Haack's Wiki

User Tools

Site Tools

Trace:
computing:gnulinux

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
computing:gnulinux [2018/05/18 07:40] oemb1905computing:gnulinux [2018/05/18 08:05] (current) – removed oemb1905
Line 1: Line 1:
-------------------------------------------- 
-  * **gnulinux**  
-  * **Jonathan Haack** 
-  * **Haack's Networking** 
-  * **netcmnd@jonathanhaack.com**  
  
-------------------------------------------- 
- 
-//Welcome to my gnulinux wiki page.  Tis page has simple and complex system administrationnotes to remind me when I forget something that I already learned!  If you are visiting, I hope you find the page useful.// 
- 
- 
-------------------------------------------- 
-#**optical media ripping from command line** 
-------------------------------------------- 
- 
-  cdrecord -pad -dao -data blag-140k-i686.iso 
- 
- 
- 
- 
- 
-------------------------------------------- 
-#**security & policy information** 
-------------------------------------------- 
- 
-  sudo nano /etc/pam.d/common-password 
- 
-Prevent Log in - create file 
- 
-  /etc/nologin 
- 
-tcpdump common uses; monitoring traffic on network 
- 
-  tcpdump -n -i <eth0> <host> <x.x.x.x> 
-  tcpdump -n -i <eth0> <port> <#> 
-  tcpdump -i eth0 -nn -c 10 tcp and host <x.x.x.x> 
-  tcpdump -i wlan0 port http or port smtp or port imap or port pop3 -l -A | egrep -e 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:pass |user |Referer:' 
-   
-Generate  
-   
-  sudo htpasswd -c .htpasswd username 
-   
-Syntax for .htaccess 
-   
-  AuthUserFile /private/etc/httpd/.htpasswd  
-  AuthGroupFile /dev/null 
-  AuthName "Members Only" 
-  AuthType Basic 
- 
-  <Limit GET POST>  
-  require valid-user 
-  </Limit> 
- 
- 
-------------------------------------------- 
-#**display managers; lightdm & gdm3** 
-------------------------------------------- 
- 
-  cd /usr/share/lightdm/light.conf.d/ 
-   
-Global lightdm settings here 
- 
-  cd /etc/lightdm/ 
-  sudo nano lightdm.conf 
-   
-Lightdm ubuntu-MATE greeter and lock screen issues 
- 
-  /usr/share/common/backgrounds/ubuntu-mate-common/Ubuntu-Mate-Cold.jpg 
-  /etc/lightdm/lightdm-gtk-greeter.conf 
-   
-The .conf file w/ some common sense parameters 
- 
-  [SeatDefaults] 
-  allow-guest=false 
-  greeter-hide-users=true 
- 
- 
-------------------------------------------- 
-#**mac - hardware - gnulinux requirements** 
-------------------------------------------- 
-     
-mac fan control; needed to ensure computer does not fry ... 
- 
-  apt-get update 
-  apt-get install macfanctld 
-  /etc/macfanctl.conf 
-  <set desired values> 
-  service macfanctld restart 
-   
- 
-------------------------------------------- 
-#**samba share basics** 
-------------------------------------------- 
-   
-  sudo apt update 
-  sudo apt install samba 
-  sudo adduser username 
-  sudo smbpasswd -a username 
-  mkdir /home/username/sharename 
-  nano /etc/samba/smb.conf 
-  [sharename] 
-  path = /home/username/sharename 
-  available = yes 
-  valid users = camalas 
-  read only = no 
-  browseable = yes 
-  public = yes 
-  writable = yes 
- 
- 
-------------------------------------------- 
-#**miscellaneous sysadmin easy** 
-------------------------------------------- 
- 
-start or stop network manager (or other services) 
-   
-  systemctl <start/stop/restart> networkmanager.service 
-  /etc/init.d/network-manager <start/stop/restart> 
-   
-verify dhcp client working for interface eno1 
-   
-  dhclient -v eno1 
-   
-add subnet to interface eno1 
-   
-  ip address add 192.1##.1##.2/24 dev eno1 
-   
-interface tool w/ eno1 example 
-   
-  ethtool eno1   
- 
-interface with switch using screen 
-   
-  screen /dev/ttyUSB0/ 19200 
- 
-calculate subnet automatically 
-   
-  subnetcalc 
-   
-proxying web traffic through remote server  
