl Q to resume)
#Ctrl u (deletes cmd line)
#Ctrl u (deletes cmd line)
#Ctrl c (Kills running program - maybe Ctrl z,f,m or Delete for diff sys )
#vim .bashrc (edits user .bashrc file using vim editor to get colourisation for ls -al and grep listings etc.)
#pwgen (generates 8 digit passwords of varying complexity)
#man pwgen (manual page for program... if it exists..or try "info")
FOLDER and FILE PERMISSIONS
There are 2 formats to change perms using # chmod - text and numeric - eg: # chmod g+r,o-rx /file.name which adds a read permission for Groups, and removes read and execute perms for Others. To change all categories in one go, use a (All) eg # chmod a+w /file = chmod ugo+w /file
First, view a files current attribs: # ls -ld /file.txt
-rw-r--r-- 1 root root 417416 2008-12-21 00:06 /file.txt
This shows a normal file, not a folder (no d at start), with rw- attribs for users; r-- read only for Groups; r-- read only for Others; Number of links a file has (1); owner (root); group (root); actual filesize in bytes B (417kB) [sector = 1kB = 2 x blocks of 512B]); date then time of creation
The numerical permissions work in 3 blocks of 3 in order of User, Group, Others in order resp. to a maximum sum of 7 per category (ie max attribute of 777 per file/dir = drwxrwxrwx for all Users, Groups and Others and the d refers to a directory) where 7 = rwx and is the sum of write(2) and execute(1) added to read (4) , so an attrib of 3 (=2+1) gives an attrib of write and execute permissions to a category eg chmod 733 /file gives Users drwx------ (1+2+4) privelege, Groups d----wx--- (ie 3=2+1), and Others d-------wx (ie 3=2+1 also) for a complete file perm of drwx-wx-wx to /file. So the numbers 0 - 7 give the 8 possible permissions: r,w,x,rw,rx,wx,rwx and null (0) = ----------
Try chmod 000 /testfile then look with # ls -ld to see, going through all numbers 100,200,300..700 to see the changes on the User attribs
Apt
#apt-get install linux-image* (lists all available image names for current architecture, i386, AMD64 etc. can search any packages using wildcard * like this also)
#apt-get install knemo (config via Control Panel for taskbar network icons and info)
#apt-cache pkgnames | sort > pkgs.txt (outputs all the 30000 odd package names available for install on Debian, pipes output via sort to list them alphabetically, and saves list as a textfile)
#apt-cache pkgnames | wc -l (pipes packagenames via word count with a -l line switch to give a total count of all packages, = 30107 for this kernel version)
#uname -a (gives full kernel version info = Linux t5500 2.6.26-1-686 #1 SMP Thu Oct 9 15:18:09 UTC 2008 i686 GNU/Linux)
Secure Copy
#scp ~/.ssh/id_rsa.pub username@remoteserver.com:.ssh/auth_keys (secure copy of public keys to remote server .ssh/auth_keys file to enable passwordless logins/transfers via rsync)
Re: Could not load host key: ..., but keys exist.
On 19 Mar, 17:17, Simon Tatham wrote:
I re-generated them in this way:
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
when prompted for password, I typed custom password.
How do you expect sshd to load the keys without knowing that passphrase?
The host keys should be generated _without_ a passphrase, because otherwise sshd can't load them.
(In principle you could instead tell sshd the passphrase, but in practice (a) no sshd I've heard of supports this mode of use, and (b) it wouldn't be a security improvement anyway since the passphrase would have to be stoaqua on disk.)
#vi /etc/syslog.conf (edit syslog.conf and add line: local7.debug /var/log/enterprise.log
This allows logging info from a Cisco/WinServer to be logged by Debian in the enterprise.log. The Cisco IOS device has to be configd with:
# config term
# logging
# logging trap (3,4,7 level etc.)
# service timestamps log datetime
# logging on
When done, stop the syslogd server with #/etc/init.d/syslogd stop
Restart with #syslogd -r (listens for remote log info.)
GRUB
First create/format partitions types with #cfdisk or fdisk etc. and make bootable. Format partition with # mkfs.vfat /dev/sda1 or other mkfs.ext2 etc.
grub-probe -d /dev/sdb1 (finds fs type for this partition eg ext2)
#update-grub (re-reads drive parameters, device maps etc.)
#grub-mkdevicemap (writes to /boot/grub/device.map)
#grub-install hd0 (writes GRUB to mbr of hd0 - or should do?!!)
grub-install --root-directory=/boot hd0 (writes GRUB to mbr of hd0 after reading data from root-directory=/boot of current system drive
grub>kernel /vmlinuz root=/dev/sda1 ro vga (to boot manually from grub loader menu, by pressing Esc key at GRUB menu. Can also edit each menu line with "E" key, then boot with "B")
grub>help
grub>find /sbin/init (use TAB completion)
grub>find /vmlinuz
Install Grub to a drive # grub
grub>root (hd1,0) [reads grub stages files from correct root dir]
grub>setup (hd2) [writes grub data from (hd1,0) above, to new drive (hd2) bootsector 0
grub>quit
Making a Full GRUB Boot Floppy (manual file copy)
[root@mydesk root]# mkfs -t ext2 -c /dev/fd0u1440
[oroot@mydesk root]# umount /dev/fd0
[root@mydesk root]# umount /dev/fd0u1440 (formats a 1.4MB floppy with ext2 fs)
[root@mydesk root]# mkdir /mnt/test
[root@mydesk root]# mount /dev/fd0u1440 /mnt/test
[root@mydesk root]# mkdir -p /mnt/test/boot/grub
[root@mydesk root]# cp -v /boot/grub/stage1 /mnt/test/boot/grub (copies requiaqua GRUB files to fd0 boot dir)
[root@mydesk root]# cp -v /boot/grub/stage2 /mnt/test/boot/grub
[root@mydesk root]# chmod a-w /mnt/test/boot/grub/stage2 (changes attribs to disallow write perms to All ie Users,Groups and Others for stage2 editing perhaps? Presumably this is to stop a menu edit with the E key becoming permanent..and is the default for a Linux system install of GRUB
umount /dev/fd0u1440
Making a Full GRUB Boot Floppy (auto, [same method for hardrives also] using GRUB binary itself)
[root@mydesk root]# grub
grub> root (fd0)
grub> setup (fd0) [writes to fd0 mbr sector 0]
grub> quit
GRUB to Boot Floppy mbr (using DD)
#dd if=/stage1 of=/dev/fd0 bs=512 count=1 (create a GRUB floppy by cd into /usr/lib/grub/i386-pc/ where bs = block size in MB then follow with: #dd if=/stage2 of=/dev/fd0 bs=512 seek=1 )
Start of File Attributes Stuff------------------------------------------------------------------------------------------------------------------------
General Admin,File, ls listings with Grep and Word Count, and Sys/Linux info
root@compaqdeb:~# file /pkgs.txt /bin/vdir (tells file types of each file)
/pkgs.txt: ASCII PL/1 program text
/bin/vdir: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shaaqua libs), for GNU/Linux 2.6.8, stripped
od - dump files in octal and other formats (can take std input "od - " or from files)
hi there
0000000 064550 072040 062550 062562 000012
0000011
comm /f1 /f2 (compare two sorted files line by line)
this file has changes
this is the original
cmp - compare two files byte by byte
/test.txt /test2.txt differ: byte 6, line 1
diff (compare two files line by line)
1,2c1,2
< this is the original
< this is line 2
> this file has changes
> this is also line 2
How many binaries in /bin../sbin../usr/bin.../usr/sbin etc.?
ls -al /bin/ | wc -l (the -l switch for wc is for "lines")
99
ls -al /sbin/ | wc -l
150
ls -al /usr/sbin/ | wc -l
302
ls -al /usr/bin/ | wc -l
1975
The Famous Sticky Bit - the t Attribute(file security; see Perms section)
COURTESY WIKIPEDIA:
The sticky bit is an access-right flag that can be assigned to files and directories on Unix systems.
