Commands
# output linux version
cat "/proc/version"
# connect to a docker container terminal
docker exec -it <cont> bash
# strip and output only the selected column
awk '{print $<col_num>}'
# info about a pid
ps -Flww -p <pid>
# usernames used for logins
sudo lastb | awk '{print $1}' | sort | uniq -c | sort -nr
# switch between last cd's
nextd
prevd
cdh
# remove ssh key password
ssh-keygen -p -f ~/.ssh/id_rsa
# service specific logs
journalctl -eu <service>Sudo
One of the main things to do is to change the password asked when a user calls onto sudo. Making it ask for the root password is secure than the user pwd. So in the /etc/sudoers file;
Defaults rootpwAdd a user to sudoers
usermod -a -G sudo <username>Root lock
Is root locked? If so, how do I unlock it?
Focus on the second column of this command. L means locked. P means there's a password or a password can be set.
# check
sudo passwd -S root # root P 09/02/2022 0 99999 7 -1
# unlock
sudo usermod -U root
sudo passwd rootSudo access
At the end of /etc/sudoers there is what appears to be a comment:
#includedir /etc/sudoers.dThis includes sudo rules from files inside of /etc/sudoers.d. Here are some examples of rules that could be included in those files and what they mean.
# user ubuntu can run sudo without a password
ubuntu ALL=(ALL) NOPASSWD:ALL
# members of admin group can sudo without a password
%admin ALL=(ALL) NOPASSWD:ALL
# members of sudo group can sudo but needs password
%sudo ALL=(ALL) ALLAlways use visudo to make edits to all of the mentioned files
sudo visudo -f /etc/sudoers.d/90-cloud-init-usersOnce you're done making edits, restart sudo to apply the changes
sudo service sudo restartWhitelisting
Whitelisting a command or set of commands for a group allows anyone who's in it to run them without sudo. This is done by creating a new file inside of /etc/sudoers.d. Source (opens in a new tab)
sudo visudo -f "/etc/sudoers.d/<file-name>"Inside it the following properties whitelists the app. Remember to give the abs path for the application. Use which <app-name> to find it. Source (opens in a new tab)
Cmnd_Alias <SET-NAME> = <abs-app-path> command, <apb-app-path> command
%<group-name> ALL=(ALL) NOPASSWD: <SET-NAME>System User
A user with no home directory, login shell nor password. It's basically a no-login dummy account made solely to containerize services.
# create a system user and group of the same name
sudo useradd --system --no-create-home --shell=/sbin/nologin <username>
# set their permissions
sudo chown -R root:<username> /path/to/change
sudo chmod -R 775 /path/to/changechsh
If you ever get the error;
chsh: PAM authentication failedFind and comment this line inside etc/pam.d/chsh. Source (opens in a new tab)
auth required pam_shells.soThen do whatever you were doing and make sure to uncomment it again.
Groups
List all groups
getent groupAdd user to a group
usermod -a -G group <username>What groups is a user in. If there's no args, groups of current user are shown.
groups <user>Create new group
groupadd <group>Make sure to restart the services that are responsible for the groups after adding a user into one.
Necessary groups for reg user;
- docker
- sudo
- postfix
GPG
Decrypt a file.
gpg --output <output-file> --decrypt <file.gpg>Encrypt a file.
gpg --output <output-file.gpg> --encrypt <file>Export public and private keys.
# public key
gpg --output <public.pgp> --armor --export -r <recipient>
# private key
gpg --output <private.pgp> --armor --export-secret-key -r <recipient>WSL
If this error comes up [process exited with code 4294967295] run this. Source (opens in a new tab)
If the installed WSL <distro> is ubuntu 18.04, use Ubuntu-20.04
wsl --terminate <distro>Standard File Browser
You can define the default file browser by editing the file ~/.local/share/applications/mimeapps.list. Open this file and change the line inode/directory as follows.
If this doesn't work, edit the same line in usr/share/applications/mimeinfo.cache. Source (opens in a new tab)
inode/directory=nautilus.desktop;Terminal Sessions
# currently logged in users
w -i
who -a -H
# login history
last
# login faliure history
lastbSSH session process trees
pstree -p
├─sshd(3102)─┬─sshd(3649)───bash(3656)
│ └─sshd(16680)───bash(16687)───pstree(17073)
# to kill a terminal
kill 3649Mimetype
Display mimetype of a certain file.
mimetype "/file/path.ext"Edit the following file to change default mimetype default application. Source (opens in a new tab)
micro "~/.config/mimeapps.list"Kitty Terminal
When connecting to a host using ssh. Kitty gives a 'xterm-kitty': unknown terminal type. error. To solve that you need to set the terminal TERM env variable to something other than the default. Source (opens in a new tab)
# fish shell
set TERM xterm
# bash
export TERM=xtermFish Shell
Add directory to PATH
fish_add_path /path/to/dirSudo errors
When trying to su or running sudo, this error is given:
su: failed to execute /usr/local/bin/fish: No such file or directoryThis happens when /etc/passwd has /usr/local/bin/fish as the user's default shell but that shell path doesn't exist. To fix it become root by using sudo bash. Then manually clean /etc/passwd of all traces of the non existent path.
Firefox
Setting to know in about:config
# Touchpad vertical scroll sensivity
mousewheel.default.delta_multiplier_y
# Mousewheel vertical scroll sensitivity
mousewheel.min_line_scroll_amountExtract Python Requirements
# install tool
python3 -m pip install -U pipreqs
# go to script folder
pipreqs .Cronjobs
Setting up separate logging for cron. This however will not log the outputs of cron jobs. This is only for the cron process itself.
# open this file
micro /etc/rsyslog.d/50-default.conf
# uncomment this line
cron.*
# restart syslog
sudo service rsyslog restartAfter this, logs should appear in a separate file called /var/log/cron.log. Cron activity will now be logged to this file (in addition to syslog).
As for logging the output of cron jobs. Simply redirect command outputs.
01 14 * * * /home/joe/myscript >> /home/log/myscript.log 2>&1This will redirect all standard output and errors that may be produced by the script that is run to the log file specified.
Timeshift Backups
If automated backups aren't being created even if Timeshift is completely configured. A service called cronie might be disabled.
systemctl enable cronie.service
systemctl start cronie.serviceThat should hopefully solve this issue. To check if there's a problem with the Timeshift configuration itself.
sudo timeshift --check --scriptedRunning this command will create a snapshot if one is due. You can see if this does create a snapshot from the GUI afterwards. If this command doesn't work then the problem is in configuration or user account/permissions.
Wireguard
Error: IPv6 is disabled on nexthop device.If you get this error when running sudo wg-quick up <interface>. This means that an ipv6 address is mentioned in the config file at /etc/wireguard/<interface>. This isn't a problem if the client device has ipv6 enabled. But if it's disabled then this error will come up. To fix this, simply remove the ipv6 address from the config's AllowedIPs.
; before
AllowedIPs = 0.0.0.0/0, ::/0
; after
AllowedIPs = 0.0.0.0/0Dolby Vision
If you somehow find yourself with a Dolby Vision encoded video clip, but without a DV certified device. You can use mpv to color correct the video back to how it's supposed to look.
mpv --vo=gpu-next <video.mkv>Cisco Packet Tracer
In the MacOS specific issue where the CLI stdout is spoken out by Siri, first open up packet tracer in full screen and then click on the top left then the preferences option. A window will open up with a lot of options, in it tick the option "Disable CLI text to speech".
Python IDLE
On MacOS if this error shows up when running idle3 in the terminal.
** IDLE can't import Tkinter.
Your Python may not be configured for Tk. **Tkinter needs to be installed using brew.
brew install python-tkMono Framework
On MacOS to remove the mono framework run this.
sudo rm -rf /Library/Frameworks/Mono.framework
sudo pkgutil --forget com.xamarin.mono-MDK.pkg
sudo rm /etc/paths.d/mono-commands