-   
-  ssh -D <port#> <user>@<domain.com> 
-   
-get block ID of drives 
-   
-  blkid 
- 
-nmap to scan devices on lan 
-   
-  nmap -sP 10.##.##.0/24 
- 
-find utils example 
- 
-  find . -iname "name"  
-  
- 
-------------------------------------------- 
-#**scripts and miscellaneous** 
-------------------------------------------- 
- 
-downloading scripts and executing them; example from DO 
- 
-  curl -sSL https://agent.digitalocean.com/install.sh | sh 
- 
-ngrok notes; private http(s) tunnels 
- 
-  ./ngrok http 80 
-  wget https://[ngrok tunnel]/id_rsa.pub 
-  cat ~/id_rsa.pub >> ~/.ssh/authorized_keys 
- 
-query hosts on the lan 
- 
-  avahi-browse -tl _workstation._tcp 
- 
-Debian print system configuration to stdout; use root 
- 
-  cat /proc/cpuinfo && lspci | grep -i vga && uname -a && lsb_release -a 
-  lsb_release -a 
-  lspci 
- 
-Debian repo management 
- 
-  cd /etc/apt 
-  nano sources.lsit 
-  [main contrib non-free] 
-   
-Uploading files to remote webservers with sftp 
- 
-  cd ~/Downloads 
-  sftp user@host.com:/path/to/sftp/directory/of/choice/ 
-  > put /path/to/file.txt  
-   
- 
- 
- 
- 
-------------------------------------------- 
-#**Building From Source to Custom library Location** 
-------------------------------------------- 
- 
-tar -xf <source_filename> 
- 
-Navigate to the directory that tar unarchived the files to.  Then, within that directory, execute: 
- 
-  ./configure --prefix=/usr/local 
-   
-  make 
-  sudo make install clean 
- 
- 
- 
- 
-------------------------------------------- 
-#**Cacti Server Notes** 
-------------------------------------------- 
- 
-Installing snmpd to an embedded system and then installing cacti to a client to monitor the  
-device. Additionally, this tutorial covers one way to monitor a client without an snmpd server  
-running on the client machine (ping only).  The embedded OS is openWRT on a Netgear WNDR. 
- 
-  ssh -p ###### root@nameofembeddedhost  
-  opkg update 
-  opkg install snmpd 
-  cd /etc/config 
-  nano snmpd 
-  /etc/init.d/snmpd enable 
-  /etc/init.d/snmpd restart 
- 
-There are many customizations possible, but my colleagues recommend the minimum of changing the  
-name of the public community to something indicative of the network purpose.  Additionally, it 
-is also adviseable to change three fields below that refer to the physical location, ip address, and the contact email for the system administrator in charge of managing the snmp server.  Once you are done, continue to installing cacti on a network machine that will field the incoming snmp request  
- 
-  sudo apt install cacti 
- 
-I used the default recommendations, however, when cacti failed repeatedly I was forced to use the  
-reconfiguration command below.  The OS I used in this case was Debian 9.2.1 Stretch. 
- 
-  sudo dpkg-reconfigure cacti 
-  <Yes, rebuild database, default to other options> 
-  <I chose matching MySQL pass because it failed with blank> 
- 
-At this point, cacti should work so to speak, but it will need to be configured and have its license terms accepted.  Since cacti utilizes a web server with which users may access its data, users must configure cacti within that interface.  FYI - I chose defaults, and used apache2, as follows  from within the Firefox web-browser: 
- 
-  localhost/cacti 
-  <say yes to EULA, etc.> 
-  <user: admin> 
-  <pass: admin> 
- 
-Since cacti's web server is running, its web server page can highlight information from the snmp server that it queries information from as a client (& many other queries too!).  I would error on the side of portraying more information, not less, so consider the following configurations from within the web interface. 
- 
-  Create Devices 
-  Add (upper right corner) 
-  Host Template - ucd/net SNMP Host 