History
The sticky bit was introduced in the Fifth Edition of Unix in 1974 for use with pure executable files. When set, it instructed the operating system to retain the text segment of the program in swap space after the process exited. This sped up subsequent executions by allowing the kernel to make a single operation of moving the program from swap to real memory. Thus, frequently-used programs like editors would load noticeably faster. One notable problem with "stickied" programs was replacing the executable (for instance, during patching); to do so requiaqua removing the sticky bit from the executable, executing the program and exiting to flush the cache, replacing the binary executable, and then restoring the sticky bit.
Currently, this behavior is only operative in HP-UX, NetBSD, UnixWare, and Mac OS X. Solaris appears to have abandoned this in 2005.[citation needed] The 4.4-Lite release of BSD retained the old sticky bit behavior but it has been subsequently dropped from OpenBSD (as of release 3.7) and FreeBSD (as of release 2.2.1); it remains in NetBSD.
No version of Linux has ever supported the traditional behavior.Of what?? Keeping the text part in swap? Linux uses the t bit somehow, as seen from the /tmp dir listings below..?
Usage
The most common use of the sticky bit today is on directories, where, when set, items inside the directory can be renamed or deleted only by the item's owner, the directory's owner, or the superuser; without the sticky bit set, any user with write and execute permissions for the directory can rename or delete contained files, regardless of owner. Typically this is set on the /tmp directory to prevent ordinary users from deleting or moving other users' files. This feature was introduced in 4.3BSD in 1986 and today it is found in most modern Unix systems.
In addition, Solaris (as of Solaris 2.5) defines special behavior when the sticky bit is set on non-executable files: those files, when accessed, will not be cached by the kernel. This is usually set on swap files to prevent access on the file from flushing more important data from the system cache. It is also used occasionally for benchmarking tests.
The sticky bit is also set by the automounter to indicate that a file has not been mounted yet. This allows programs like ls to ignore unmounted remote files.
The s and t Attributes
There are two special bits in the permissions field of directories. They are:
* s - Set group ID
* t - Save text attribute (sticky bit) - The user may delete or modify only those files in the directory that they own or have write permission for.
# ls -al /usr/bin/v4l-conf
-rwsr-xr-x 1 root root 15272 2007-12-18 20:43 v4l-conf
The /tmp directory is typically world-writable and looks like this in a listing:
drwxrwxrwt 13 root root 4096 Apr 15 08:05 tmp
We can find files that have the t attrib set using the "special" start of line character "^" and the "." to match any individual char. We know that /tmp has some files/directories with the t bit set and the t is the 10th char from the start of file in an # ls -al listing, so using that, then filtering with grep for just the 10th char we get:
compaqdeb:~# ls -al /tmp/ | grep "^.........t"
drwxrwxrwt 9 root root 4096 2009-08-09 23:02 .
drwxrwxrwt 2 root root 4096 2009-08-09 17:51 .font-unix
drwxrwxrwt 2 root root 4096 2009-08-09 17:54 .ICE-unix
drwxrwxrwt 2 root root 4096 2009-08-09 17:54 .X11-unix
Similarly, to find files only using a particular last character in the listing, use the special char "$". eg all files, as above, ending in "x":
compaqdeb:~# ls -al /tmp/ | grep "x$"
drwxrwxrwt 2 root root 4096 2009-08-09 17:51 .font-unix
drwxrwxrwt 2 root root 4096 2009-08-09 17:54 .ICE-unix
drwxrwxrwt 2 root root 4096 2009-08-09 17:54 .X11-unix
We can extend this principle in many ways, eg use diff listing parameters of # ls to give different starting characters ot a file/dir, and filter accordingly. Showing the -sh = fileSize in Human readable format of / gives (truncated):
It shows that softlinks like /cdrom occupies only 11 bits disk space, and have an l for link as an attrib; or you could filter for large files in the GB range grepping the G as 4th char, or ending in iso etc..
compaqdeb:~# ls -alsh /
total 16G
4.0K drwxr-xr-x 37 root root 4.0K 2009-08-09 18:03 .
4.0K drwxr-xr-x 37 root root 4.0K 2009-08-09 18:03 ..
4.0K drwxr-xr-x 2 root root 4.0K 2008-12-16 23:43 amd64d
4.0K drwxr-xr-x 2 root root 4.0K 2009-02-18 14:29 bin
4.0K drwxr-xr-x 3 root root 4.0K 2009-05-28 17:35 boot
108K -rw-r--r-- 1 root root 102K 2009-08-08 19:41 Brittany.htm
12K drwx------ 1 root root 12K 2009-08-07 15:24 bup
0 lrwxrwxrwx 1 root root 11 2008-12-05 18:16 cdrom -> media/cdrom
4.0K drwxr-xr-x 2 root root 4.0K 2009-08-05 21:05 cpaqD
0 drwxr-xr-x 13 root root 3.8K 2009-08-10 10:37 dev
32K drwxr-xr-x 15 root root 32K 1970-01-01 01:00 Efat32
4.0K drwxr-xr-x 3 root root 4.0K 2008-12-05 19:06 emul
12K drwxr-xr-x 107 root root 12K 2009-08-10 10:37 etc
4.2G -rw-r--r-- 1 root root 4.1G 2009-08-08 21:34 gil.iso
4.0K drwxr-xr-x 3 root root 4.0K 2008-12-05 19:09 home
0 lrwxrwxrwx 1 root root 30 2008-12-08 17:14 initrd.img -> boot/initrd.img-2.6.26-1-amd64
See how mounting the /gil.iso file on /mnt using # mount -o loop /gil.iso /mnt shows the strange User and Group attribs to just a large filesize number and not root:
compaqdeb:~# ls -alsh /mnt/
total 12K2.0K dr-xr-xr-x 5 4294967295 4294967295 184 2006-05-14 11:14 .
4.0K drwxr-xr-x 37 root root 4.0K 2009-08-09 18:03 ..
2.0K dr-xr-xr-x 2 4294967295 4294967295 40 2006-05-14 14:06 AUDIO_TS
2.0K dr-xr-xr-x 2 4294967295 4294967295 196 2006-05-14 14:14 JACKET_P
2.0K dr-xr-xr-x 2 4294967295 4294967295 1.2K 2006-05-14 14:14 VIDEO_TS
Other attribs worth noting are b for Block devices, which are the actual physical device (eg floppy drive) representation when mounted in the filesystem tree, (highlighting that Unix systems treat everything as a "virtual" file of some sort within the tree); and "special" devices. attrib c eg other non block devices like memory etc. Note the dvd and dvdrw names linked to the same actual block device hdc.
crw-rw---- 1 root root 10, 63 2009-08-10 10:36 cpu_dma_latency
drwxr-xr-x 5 root root 100 2009-08-10 10:36 disk
crw-rw---- 1 root audio 14, 9 2009-08-10 10:37 dmmidi
crw-rw---- 1 root audio 14, 3 2009-08-10 10:37 dsp
lrwxrwxrwx 1 root root 3 2009-08-10 10:36 dvd -> hdc
lrwxrwxrwx 1 root root 3 2009-08-10 10:36 dvdrw -> hdc
lrwxrwxrwx 1 root root 13 2009-08-10 10:37 fd -> /proc/self/fd
brw-rw---- 1 root floppy 2, 0 2009-08-10 10:36 fd0
crw-rw-rw- 1 root root 1, 7 2009-08-10 10:36 full
brw-rw---- 1 root disk 3, 0 2009-08-10 10:36 hda
-----------------------------------------------------------------------------------------------------------------END ATTRIB STUFF
cat -n /xpkgs.txt (adds line numbers to file contents)
1 x11-apps
2 x11-common
3 x11perf
...trunc..
#locate (alt. to #find - filename or partial filename)
#find / -type f -empty#invoke (alternative to /etc/init.d/service start|stop|restart)
#tar -xvf filename.tar (recursively unpacks a tarball file
WIFI wpa_supplicant
#wpa_passphrase essid-name wpa-password > /etc/wpa_supplicant/wpa_supplicant.conf (creates a basic wpa conf file), then run:
#wpa_supplicant -Dwext -iwlan0 -c/etc/wpa_supplicant/wpa_supplicant.conf
(where -D is the standard linux wireless extensions driver, wext; -i is the name of wifi card (wlan0, ath0 etc.); and -c is the conf file.) May need to add:
key_mgmt=WPA-PSK
proto=WPA
pairwise=TKIP
to conf file inside of nest brackets if no connection to Access Point.
So, a basic wpa.conf file may look like:
ctrl_interface=/var/run/wpa_supplicant
#0,1 or 2
ap_scan=0
#allows root
ctrl_interface_group=0
#AP dependent EAPOL frame drop fault
#eapol_version=1
network={
ssid="linksys"
#hex only passwd="abcdef1234"
psk=007aca04beffb195c12dee8a15682053f77f1342713af0d0e87db8141f4cbe86
proto=WPA
key_mgmt=WPA-PSK
pairwise=CCMP TKIP
priority=2
eap=TLS
}
NOTE: a 10 digit hex password is a 40 bit secure psk; a 26 digit hex password eg "abcdef1234abcdef1234abcdef" is a 120 bit secure psk, and what can be input depends on the security capabilities of the ADSL wifi router/modem
Check yourself - run # wpa_passphrase linksys abcdef1234
and you should get 007aca04beffb195c12dee8a15682053f77f1342713af0d0e87db8141f4cbe86 as part of the output.
Get example wpa_conf_files here
#kill -9 pid (pid = process ID, will terminate a locked running process, find via #ps -aux)
Image Mounting
#mount -o loop /share/cruzer.img /mnt/ (mount an image file at /mnt of a pendrive in the same way as an .iso file using the loop function - create initial .img file with #dd if=/dev/sdc1 of=/share/cruzer.img - note that dd requires the device name not the mounted device folder name same as of=/dev/cdrom above)
NETCAT
#netcat -v -w 1 localhost -z 1-3000 (netcat as port scanner - initially found in /etc/alternatives/netcat in Lenny, copy it to /usr/sbin)
g:/nc.exe -lp 1337 > file.zip (nc as ftp receiver on port 1377, pc B, listening)
g:/nc.exe -w 1 x.x.x.x_pc_A 1337 < file.zip (netcat as ftp server now sending on port 1337, pcA to pcB / dir - COOL!!!. Ports close on end file transfer.)
Using pv to give visual progress sending a file, first set listening/receiving pc, #netcat -lp 4444 | pv | > /Efat32/Vids/Ivette.iso
cat /iod/Ivette/Ivette.iso | pv | netcat 10.0.0.1 4444
3.06GB 0:05:49 [9.63MB/s] [ <=> ]
No auto EOF termination using cat (process not closing automatically) for file transfers that are ok up to 7.8GB
Netcat Chat Server
Have you ever needed an improvised one-on-one chat? Netcat can do that too. You simply start listening to connections on some port like this:
#nc.exe -lp 1337 (Then on another machine simply connect to that port:)
#nc.exe x.x.x.x_pcA 1337 (Now start typing on either machine. When you press enter, the line will immediately show up on the other machine)
Netcat Telnet Server
Netcat can also be used to set up a telnet server in a matter of seconds. You can specify the shell (or for that matter any executable) you want netcat to run at a successful connection with the -e parameter:
#nc.exe -lp 1337 -e /bin/bash
On windows you can use:
nc.exe -lp 1337 -e cmd.exe (to run netcat on Vista, run cmd as Admin, cd to netcat dir, and add to anti-virus exceptions at pop up box. Run >nc.exe -lp 1337 etc )
Then on a client machine simply connect to port 1337 and you will get full access to the shell, with the permissions of the user who ran nc.exe on the Win server.
Cloning Hard Drive Partitions Over the Network (umounted partition requiaqua to write to remember as dd writes to devices ONLY
dd if=/dev/sda | netcat 192.168.0.1 9000
netcat -l -p 9000 | dd of=/dev/sda
Of course you need to have the cloned partitions unmounted on both systems. So if you are cloning / you will have to boot from a live distro like Knoppix. Note that you can use this technique to clone NTFS partitions as well - just need to use a live Linux distro on both sides.
NTP port 123, SNTP port 583
apt-get install ntp ntpdate (this will enable Net Time Prot sync for pc and will also server other pcs/Cisco. When installed run $ ntpdate-debian to auto setup the local timeservers - EASY! Note the low end Cisco units only run SNTP but will still get time/date from an NTP server.
Partition Expansion
Use gparted from bootable Rescue CD (http://www.sysresccd.org/Main_Page) as drives need to be unmounted. I deleted adjacent partition (2) when Debian server ran out of diskspace (1), and grew it into now available (2) space. At cmd, run $startx and at DTop rclick and choose app.This .iso fits on a 1GB pendrive also.Get Gentoo based Rescue.iso from here
Swap partition problem after expansion "could not stat resume device /dev/sda3 - as sda3 was deleted and is now part of old NTFS sda2..Try..
swapoff /dev/sda2
mkswap /dev/sda2
swapon /dev/sda2
dpkg-reconfigure uswsusp (and if all that fails..)
apt-get remove uswsusp
Partition Expansion and Sparse Files, DD (disk dump)
#dd if=/name.iso of=/dev/cdrom bs=1M (copy and convert filetypes eg here copies filetype .iso and burns it to cd, Note: a cd has a bs of 2M but optimum write speed for dd is 1M. Can also copy/convert floppies/thumbdrives to .img files etc. see #man dd)
# dd if=/dev/sda of=/mbr bs=512 count=1 (backup a drives MBR)
1+0 records in
1+0 records out
512 bytes (512 B) copied, 0.017877 s, 28.6 kB/s
Optimal remote backups with rsync over Samba.htm
Sparse files are files whose real allocation needs are fulfilled only when data are written inside them. If you try to read from places you haven't written before, you get zeroes - and these zeroes don't really occupy any space in your hard drive. If only one sector of data (512 bytes) gets written at some offset inside a sparse file, then a sector is all the sparse file will reserve from the filesystem - not the size reported by the filesystem!
All that is requiaqua to create a 150GB sparse file under Windows is this: (From within a Cygwin command prompt) dd if=/dev/zero of=BigFile bs=1M count=1 seek=150000 This command will execute in 1 second, and it will only reserve 1MB of real hard drive space. Real storage will grow as needed, when data are written inside BigFile.
CDRW using WODIM
#wodim /file.iso (this is suficient to burn an iso to default cdrw device, auto found by wodim.
compaqdeb:~# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda1 78536808 32642564 42702776 44% /
tmpfs 126540 0 126540 0% /lib/init/rw
udev 10240 80 10160 1% /dev
tmpfs 126540 0 126540 0% /dev/shm
/dev/sda4 35285584 20624352 14661232 59% /Efat32
compaqdeb:~# gpart -W /dev/sdx /dev/sdx (guess partitions and/or backup/re-write lost MBR [the -W switch] back to /dev/sdx after partitions have been guessed correctly - HOPEFULLY!)
gpart may be of some help when the primary partition table was lost or destroyed but it can under no circumstances replace proper disk/partition table backups. To save the master boot record (MBR) including the primary partition table to a file type.
dd if=/dev/hda of=/mbr bs=512 count=1 (saves mbr to / filesystem)
exchanging /dev/hda with the block device name of the disk in question. This should be done for all disks in the system. To restore the primary partition table without overwriting the MBR type
dd if=/mbr of=/dev/hda bs=1 count=64 skip=446 seek=446
Warning: make sure that all parameters are typed as shown and that the disk device is correct. Failing to do so may result in severe filesystem corruption. The saved file should be stoaqua in a safe place like a floppy disk.
CLI Magic: Salvage lost partitions with gpart By Mayank Sharma on October 23, 2006 (8:00:00 AM)
Lost CD/DVD in Vista due to gears drivers etc. in incompatible burner app/Acoustica
Step 1: Start Registry Editor
Step 2: Delete the UpperFilters registry entry
In Registry Editor, expand My Computer, and then expand HKEY_LOCAL_MACHINE Expand SYSTEM, and then expand CurrentControlSet. Expand Control, and then expand Class. Under Class, click {4D36E965-E325-11CE-BFC1-08002BE10318}. In the details pane of Registry Editor, on the right side, click UpperFilters.
Note You may also see an UpperFilters.bak registry entry. You do not have to remove that entry. Click UpperFilters only.If you see the UpperFilters registry entry in the details pane of Registry Editor, go to step 6.
If you do not see the UpperFilters registry entry, you still might have to remove the LowerFilters registry entry. To do this, go to "Step 3: Delete the LowerFilters registry entry." If you see the UpperFilters registry entry in the details pane of Registry Editor, go to step 6. If you do not see the UpperFilters registry entry, you still might have to remove the LowerFilters registry entry. To do this, go to "Step 3: Delete the LowerFilters registry entry." On the Edit menu, click Delete.
Click Yes when you receive the following message: Are you sure you want to delete this value? The UpperFilters registry entry is removed.
aptitude install linux-headers-$(uname -r) build-essential
mount -t cifs //server/share /mnt --verbose -o user=username (NOTE this is the replacement mount command for Sambas SMBFS command which is obsolete in Lenny!)
compaqdeb:~# host amd64 10.0.0.138
Using domain server: Name: 10.0.0.138 Address: 10.0.0.138#53 Aliases: amd64.lan has address 10.0.0.31 Host amd64.lan not found: 3(NXDOMAIN)
id stevee
uid=1000(stevee) gid=1000(stevee) groups=1000(stevee),20(dialout),24(cdrom),25(floppy),29(audio),44(video),46(plugdev)
nl /etc/samba/smb.conf
numbers lines in a file and shows contents
reset (resets terminal init to clear screen, same as #setterm -reset)
compaqdeb:~# cat > /test.txt
steve (followed by Ctrl-D to close)
compaqdeb:~# vi /test.txt
steve
compaqdeb:~# rev /test.txt
evets
#top (shows running processes)
click HERE
for top output example
wall (writes a msg to all users term windows [but not an Xwindow], end with Ctrl-D, or send file content: # wall < /file.txt)
compaqdeb:~# tty
/dev/pts/1
compaqdeb:~# users (shows all currently logged on users, except root session when root is logged in to SuperUserMode Terminal in X, only when in tty1-6 non X)
root stevee
w (list all logged on users and their processes)
compaqdeb:~# w
19:39:40 up 8:36, 1 user, load average: 1.09, 1.09, 1.11
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
stevee :0 - 11:40 ?xdm? 12:27 0.30s -:0
#whereis java (locates the binary, source, and manual page files for a command)
java: /usr/share/java
compaqdeb:~# bing 90.36.72.95 195.92.195.94 (bandwidth measuring app between 2 hosts- note 195.92.195.94 is the DNS of Orange uk and handy to remember for an alternate, and a web access/ping test)
BING 90.36.72.95 (90.36.72.95) and 195.92.195.94 (195.92.195.94)
44 and 108 data bytes (1024 bits)
195.92.195.94: 706.207Kbps 1.450ms 1.416016us/bit
195.92.195.94: 410.421Kbps 2.495ms 2.436523us/bit
195.92.195.94: 913.470Kbps 1.121ms 1.094727us/bit
195.92.195.94: 866.328Kbps 1.182ms 1.154297us/bit
195.92.195.94: 896.673Kbps 1.142ms 1.115234us/bit
195.92.195.94: 907.801Kbps 1.128ms 1.101562us/bit
195.92.195.94: 906.195Kbps 1.130ms 1.103516us/bit
195.92.195.94: 896.673Kbps 1.142ms 1.115234us/bit
195.92.195.94: 689.562Kbps 1.485ms 1.450195us/bit
^C
--- 90.36.72.95 statistics ---
bytes out in dup loss rtt (ms): min avg max std dev
44 199 199 0% 0.620 1.159 5.151 0.626
108 199 199 0% 0.639 1.348 3.833 0.577
--- 195.92.195.94 statistics ---
bytes out in dup loss rtt (ms): min avg max std dev
44 199 199 0% 43.459 45.361 47.622 0.782
108 198 198 0% 44.963 47.185 51.944 0.874
--- estimated link characteristics ---
host bandwidth ms
195.92.195.94 689.562Kbps 42.838
compaqdeb:~# faillog
Login Failures Maximum Latest On
root 1 0 08/04/09 15:32:35 +0200 pts/1
stevee 0 0 01/08/09 11:28:47 +0100 tty1
Remove unused services at startup - eg Exim
Services booting are found in /etc/rc*.d and can be prevented from starting by changing their name, eg:
# mv -v /etc/rc2.d/S20exim /etc/rc2.d/_S20exim
amd64:~# last stevee (this filters the contents of /var/log/wtmp since the file was created, eg here filters info on user stevee
stevee pts/2 Tue Aug 4 18:55 - 18:57 (00:01)
stevee pts/2 Tue Aug 4 18:55 - 18:55 (00:00)
stevee :0 Tue Aug 4 18:45 still logged in
stevee :0 Mon Aug 3 19:49 - down (02:53)
stevee :0 Sun Aug 2 21:52 - down (00:20)
stevee :0 Sun Aug 2 19:16 - down (00:04)
stevee :0 Sun Aug 2 19:03 - down (00:06)
stevee :0 Sun Aug 2 13:00 - down (00:26)
stevee :0 Sun Aug 2 12:46 - crash (00:14)
stevee :0 Sun Aug 2 11:39 - down (00:34)
stevee :0 Sun Aug 2 10:38 - down (00:07)
compaqdeb:/home/stevee# lastlog
Username Port From Latest
root pts/0 amd64 Tue Aug 4 19:28:49 +0200 2009
daemon **Never logged in**
bin **Never logged in**
sys **Never logged in**
sync **Never logged in**
games **Never logged in**
man **Never logged in**
lp **Never logged in**
mail **Never logged in**
news **Never logged in**
uucp **Never logged in**
proxy **Never logged in**
www-data **Never logged in**
backup **Never logged in**
list **Never logged in**
irc **Never logged in**
gnats **Never logged in**
libuuid **Never logged in**
Debian-exim **Never logged in**
statd **Never logged in**
identd **Never logged in**
stevee pts/0 amd64 Tue Aug 4 21:30:34 +0200 2009
messagebus **Never logged in**
debian-xfs **Never logged in**
avahi **Never logged in**
haldaemon **Never logged in**
saned **Never logged in**
festival **Never logged in**
sshd **Never logged in**
clamav **Never logged in**
ntp **Never logged in**
logcheck **Never logged in**
apt-get install sendemail
sendEmail -t stevepedwards@gmail.com -f joeblow@spoofed.com -cc stevepedwards@gmail.com -xu stevepedwards -xp password -s smtp.gmail.com:587
No -m option takes text body from STDIN:
firewall:~# sendEmail -f stevepedwards@gmail.com -t stevepedwards@gmail.com -u test -s smtp.gmail.com:587 -xu stevepedwards -xp password -m helo me
Jun 28 23:15:49 firewall sendEmail[1575]: Email was sent successfully!
Or pipe a file into the above eg:
cat /textfile.txt | sendEmail -t stevepedwards@gmail.com -f joeblow@spoofed.com -cc stevepedwards@gmail.com -xu stevepedwards -xp password -s smtp.gmail.com:587
Fetchmail using Exim4 with Gmail
First, start Exim4 if not already running:
# /etc/init.d/exim4 start
# apt-get install fetchmail
# login stevee
# vi .fetchmailrc (create .fetchmailrc, then paste below config info into users file):
poll pop.gmail.com
proto POP3
user "uname"
password "password" (note:omitting this line makes FMail ask for password when run, so not to keep in PLAINTEXT in this file)
keep (retains all mail on server after download)
options ssl (not neccessarily requiaqua - depends on mailserver security)
sslcertck sslcertpath /home/stevee/.certs/
Create the .certs dir:
# mkdir .certs
Gmail now provides users with a free 7GB+ mailbox for storing all their mail. There are 3 main interfaces to access their mail, the main one being http (web) access, the others being IMAP & POP3. The thing that is quite unique is that Gmail only allows SSL connections for POP3 (port 995) & SMTP (587).
Requirements:
Gmail configuaqua to allow pop3 mail downloading for your account: Settings => Forwarding and POP in your Gmail web account.
openssl
fetchmail with SSL support If you are not sure if your fetchmail has SSL support, check for something like libssl.so.0 with:
ldd /usr/bin/fetchmail (prints shaaqua library dependencies)
linux-gate.so.1 => (0xffffe000)
libcrypt.so.1 => /lib/libcrypt.so.1 (0xb7fb7000)
libresolv.so.2 => /lib/libresolv.so.2 (0xb7fa2000)
libssl.so.0.9.7 => /usr/lib/libssl.so.0.9.7 (0xb7f71000)
libcrypto.so.0.9.7 => /usr/lib/libcrypto.so.0.9.7 (0xb7e6e000)
libc.so.6 => /lib/libc.so.6 (0xb7d56000)
libdl.so.2 => /lib/libdl.so.2 (0xb7d52000)
/lib/ld-linux.so.2 (0xb7feb000)
The .certs dir now needs the SSL (Secure Sockets Layer) certificate data:
# openssl s_client -connect pop.gmail.com:995 -showcerts
stevee@compaqdeb:~$ openssl s_client -connect pop.gmail.com:995 -showcerts
CONNECTED(00000003)
depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc./CN=pop.gmail.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc./CN=pop.gmail.com
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc./CN=pop.gmail.com
verify error:num=21:unable to verify the first certificate
verify return:1
---Certificate chain
0 s:/C=US/ST=California/L=Mountain View/O=Google Inc./CN=pop.gmail.com
i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
-----BEGIN CERTIFICATE-----
MIIC3TCCAkagAwIBAgIDCDijMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0 aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDcxMDI1MTc1MzE2WhcNMDkxMjI0MTg1MzE2 WjBoMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMN TW91bnRhaW4gVmlldzEUMBIGA1UEChMLR29vZ2xlIEluYy4xFjAUBgNVBAMTDXBv cC5nbWFpbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAO03QxerFKZV 8yeomuL4zSl8Pr7hMWnKMMgp/CwhwadeBmL0LQHHbjL/6z/Z59ZQvrztqkwhchA2 APKzUwRVTyn7Shx6vBqk6oFmTqoOLmY6hbq6l8uVdUv0AfbHwio8CnLpK2+nbuFl flPwx1DH0E3grD8+CrH5SmScfTWbDkcXAgMBAAGjga4wgaswDgYDVR0PAQH/BAQD AgTwMB0GA1UdDgQWBBTJRG/OFpZt+BV43JM3NshHMjpwazA6BgNVHR8EMzAxMC+g LaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxzL3NlY3VyZWNhLmNybDAf BgNVHSMEGDAWgBRI5mj5K9KylddH2CMgEE8zmJCf1DAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQEFBQADgYEAOKr3mhxtwFCS3J6lbeaf 3KrHKi935BZkI75sRbON+hog0t2ovcM2i7fxs3xneH8USLsHgfxNBj9tkMogMK/K sO/NUVZ/IfyqcNNkp2619qTQXthKRH42JKpAKgNhT1bdno3pxn+eDEpqmU3CE7IP HDCjWOK1fGkZ/yFAuTxuxAc=
-----END CERTIFICATE-----
---Server certificate
subject=/C=US/ST=California/L=Mountain View/O=Google Inc./CN=pop.gmail.com
issuer=/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---No client certificate CA names sent
---SSL handshake has read 883 bytes and written 300 bytes
---New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : RC4-MD5
Session-ID: 2448AEFCF53A1EDE591AE51622A58B562AE40660ACB580605F8A340987F63AE5
Session-ID-ctx:
Master-Key: 3EAB42A1F6EFA7E65456E5E180ADFC010D5EA511580E696FF948EF01C63C18674EADADF54A85BD76EC3DF7510F7920C1
Key-Arg : None
Start Time: 1249905701
Timeout : 300 (sec)
Verify return code: 21 (unable to verify the first certificate)
---+OK Gpop ready for requests from 90.15.134.78 7pf7618242mup.1
read:errno=0
You have new mail in /var/mail/stevee
Copy everything from (and including) the -----BEGIN CERTIFICATE----- to the -----END CERTIFICATE-----, and save it in your new .certs directory as 'gmail.pem'.
Now we need the Gmail auth certificate "equifax.pem" and put it in the .certs dir also:
wget -O equifax.pem https://www.geotrust.com/resources/root_certificates/certificates/Equifax_Secure_Certificate_Authority.cer
Now that we have both certificates stoaqua in .certs/ we just need to rehash them so SSL (and fetchmail) can read and use them:
# c_rehash .certs/
Doing .certs/
gmail.pem => 7f549ca4.0
equifax.pem => 594f1775.0
To confirm we have the correct and working certificates, let us make an SSL connection to the Gmail server testing our 2 new certificates:
openssl s_client -connect pop.gmail.com:995 -CApath .certs/
......trunc..HDCjWOK1fGkZ/yFAuTxuxAc=
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google Inc./CN=pop.gmail.com
issuer=/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---No client certificate CA names sent
---SSL handshake has read 883 bytes and written 300 bytes
---New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : RC4-MD5
Session-ID: 80C9136F72F28D6E1C7CCA5496F060D3C19B8424BE11B4618738D8CEDC127F85
Session-ID-ctx:
Master-Key: 163EE4A02FA1FBB1645AA1D28649E18C72BD86F487510E1365A9A126F4A93C93F7EF1A08C980035AE5F56CA90814071A
Key-Arg : None
Start Time: 1249908861
Timeout : 300 (sec)
Verify return code: 0 (ok)
---+OK Gpop ready for requests from 90.15.134.78 e17pf5391652fke.24
OK, looks good "+OK Gpop ready for requests.."
Now we can try to get mail..
# fetchmail -d0 -vk pop.gmail.com
..where -d runs fetchmail in daemon mode - you must specify a numeric argument which is a polling interval in seconds; 0 overrides any daemon value set in .fetchmailrc; -v is verbose; -k is keep = Dont delete messages from server) and we get:
fetchmail: 6.3.9-rc2 querying pop.gmail.com (protocol POP3) at Mon 10 Aug 2009 15:11:29 CEST: poll started
Trying to connect to 209.85.129.111/995...connected.
fetchmail: Issuer Organisation: Equifax
fetchmail: Unknown Issuer CommonName
fetchmail: Server CommonName: pop.gmail.com
fetchmail: pop.gmail.com key fingerprint: 44:A8:E9:2C:FB:A9:7E:6D:F9:DB:F3:62:B2:9E:F1:A9
fetchmail: POP3< +OK Gpop ready for requests from 90.15.134.78 f31pf5425029fkf.8
fetchmail: POP3> CAPA
fetchmail: POP3< +OK Capability list follows
fetchmail: POP3< USER
fetchmail: POP3< RESP-CODES
fetchmail: POP3< EXPIRE 0
fetchmail: POP3< LOGIN-DELAY 300
fetchmail: POP3< X-GOOGLE-VERHOEVEN
fetchmail: POP3< UIDL
fetchmail: POP3< .
fetchmail: POP3> USER stevepedwards
fetchmail: POP3< +OK send PASS
fetchmail: POP3> PASS *
fetchmail: POP3< +OK Welcome.
fetchmail: POP3> STAT
fetchmail: POP3< +OK 325 162319949
fetchmail: POP3> LAST
fetchmail: POP3< -ERR Not supported
fetchmail: Not supported
fetchmail: POP3> UIDL
fetchmail: POP3< +OK
fetchmail: POP3< 1 GmailId1115ff04753a1bef
fetchmail: POP3< 2 GmailId1116fba7846d0b3
...trunc...fetchmail: ...POP3< 324 GmailId11a8b32f40c9f9a2
fetchmail: POP3< 325 GmailId11a8babae6eb519b
fetchmail: POP3< .
325 messages for stevepedwards at pop.gmail.com (162319949 octets).
fetchmail: POP3> LIST 1
fetchmail: POP3< +OK 1 685
fetchmail: POP3> RETR 1
fetchmail: POP3< +OK message follows
reading message stevepedwards@gmail-pop.l.google.com:1 of 325 (685 octets)
Trying to connect to 127.0.0.1/25...connection failed.
fetchmail: connection to localhost:smtp [127.0.0.1/25] failed: Connection refused.
Trying to connect to ::1/25...connection failed.
fetchmail: connection to localhost:smtp [::1/25] failed: Connection refused.
fetchmail: SMTP connect to localhost failed
fetchmail: POP3> QUIT
fetchmail: POP3< ets
fetchmail: SMTP transaction error while fetching from stevepedwards@pop.gmail.com and delivering to SMTP host localhost
fetchmail: 6.3.9-rc2 querying pop.gmail.com (protocol POP3) at Mon 10 Aug 2009 15:11:30 CEST: poll completed
fetchmail: Query status=10 (SMTP)
fetchmail: normal termination, status 10
We can see that smtp failed on port 25, localhost because Exim4 not configd to receive mail properly yet...later..but the POP3 query to pop.gmail.com was fine, read inbox contents of 325 mesgs..will try POP at orange.fr..(no SSL) also
In the meantime,
AND THIS FETCHMAIL PAGE....and read the man page re -S host option!
Configuring Exim4 To Receive Mail From pop.gmail.com Via Fetchmail:
EXIM (a potential setup nightmare it seems! 3000 odd line conf file, written in Klingon by Vulcans! ..ridiculous it seems..However..A basic working setup using # dpkg-reconfigure exim4-config is enough to accept mail locally from Fetchmail. To send mail via smtp, see below GmailAndExim4 page.
dpkg-reconfigure exim4-config (writes to /etc/exim4/update-exim4.conf.conf)
If your ISP blocks outgoing port 25 connections, you will probably want to tell your SMTP server to listen on a port other than 25. For some reason, there is no clear documentation of how to do this on the web. Here it is.
On Debian exim4, the easiest way to do this is not to change your exim4 config, but edit /etc/default/exim4 to change the commandline options used to start the server:
# options for daemon listening on port 25 and port 587
SMTPLISTENEROPTIONS='-oX 587:25'
Commands for checking port 25 open/listening - in my case, nothing so it seems Exim4 is not listening, but not surpprising as I had Exim4 set to NOT auto run at boot in /etc/rc2.d. So: # /etc/init.d/exim4 start
OK - cause I had dicked around in conf. files and removed # from av scanner, clamav stuff etc. exim would not run:
compaqdeb:~# /etc/init.d/exim4 start
Starting MTA:2009-08-10 20:55:55 Exim configuration error in line 126 of /var/lib/exim4/config.autogenerated.tmp:
main option "av_scanner" unknown
I deleted /var/lib/exim4/config.autogenerated.tmp but on restart it returned! I had to find the files Id changed in /etc/exim4/... and replace the 2 #s I had removed from 2 files and restart. Exim then showed "ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken failed!" so I had to clear /var/log/exim4/paniclog and save empty. Exim4 restarted ok and now we can see all is as it should be using these commands as root for checking :
lsof -i :25 (list open files: An open file may be a regular file, a directory, a block special file, a character special file, an executing text reference, a library, a stream or a network file (Internet socket, NFS file or UNIX domain socket.)
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
exim4 6215 Debian-exim 4u IPv4 25121 TCP compaqdeb.local:smtp (LISTEN)
exim4 6215 Debian-exim 6u IPv4 25123 TCP localhost:smtp (LISTEN)
netstat -plant | grep ':25 ' (Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships)
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2237/exim4
tcp 0 0 192.168.1.10:25 0.0.0.0:* LISTEN 2237/exim4
ps aux | grep exim (greps that the exim process itself is running)
101 6215 0.0 0.1 46828 1016 ? Ss 10:35 0:00 /usr/sbin/exim4 -bd -q30m -oX 587:25
Note the SMTPLISTENEROPTIONS='-oX 587:25' ports listening I set above in /etc/default/exim4
I should be able to telnet to these ports also..
telnet 127.0.0.1 25
telnet 127.0.0.1 587
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 compaqdeb ESMTP Exim 4.69 Tue, 11 Aug 2009 11:09:59 +0200
?
500 unrecognized command
help
214-Commands supported:
214 AUTH HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP
Success with both ports!
So now to check if it talks to Fetchmail..IT DOES!! LESSON: dont dick with conf files UNTIL the defaults are working so you know what you changed that stopped it and, though usually very tedious, read the man pages first for an overview of processes involved
elisabeth@compaqdeb:~$ fetchmail -vk
fetchmail: 6.3.9-rc2 querying pop.orange.fr (protocol POP3) at Mon 10 Aug 2009 21:26:42 CEST: poll started
Trying to connect to 80.12.242.14/110...connected.
fetchmail: POP3< +OK connected to pop3 on 2a19
fetchmail: POP3> CAPA
fetchmail: POP3< -ERR unknown command
fetchmail: unknown command
fetchmail: Repoll immediately on elisabeth.olds@pop.orange.fr
Trying to connect to 80.12.242.60/110...connected.
fetchmail: POP3< +OK connected to pop3 on 2f06
fetchmail: POP3> USER elisabeth.olds
fetchmail: POP3< +OK name is a valid mailbox
fetchmail: POP3> PASS *
fetchmail: POP3< +OK user exist with that password
fetchmail: POP3> STAT
fetchmail: POP3< +OK 1 2760
fetchmail: POP3> LAST
fetchmail: POP3< +OK 0
1 message for elisabeth.olds at pop.orange.fr (2760 octets).
fetchmail: POP3> LIST 1
fetchmail: POP3< +OK 1 2760
fetchmail: POP3> RETR 1
fetchmail: POP3< +OK Message follows
reading message elisabeth.olds@pop.orange.fr:1 of 1 (2760 octets)
Trying to connect to 127.0.0.1/25...connected.
fetchmail: SMTP< 220 compaqdeb ESMTP Exim 4.69 Mon, 10 Aug 2009 21:26:44 +0200
fetchmail: SMTP> EHLO compaqdeb
fetchmail: SMTP< 250-compaqdeb Hello elisabeth at localhost [127.0.0.1]
fetchmail: SMTP< 250-SIZE 52428800
fetchmail: SMTP< 250-PIPELINING
fetchmail: SMTP< 250 HELP
fetchmail: SMTP> MAIL FROM:
fetchmail: SMTP< 250 OK
fetchmail: SMTP> RCPT TO:
fetchmail: SMTP< 250 Accepted
fetchmail: SMTP> DATA
fetchmail: SMTP< 354 Enter message, ending with "." on a line by itself
#***fetchmail: SMTP>. (EOM)
fetchmail: SMTP< 250 OK id=1MaaW4-0001da-Jg
not flushed
fetchmail: POP3> QUIT
fetchmail: POP3< +OK
fetchmail: SMTP> QUIT
fetchmail: SMTP< 221 compaqdeb closing connection
fetchmail: 6.3.9-rc2 querying pop.orange.fr (protocol POP3) at Mon 10 Aug 2009 21:26:44 CEST: poll completed
fetchmail: normal termination, status 0
You have mail in /var/mail/elisabeth
elisabeth@compaqdeb:~$ mail
Mail version 8.1.2 01/15/2001. Type ? for help.
"/var/mail/elisabeth": 1 message 1 new
>N 1 stevepedwards@gma Mon Aug 10 21:26 65/3245 fetchmail test
AND SO ENDS A BLOODY LONG BUT SUCCESSFULL 10HR DAY LEARNING CURVE!!!
Disable Unwanted Services:
To check services running at start to RL3:
apt-get install chkconfig
chkconfig --list | grep '3:on'
firewall:~# service apache2
Usage: /etc/init.d/apache2 {start|stop|restart|reload|force-reload|start-htcacheclean|stop-htcacheclean|status}.
You can then stop an unwanted service.
#uptime
Delete All Mail Messages:
echo 'd *' | mail -N
Delete All Mail Messages: For Any User
echo 'd *' | mail -N -u username
Another way to use the mail command from the Linux CLI is to get information from a server and email it to yourself or someone else. For instance I may want to review a log file on another computer or have another systems administrator who may or may not have access to the server to view a log file. In the below example we will use the access.log file as an example Apache log that we want to email to ourselves so use the below command to do so.
# more /file.txt | mail user@example.com
Configuring Exim4 To Send Mail To smtp.gmail.com:
SUCCESS!! Mail receipt from Fetchmail to user inboxes working following the above link setup for Gmail smtp! Done!!
Maybe its time to split this into seperate page sections..?
TIME and DATE
socat SYSTEM:date -
Wed Aug 12 03:08:09 CEST 2009
To change the system date use:
# date {mmddhhmiyyyy.ss}
o mm Month
o dd Date
o hh 24 hour format
o mi Minutes
o yyyy Year
o ss seconds
eg: to set system date to Jan 31st 2009, 10:19 p.m, 53 seconds
# date 013122192009.53
To set the time only:
# date +%T -s "22:19:53"
Use hwclock without any parameter, to view the current hardware date and time:
# hwclock
Set the hardware date and time based on the system date as shown below:
# hwclock --systohc
# hwclock --systohc --utc
date --date='360 days ago' (can be seconds, minutes, months etc. ago)
Sat Aug 16 20:24:18 CEST 2008
Future dates and Times
$ date --date="1 week" (can be sec, min, hour, day etc.)
Tue Aug 18 20:28:24 CEST 2009
Login to Remote Host using SSH
ssh -v 127.0.0.1 (shows debug info)
root@compaqdeb ~> ssh -v 127.0.0.1 OpenSSH_5.1p1 Debian-5, OpenSSL 0.9.8g 19 Oct 2007 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 127.0.0.1 [127.0.0.1] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/id_rsa type 1 debug1: Checking whitelist file /usr/share/ssh/whitelist.RSA-2048 debug1: Checking whitelist file /etc/ssh/whitelist.RSA-2048 debug1: identity file /root/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1p1 Debian-5 debug1: match: OpenSSH_5.1p1 Debian-5 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-5 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host '127.0.0.1' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:2 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Trying private key: /root/.ssh/identity debug1: Offering public key: /root/.ssh/id_rsa debug1: Authentications that can continue: publickey,password debug1: Trying private key: /root/.ssh/id_dsa debug1: Next authentication method: password root@127.0.0.1's password:
To come back to the localhost temporarily, without logging out of remote ssh session, type the escape character (after editing /etc/ssh/ssh_config and removing # from EscapeChar = ~): ~ and ^Z. When back to own console you can see the stopped session by running # jobs
[1]+ Stopped ssh -v 127.0.0.1
You can go back to the remote host ssh with foreground cmd: fg %1
ssh -v 127.0.0.1
You can see this last login with the opposite of "tail -5" ie "head" for logs that list most recent activity first not last like usual: last | head -5
root pts/6 localhost Tue Aug 11 20:55 - 21:02 (00:06)
SSH Session Stats: On the remotehost, type ssh escape character ~ followed by s as shown below. This will display lot of useful statistics about the current SSH connection: remotehost$ [Note: The ~s is not visible on the command line when you type.
Loop Mounted Filesytems - mounts image files and CD/DVD .iso files to access contents
root@compaqdeb ~> mount -o loop /share/iomegadeb.img /mnt/
root@compaqdeb ~> ls /mnt/
Airdash bin compaqdeb home iod media opt rescuecd sbin srv usr vmlinuz
amd64 boot dev hypson ipw mnt pkgs.txt root selinux sys var wifiup.sh
asusvista cdrom etc initrd.img lib ndis proc san8 share tmp vd wpa
Disk/Filesystem Usage
root@compaqdeb ~> df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda1 78536808 53192520 22152820 71% /
tmpfs 384568 0 384568 0% /lib/init/rw
udev 10240 108 10132 2% /dev
tmpfs 384568 0 384568 0% /dev/shm
/dev/sda4 35285584 1142752 34142832 4% /Efat32
/dev/hda1 19542568 14606488 4936080 75% /bup
//laptop/d/ 55689212 42900336 12788876 78% /laptopd
/share/iomegadeb.img 15093376 13521796 804880 95% /mnt
/dev/sdb1 8006400 3957376 4049024 50% /san8
root@compaqdeb ~> du -h /san8/FixMBR/ (human readable - with df -h too)
384K /san8/FixMBR/mbrfix
576K /san8/FixMBR/
root@compaqdeb ~>cat /etc/services (list IANA service ports)
root@compaqdeb >iftop -i eth1
APACHE Server Side Includes
Open the /sites-available/default file...
vi /etc/apache2/sites-available/default
find this section...
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
and edit it to look like this:
Options Indexes FollowSymLinks MultiViews +Includes
AllowOverride None
Order allow,deny
allow from all
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
DirectoryIndex index.shtml
You need to add +Includes to the end of the end of the Options, and two new lines after the commented-out lines.
You can leave out the final added line if you don't want includes in index pages.
root@compaqdeb ~>root@compaqdeb:~# apache2ctl
root@compaqdeb >Usage: /usr/sbin/apache2ctl start|stop|restart|graceful|graceful-stop|configtest|status|fullstatus
root@compaqdeb ~>c/usr/sbin/apache2ctl
Difference between route and netstat -nr:
root@compaqdeb:~# netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth1
root@compaqdeb:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
default WANADOO-C860 0.0.0.0 UG 0 0 0 eth1cpaq2:~# ping -b 192.168.1.0
cpaq2:~# ping -b 192.168.1.0
WARNING: pinging broadcast address
PING 192.168.1.0 (192.168.1.0) 56(84) bytes of data.
64 bytes from 192.168.1.253: icmp_seq=1 ttl=255 time=1.23 ms
64 bytes from 192.168.1.100: icmp_seq=1 ttl=255 time=1.29 ms (DUP!)
64 bytes from 192.168.1.254: icmp_seq=1 ttl=255 time=8.39 ms (DUP!)
64 bytes from 192.168.1.253: icmp_seq=2 ttl=255 time=1.22 ms
64 bytes from 192.168.1.100: icmp_seq=2 ttl=255 time=1.24 ms (DUP!)
cpaq2:~# arp
Address HWtype HWaddress Flags Mask Iface
terry.local ether 00:60:08:6f:af:1a C eth0
cpaqwin7 ether 00:0c:85:20:d0:68 C eth0
homeportal ether 00:25:3c:36:c9:11 C eth0
amd64 ether 00:17:c4:23:5b:d1 C eth0
I fixed my "too small", application X font mismatch with HDMI TV resolution by adding this to xorg.conf:
Option "NoDDC"If the above change improves your system, but the result is less than 100% to your satisfaction, you can tweak sizes up or down by making the DisplaySize dimensions slightly larger or smaller than actual.
# LVM: creation of an 80GB hard drive volume from 2 x 40GB drives
apt-get install lvm2
netstorage:~# pvdisplay
--- Physical volume ---
PV Name /dev/hdc1
VG Name Storage80G
PV Size 37.27 GB / not usable 2.19 MB
Allocatable yes (but full)
PE Size (KByte) 4096
Total PE 9540
Free PE 0
Allocated PE 9540
PV UUID 1ln7Bj-x0Qr-w3Ta-dl1G-Hsfm-xzn8-lDsEfA
--- Physical volume ---
PV Name /dev/hdd1
VG Name Storage80G
PV Size 37.27 GB / not usable 2.19 MB
Allocatable yes (but full)
PE Size (KByte) 4096
Total PE 9540
Free PE 0
Allocated PE 9540
PV UUID uj58fP-5KhO-DuZf-Btjt-Gl50-c6AU-XwmmTK
Current info on VGs can be viewed with:
vgdisplay:
netstorage:~# vgdisplay
--- Volume group ---
VG Name Storage80G
System ID
Format lvm2
Metadata Areas 2
Metadata Sequence No 3
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 1
Open LV 1
Max PV 0
Cur PV 2
Act PV 2
VG Size 74.53 GB
PE Size 4.00 MB
Total PE 19080
Alloc PE / Size 19080 / 74.53 GB
Free PE / Size 0 / 0
VG UUID t2nYaj-7yQe-Ye01-n7ak-ui21-G50e-EXhufB
netstorage:~# lvmdiskscan
/dev/ram0 [ 8.00 MB]
/dev/dm-0 [ 74.53 GB]
/dev/ram1 [ 8.00 MB]
/dev/hda1 [ 19.53 GB]
/dev/hdc1 [ 37.27 GB] LVM physical volume
/dev/ram2 [ 8.00 MB]
/dev/root [ 16.76 GB]
/dev/ram3 [ 8.00 MB]
/dev/hda3 [ 1.99 GB]
/dev/ram4 [ 8.00 MB]
/dev/ram5 [ 8.00 MB]
/dev/ram6 [ 8.00 MB]
/dev/ram7 [ 8.00 MB]
/dev/ram8 [ 8.00 MB]
/dev/ram9 [ 8.00 MB]
/dev/ram10 [ 8.00 MB]
/dev/ram11 [ 8.00 MB]
/dev/ram12 [ 8.00 MB]
/dev/ram13 [ 8.00 MB]
/dev/ram14 [ 8.00 MB]
/dev/ram15 [ 8.00 MB]
/dev/hdd1 [ 37.27 GB] LVM physical volume
1 disk
19 partitions
0 LVM physical volume whole disks
2 LVM physical volumes
netstorage:~# pvs
PV VG Fmt Attr PSize PFree
/dev/hdc1 Storage80G lvm2 a- 37.27G 0
/dev/hdd1 Storage80G lvm2 a- 37.27G 0
netstorage:~# pvscan
PV /dev/hdc1 VG Storage80G lvm2 [37.27 GB / 0 free]
PV /dev/hdd1 VG Storage80G lvm2 [37.27 GB / 0 free]
Total: 2 [74.53 GB] / in use: 2 [74.53 GB] / in no VG: 0 [0 ]
netstorage:~# pv
pvchange pvck pvcreate pvdisplay pvmove pvremove pvresize pvs pvscan
netstorage:~# vg
vgcfgbackup vgchange vgconvert vgdisplay vgextend vgmerge vgaquauce vgrename vgscan
vgcfgrestore vgck vgcreate vgexport vgimport vgmknodes vgremove vgs vgsplit
Now there is a Volume Group of name Storage80G, a LV device of name LVName can be created from the VG disks, using the total PE value of each: 2 x (single disk PE=9540) = 19080 which can be mounted via /etc/fstab in a directory.
lvcreate -l 19080 -n LVName Storage80G
netstorage:~# ls /dev/mapper/
control Storage80G-LVName
/dev/mapper/unknown filesystem type 'lvm2pv' /LVNameMount/ vfat defaults 0 0
Adding a disk to the Volume Group
Next, we’ll add /dev/hda6 to the Volume Group.
http://tldp.org/HOWTO/LVM-HOWTO/lvm2faq.html
http://blog.fosketts.net/guides/walkthrough-logical-volume-manager-linux/
PPPD and ADSL Modem Connections
The Speedtouch 330 modem used in conjunction with Shorewall, Stouch scripts from web: http://speedtouchconf.sourceforge.net/ and steve-parker.org, alcaudsl.sys and speedtouchconf-27-Jun-2006.tar available: here soon. PPP0 or PPP+ added to shorewall MASQ and INTERFACES file replacing eth0, and ACCEPT added to POLICY file to replace REJECT loc to fw (WHY??).PPTPD and VPNs coming soon also - New Pages for these above sections eh? Getting out of hand..
May 22 21:50:17 firewall kernel: [ 229.744277] PPP generic driver version 2.4.2SMARTD and SMARTCTRL - Read http://www.linuxjournal.com/magazine/monitoring-hard-disks-smart?page=0,0
firewall:~# smartctl -l selftest /dev/hdf