Commands
# output linux version
cat "/proc/version"
# connect to a docker container terminal
docker exec -it <cont> bash
# strip and output only the selected column
awk '{print $<col_num>}'
# info about a pid
ps -Flww -p <pid>
# usernames used for logins
sudo lastb | awk '{print $1}' | sort | uniq -c | sort -nr
# switch between last cd's
nextd
prevd
cdh
# remove ssh key password
ssh-keygen -p -f ~/.ssh/id_rsa
# service specific logs
journalctl -eu <service>
Sudo
Add a user to sudoers
usermod -a -G sudo <username>
Root lock
Is root locked? If so, how do I unlock it?
Focus on the second column of this command. L means locked. P means there's a password or a password can be set.
# check
sudo passwd -S root # root P 09/02/2022 0 99999 7 -1
# unlock
sudo usermod -U root
sudo passwd root
Sudo access
At the end of /etc/sudoers
there is what appears to be a comment:
#includedir /etc/sudoers.d
This includes sudo rules from files inside of /etc/sudoers.d
. Here are some examples of rules that could be included in those files and what they mean.
# user ubuntu can run sudo without a password
ubuntu ALL=(ALL) NOPASSWD:ALL
# members of admin group can sudo without a password
%admin ALL=(ALL) NOPASSWD:ALL
# members of sudo group can sudo but needs password
%sudo ALL=(ALL) ALL
Always use visudo
to make edits to all of the mentioned files
sudo visudo -f /etc/sudoers.d/90-cloud-init-users
Once you're done making edits, restart sudo to apply the changes
sudo service sudo restart
Whitelisting
Whitelisting a command or set of commands for a group allows anyone who's in it to run them without sudo
. This is done by creating a new file inside of /etc/sudoers.d
. Source (opens in a new tab)
sudo visudo -f "/etc/sudoers.d/<file-name>"
Inside it the following properties whitelists the app. Remember to give the abs path for the application. Use which <app-name>
to find it. Source (opens in a new tab)
Cmnd_Alias <SET-NAME> = <abs-app-path> command, <apb-app-path> command
%<group-name> ALL=(ALL) NOPASSWD: <SET-NAME>
System User
A user with no home directory, login shell nor password. It's basically a no-login dummy account made solely to containerize services.
# create a system user and group of the same name
sudo useradd --system --no-create-home --shell=/sbin/nologin <username>
# set their permissions
sudo chown -R root:<username> /path/to/change
sudo chmod -R 775 /path/to/change
chsh
If you ever get the error;
chsh: PAM authentication failed
Find and comment this line inside etc/pam.d/chsh
. Source (opens in a new tab)
auth required pam_shells.so
Then do whatever you were doing and make sure to uncomment it again.
Groups
List all groups
getent group
Add user to a group
usermod -a -G group <username>
What groups is a user in. If there's no args, groups of current user are shown.
groups <user>
Create new group
groupadd <group>
Make sure to restart the services that are responsible for the groups after adding a user into one.
Necessary groups for reg user;
- docker
- sudo
- postfix
GPG
Decrypt a file.
gpg --output <output-file> --decrypt <file.gpg>
Encrypt a file.
gpg --output <output-file.gpg> --encrypt <file>
Export public and private keys.
# public key
gpg --output <public.pgp> --armor --export -r <recipient>
# private key
gpg --output <private.pgp> --armor --export-secret-key -r <recipient>
WSL
If this error comes up [process exited with code 4294967295]
run this. Source (opens in a new tab)
If the installed WSL <distro>
is ubuntu 18.04, use Ubuntu-20.04
wsl --terminate <distro>
Standard File Browser
You can define the default file browser by editing the file ~/.local/share/applications/mimeapps.list
. Open this file and change the line inode/directory
as follows.
If this doesn't work, edit the same line in usr/share/applications/mimeinfo.cache
. Source (opens in a new tab)
inode/directory=nautilus.desktop;
Terminal Sessions
# currently logged in users
w -i
who -a -H
# login history
last
# login faliure history
lastb
SSH session process trees
pstree -p
├─sshd(3102)─┬─sshd(3649)───bash(3656)
│ └─sshd(16680)───bash(16687)───pstree(17073)
# to kill a terminal
kill 3649
Mimetype
Display mimetype of a certain file.
mimetype "/file/path.ext"
Edit the following file to change default mimetype default application. Source (opens in a new tab)
micro "~/.config/mimeapps.list"
Kitty Terminal
When connecting to a host using ssh. Kitty gives a 'xterm-kitty': unknown terminal type.
error. To solve that you need to set the terminal TERM
env variable to something other than the default. Source (opens in a new tab)
# fish shell
set TERM xterm
# bash
export TERM=xterm
Fish Shell
Add directory to PATH
fish_add_path /path/to/dir
Sudo errors
When trying to su
or running sudo
, this error is given:
su: failed to execute /usr/local/bin/fish: No such file or directory
This happens when /etc/passwd
has /usr/local/bin/fish
as the user's default shell but that shell path doesn't exist. To fix it become root by using sudo bash
. Then manually clean /etc/passwd
of all traces of the non existent path.
Firefox
Setting to know in about:config
# Touchpad vertical scroll sensivity
mousewheel.default.delta_multiplier_y
# Mousewheel vertical scroll sensitivity
mousewheel.min_line_scroll_amount
Extract Python Requirements
# install tool
python3 -m pip install -U pipreqs
# go to script folder
pipreqs .
Cronjobs
Setting up separate logging for cron. This however will not log the outputs of cron jobs. This is only for the cron process itself.
# open this file
micro /etc/rsyslog.d/50-default.conf
# uncomment this line
cron.*
# restart syslog
sudo service rsyslog restart
After this, logs should appear in a separate file called /var/log/cron.log
. Cron activity will now be logged to this file (in addition to syslog).
As for logging the output of cron jobs. Simply redirect command outputs.
01 14 * * * /home/joe/myscript >> /home/log/myscript.log 2>&1
This will redirect all standard output and errors that may be produced by the script that is run to the log file specified.
Timeshift Backups
If automated backups aren't being created even if Timeshift is completely configured. A service called cronie
might be disabled.
systemctl enable cronie.service
systemctl start cronie.service
That should hopefully solve this issue. To check if there's a problem with the Timeshift configuration itself.
sudo timeshift --check --scripted
Running this command will create a snapshot if one is due. You can see if this does create a snapshot from the GUI afterwards. If this command doesn't work then the problem is in configuration or user account/permissions.
Wireguard
Error: IPv6 is disabled on nexthop device.
If you get this error when running sudo wg-quick up <interface>
. This means that an ipv6 address is mentioned in the config file at /etc/wireguard/<interface>
. This isn't a problem if the client device has ipv6 enabled. But if it's disabled then this error will come up. To fix this, simply remove the ipv6 address from the config's AllowedIPs
.
; before
AllowedIPs = 0.0.0.0/0, ::/0
; after
AllowedIPs = 0.0.0.0/0
Dolby Vision
If you somehow find yourself with a Dolby Vision encoded video clip, but without a DV certified device. You can use mpv to color correct the video back to how it's supposed to look.
mpv --vo=gpu-next <video.mkv>
Cisco Packet Tracer
In the MacOS specific issue where the CLI stdout is spoken out by Siri, first open up packet tracer in full screen and then click on the top left then the preferences option. A window will open up with a lot of options, in it tick the option "Disable CLI text to speech".
Python IDLE
On MacOS if this error shows up when running idle3
in the terminal.
** IDLE can't import Tkinter.
Your Python may not be configured for Tk. **
Tkinter needs to be installed using brew.
brew install python-tk
Mono Framework
On MacOS to remove the mono framework run this.
sudo rm -rf /Library/Frameworks/Mono.framework
sudo pkgutil --forget com.xamarin.mono-MDK.pkg
sudo rm /etc/paths.d/mono-commands