-  Ping or SNMP 
-  ICMP Ping  
-  Version 2 
-  <name of public community chosen must match /etc/config/snmpd> 
-  <fully qualified hostname must be the external domain name or local ip> 
-  <for linux devices or the cacti server itself, use local ip or 127.0.0.1, snmpd version 1> 
- 
-After it successfully creates the device, then scroll down to graphs and add them all unless you have a reason not to.  Once you do that, click return, and then select to "Place Device on a Tree" using the defaults provided.  Once that is done, go to Console, Create Graphs, select the router or host you just configured this for, and then select the box for all graphs, scroll down, select create.  Once they are created, click Console, view graphs, hit the arrow on the Tree, and select the router or host you just created these graphs for. 
-   
-During this install I had a conflict with a previously installed web server nginx, so I had to find its process and then kill it: 
- 
-  netstat -enpl 
-  sudo kill -XXX PID 
-   
-After that, I restarted the web-server apache2 as follows: 
- 
-  sudo /etc/init.d/apache2 restart 
- 
- 
- 
-------------------------------------------- 
-#**virt-manager stuff** 
-------------------------------------------- 
-Start defualt   
-  sudo virsh net-start default  
- 
-Remove bridge 
-  sudo ifconfig virbr0 dow 
-  sudo brctl delbr virbr0 
- 
-List all 
-  sudo virsh net-list --all  
- 
-------------------------------------------- 
-#**rsync** 
-------------------------------------------- 
- 
-  sudo rsync -avxHAX --progress /sourcefiles/path /backup/path 
- 
- 
-------------------------------------------- 
-#**next topic** 
-------------------------------------------- 
- 
-  chmod 700 ~/.ssh  
-  chmod 644 ~/.ssh/id_rsa.pub 
-  chmod 600 ~/.ssh/id_rsa 
-  chmod 755 ~/ 
- 
-------------------------------------------- 
-#**Simple Bridge Mode Virt-Manager** 
-------------------------------------------- 
-create it - use gui, or brctl 
- 
-sudo nano /etc/network/interfaces 
- 
-  auto br1 
-  iface br1 inet dhcp 
-     bridge_ports enp3s0 
-     bridge_stp on 
-     bridge_fd 0.0 
- 
- 
- 
-------------------------------------------- 
-#**smart tests** 
-------------------------------------------- 
-  smartctl -t short 
-  smartctl -t long 
- 
-------------------------------------------- 
-#**ssh with screen** 
-------------------------------------------- 
-  ssh -t xx.xx.xx.xx screen -DRO 
- 
- 
-------------------------------------------- 
-#**RAID 1 Notes** 
-------------------------------------------- 
-The sfdisk command is not complete ... the proc shows kernel report on mirroring / syncing status ... 
- 
-  sfdisk -d | sfdisk 
-  cat /proc/mdstat 
-   
-Temperamental Swap mirroring ...   
-   
-  mdadm --readwrite /dev/md1 
- 
- 
- 
-------------------------------------------- 
-#**Purism Keyboard Issue** 
-------------------------------------------- 
- 
-  sudo nano /etc/rc.local  
- 
-Put this in the file. 
-   
-  #!/bin/sh 
-  setkeycodes 56 43 
-  exit 0 
- 
-Ctrl-X, Y, Enter. 
-   
-  sudo chmod 750 /etc/rc.local 
-  sudo chown root:root /etc/rc.local 
-  sudo reboot 
- 
-Done - problem fixed. 
-   
- 
- 
- 
-------------------------------------------- 
-#**Level 3 DNS & resolv.conf** 
-------------------------------------------- 
- 
-  sudo nano /etc/resolv.conf 
-  search domain.com [local domain] 
-  nameserver xx.xx.xx.xx [router] 
-  nameserver 4.2.2.1 
-  nameserver 4.2.2.2 
-  nameserver 4.2.2.3 
-  nameserver 4.2.2.4 
-   
- 
-------------------------------------------- 
-#**next topic** 
-------------------------------------------- 
- 
- 
- 
- --- //[[netcmnd@jonathanhaack.com|oemb1905]] 2018/03/15 00:23// 
computing/gnulinux.1526629206.txt.gz · Last modified: 2018/11/25 01:33 (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki