Posts tagged ubuntu

apt cheatsheet
posted on 2017-01-23 21:31

As short as possible:

apt-cache search = search for package (old)
apt-cache show = show package information
dpkg -l = show installed packages
dpkg -L = show package contents
dpkg -S = search packages for file
apt-get install = install package (old)
apt-get remove = uninstall package, leave configuration on disk (old)
apt-get purge = uninstall package, delete configs (old)

apt search = (new)
apt install = (new)
apt remove = (new)
apt purge = (new)
ubuntu 10.04 change ulimit
posted on 2016-12-27 16:31

When trying to change the ulimit setting for open files this did not work system-wide by changing the /etc/security/limits.conf:

root@server:~# grep -v ^# /etc/security/limits.conf 


* soft nofile 4096
* hard nofile 10240

The only solution was to change the init script of the service needing more open files.

In my case it was a tomcat:

...

case "$1" in
  start)
        ulimit -n 10240

...

That way both the hard and the soft limit gets set to 10240, instead of setting them separately via -Hn and -Sn.

Of course (haha) you need to have enough capability to allow that many files systemwide, either put it into /etc/sysctl.conf and do sysctl -p or just do:

sysctl -w fs.file-max=1000000

Related bug report here.

ansible and ubuntu 16
posted on 2016-10-11 07:59

In case ansible is not working when being tried on a new ubuntu server, it actually lacks python 2.

fatal: [my_server]: FAILED! => {"changed": false, "failed": true, "module_stderr": "", "module_stdout": "/bin/sh: 1: /usr/bin/python: not found\r\n", "msg": "MODULE FAILURE", "parsed": false}

On the ubuntu server, do:

apt update
apt install python-minimal
upstart manual
posted on 2015-03-26 10:17:13

Ubuntu, as well as RHEL 6.6 (6.x?) use upstart for system initalization during boot up.

If you need help for creating the init scripts, see the official manual.

sshd: show ssh logins and fails
posted on 2015-03-05 11:13:00

successes

To show all successful login attempts on a debian-based system:

cat /var/log/secure | grep 'sshd.*opened'

Same for RHEL:

cat /var/log/auth.log | grep 'sshd.*opened'

fails

Debian's:

cat /var/log/auth.log | grep 'sshd.*Invalid'

RHEL's:

cat /var/log/secure | grep 'sshd.*Invalid'
Writing udev rules
posted on 2015-02-17 12:34:16

preface

The following applies to current ubuntu and fedora installations, i.e. 14.04 and 21.

Renaming hardware, especially network interfaces, can be done via udev. Why would you want that?

biosdevnames and its friends are the latest craze: Read up on predictable network interface names.

So there are two approaches:

  1. edit grub to disable net.ifnames and biosdevname and rename the basic eth's
  2. directly rename the interface names, after the biosdevname stuff was applied

I personally prefer the first approach, but this post will cover both approaches as through the difference the udev syntax becomes clearer.

net.ifnames and biosdevname grub changes

Some example, what these and their combinations will cause:

No parameters: NIC identified as enp5s2.

only biosdevname=0: NIC identified as enp5s2.

only net.ifnames=0: NIC identified as em1.

Parameter net.ifnames=0 AND biosdevname=0: NIC identified as eth0.

approach 1

applying changes to grub

  1. edit /etc/default/grub
  2. insert GRUB_CMDLINE_LINUX="net.ifnames=0 biosdevname=0" (or append both vars, in case the string was not empty in your config before)
  3. save, quit
  4. grub2-mkconfig -o /boot/grub2/grub.cfg
  5. reboot the server

changes via udev

lookup the MAC address of your NIC:

Via ip a or ip l or directly in the address file in /sys/class/net/<if-name>/address, whatever you like best. ;)

[sjas@ctr-014 ~]% ip a

...

2: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether AA:BB:CC:DD:EE:FF brd ff:ff:ff:ff:ff:ff
    inet6 fe80::20e:fff:ffff:4f6f/64 scope link 
       valid_lft forever preferred_lft forever

...

The adress AA:BB:CC:DD:EE:FF is of course not my real mac address. ;) But the mac is what we need here.

edit /etc/udev/rules.d/70-persistent-net.rules

Open the file in a editor of your choosing. If it does not exist, create it. There either edit already existing entries for your NIC (look if the MAC is already used somewhere), or add a new entry.

Basically your entry looks like this:

SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="AA:BB:CC:DD:EE:FF", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"

Copy this line, adjust your MAC address and the interface name (if you do not want to call your IF (interface) 'eth0'). All the other entries are not touched, if the IF was called ethX or something alike already prior.

approach 2

This is almost the same like above, just edit the /etc/udev/rules.d/70-persistent-net.rules file to match your MAC address and the name your IF should be called at NAME. But depending on the name your IF has had prior, you have to change the KERNEL attribute.

If i.e. your NIC's IF was called p2p1 prior, adjust the KERNEL flag to KERNEL=="p2p*"

It could be that the KERNEL flag can be omitted, I can't provide an answer on this for now, this post is a rewrite from memory and some leftover links in my browser. If I get around to test, this post will be updated.

biosdevnames explained

Prefixes:

en -- ethernet
sl -- serial line IP (slip)
wl -- wlan
ww -- wwan

Name type: o -- on-board device index number [P]ps[f] -- PCI geographical location

If your IF's are named p2p1 or something, this means the NIC is plugged into slot 2 of your pci bus and the first rj45 slot is used. If it is a dual-port NIC, the second IF would of course be called p2p2.

Copy paste from the systemd source from here from where the information above was taken:

/*
 * Predictable network interface device names based on:
 *  - firmware/bios-provided index numbers for on-board devices
 *  - firmware-provided pci-express hotplug slot index number
 *  - physical/geographical location of the hardware
 *  - the interface's MAC address
 *
 * http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames
 *
 * Two character prefixes based on the type of interface:
 *   en -- ethernet
 *   sl -- serial line IP (slip)
 *   wl -- wlan
 *   ww -- wwan
 *
 * Type of names:
 *   b<number>                             -- BCMA bus core number
 *   ccw<name>                             -- CCW bus group name
 *   o<index>                              -- on-board device index number
 *   s<slot>[f<function>][d<dev_port>]     -- hotplug slot index number
 *   x<MAC>                                -- MAC address
 *   [P<domain>]p<bus>s<slot>[f<function>][d<dev_port>]
 *                                         -- PCI geographical location
 *   [P<domain>]p<bus>s<slot>[f<function>][u<port>][..][c<config>][i<interface>]
 *                                         -- USB port number chain
 *
 * All multi-function PCI devices will carry the [f<function>] number in the
 * device name, including the function 0 device.
 *
 * When using PCI geography, The PCI domain is only prepended when it is not 0.
 *
 * For USB devices the full chain of port numbers of hubs is composed. If the
 * name gets longer than the maximum number of 15 characters, the name is not
 * exported.
 * The usual USB configuration == 1 and interface == 0 values are suppressed.
 *
 * PCI ethernet card with firmware index "1":
 *   ID_NET_NAME_ONBOARD=eno1
 *   ID_NET_NAME_ONBOARD_LABEL=Ethernet Port 1
 *
 * PCI ethernet card in hotplug slot with firmware index number:
 *   /sys/devices/pci0000:00/0000:00:1c.3/0000:05:00.0/net/ens1
 *   ID_NET_NAME_MAC=enx000000000466
 *   ID_NET_NAME_PATH=enp5s0
 *   ID_NET_NAME_SLOT=ens1
 *
 * PCI ethernet multi-function card with 2 ports:
 *   /sys/devices/pci0000:00/0000:00:1c.0/0000:02:00.0/net/enp2s0f0
 *   ID_NET_NAME_MAC=enx78e7d1ea46da
 *   ID_NET_NAME_PATH=enp2s0f0
 *   /sys/devices/pci0000:00/0000:00:1c.0/0000:02:00.1/net/enp2s0f1
 *   ID_NET_NAME_MAC=enx78e7d1ea46dc
 *   ID_NET_NAME_PATH=enp2s0f1
 *
 * PCI wlan card:
 *   /sys/devices/pci0000:00/0000:00:1c.1/0000:03:00.0/net/wlp3s0
 *   ID_NET_NAME_MAC=wlx0024d7e31130
 *   ID_NET_NAME_PATH=wlp3s0
 *
 * USB built-in 3G modem:
 *   /sys/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.4/2-1.4:1.6/net/wwp0s29u1u4i6
 *   ID_NET_NAME_MAC=wwx028037ec0200
 *   ID_NET_NAME_PATH=wwp0s29u1u4i6
 *
 * USB Android phone:
 *   /sys/devices/pci0000:00/0000:00:1d.0/usb2/2-1/2-1.2/2-1.2:1.0/net/enp0s29u1u2
 *   ID_NET_NAME_MAC=enxd626b3450fb5
 *   ID_NET_NAME_PATH=enp0s29u1u2
 */
Ubuntu 14.04 LAMP issues
posted on 2015-02-05 13:53:38

apache

Apache (as of version 2.4 now) has these issues.

  1. vhosts unter sites-enabled do have to end with .conf, except you fix the global setting which files are importet/loaded when restarting.
  2. *.80 in your virtualhost configuration should have the domain instead of the * wildcard.

mysql

Here two variable names got changed:

key_buffer => key_buffer_size
myisam-recover => myisam_recover_options

To fix the warnings, a workaround is to include the value of the current setting with the new variable set to it inside /etc/mysql/my.cnf.

udev in ubuntu 14.04
posted on 2014-11-08 16:19:45

If you want to rename your NIC's in linux, especially in ubuntu 14.04 (important!), you got to know that as of 11/2014 the official documentation is plain wrong. (See here.)

Edit /etc/udev/rules.d/75-persistent-net-generator.rules like:

SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="0c:c4:7a:0b:67:b6", NAME="eth0"
SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="0c:c4:7a:0b:67:b7", NAME="eth1"

Of course, you have to use the proper MAC address from the interface in question, get it via ip a.

Downgrading packages in Debian / Ubuntu
posted on 2014-07-09 16:50:55

Downgrading packages can become important once an apt-get update && apt-get upgrade breaks something.

Most of the following must be done as root. Since you need to be for

Logs on what got upgraded

To find out the packages in question, look here:

/var/log/apt/term.log
/var/log/dpkg.log
/var/log/apt/history.log

Beware of the logrotating, in case you do not find anything. Use zgrep, zless, zcat on these .bz2 files.

A handy script to gather all information into on single place:

cd /var/log/apt && cat history.log > ~/apthistory.log && zcat history.log*gz >> ~/apthistory.log

That you all your logs get aggregated into apthistory.log in your homefolder.

If you are using synaptic, you can check the logs through it, too.

Find out which version to use

apt-cache showpkg <package>

Package is the name you usually use when using apt-get.

In the last section, you may find info on the version to use. It doesn't help that the manpage tells you to look at apt's source code for more information. (Yes, it does that for real...)

If you can't help but feeling lost, that's normal.

The other approaches are skimming through the aforementioned logs with grep and more grep. Or using google, which is harder than one might imagine.

Actual downgrading

apt-get install <packagename>=<version number>

Beware you might need the :amd64 or :i386 extension for the package name, too.

Preventing future upgrades from killing your changes

echo '<packagename> hold' | dpkg --set-selections

To undo this:

echo '<packagename> install' | dpkg --set-selections

To show what currently gets upgraded or not:

dpkg --get-selections | grep 'install'
dpkg --get-selections | grep 'hold'

Keep in mind that things might break in a later update & upgrade, if you do not fix the cause of your problem. The package you downgraded might be needed in a newer version by a lot of other packages, it's just a question of time.

This blog covers .csv, .htaccess, .pfx, .vmx, /etc/crypttab, /etc/network/interfaces, /etc/sudoers, /proc, 10.04, 14.04, AS, ASA, ControlPanel, DS1054Z, GPT, HWR, Hyper-V, IPSEC, KVM, LSI, LVM, LXC, MBR, MTU, MegaCli, PHP, PKI, R, RAID, S.M.A.R.T., SNMP, SSD, SSL, TLS, TRIM, VEEAM, VMware, VServer, VirtualBox, Virtuozzo, XenServer, acpi, adaptec, algorithm, ansible, apache, apachebench, apple, arcconf, arch, architecture, areca, arping, asa, asdm, awk, backup, bandit, bar, bash, benchmarking, binding, bitrate, blackarmor, blowfish, bochs, bond, bonding, booknotes, bootable, bsd, btrfs, buffer, c-states, cache, caching, ccl, centos, certificate, certtool, cgdisk, cheatsheet, chrome, chroot, cisco, clamav, cli, clp, clush, cluster, coleslaw, colorscheme, common lisp, console, container, containers, controller, cron, cryptsetup, csync2, cu, cups, cygwin, d-states, database, date, db2, dcfldd, dcim, dd, debian, debug, debugger, debugging, decimal, desktop, df, dhclient, dhcp, diff, dig, display manager, dm-crypt, dmesg, dmidecode, dns, docker, dos, drivers, dtrace, dtrace4linux, du, dynamictracing, e2fsck, eBPF, ebook, efi, egrep, emacs, encoding, env, error, ess, esx, esxcli, esxi, ethtool, evil, expect, exportfs, factory reset, factory_reset, factoryreset, fail2ban, fbsd, fedora, file, filesystem, find, fio, firewall, firmware, fish, flashrom, forensics, free, freebsd, freedos, fritzbox, fsck, fstrim, ftp, ftps, g-states, gentoo, ghostscript, git, git-filter-branch, github, gitolite, gnutls, gradle, grep, grml, grub, grub2, guacamole, hardware, haskell, hdd, hdparm, hellowor, hex, hexdump, history, howto, htop, htpasswd, http, httpd, https, i3, icmp, ifenslave, iftop, iis, imagemagick, imap, imaps, init, innoDB, innodb, inodes, intel, ioncube, ios, iostat, ip, iperf, iphone, ipmi, ipmitool, iproute2, ipsec, iptables, ipv6, irc, irssi, iw, iwconfig, iwlist, iwlwifi, jailbreak, jails, java, javascript, javaws, js, juniper, junit, kali, kde, kemp, kernel, keyremap, kill, kpartx, krypton, lacp, lamp, languages, ldap, ldapsearch, less, leviathan, liero, lightning, links, linux, linuxin3months, lisp, list, livedisk, lmctfy, loadbalancing, locale, log, logrotate, looback, loopback, losetup, lsblk, lsi, lsof, lsusb, lsyncd, luks, lvextend, lvm, lvm2, lvreduce, lxc, lxde, macbook, macro, magento, mailclient, mailing, mailq, manpages, markdown, mbr, mdadm, megacli, micro sd, microsoft, minicom, mkfs, mktemp, mod_pagespeed, mod_proxy, modbus, modprobe, mount, mouse, movement, mpstat, multitasking, myISAM, mysql, mysql 5.7, mysql workbench, mysqlcheck, mysqldump, nagios, nas, nat, nc, netfilter, networking, nfs, nginx, nmap, nocaps, nodejs, numberingsystem, numbers, od, onyx, opcode-cache, openVZ, openlierox, openssl, openvpn, openvswitch, openwrt, oracle linux, org-mode, os, oscilloscope, overview, parallel, parameter expansion, parted, partitioning, passwd, patch, pdf, performance, pfsense, php, php7, phpmyadmin, pi, pidgin, pidstat, pins, pkill, plesk, plugin, posix, postfix, postfixadmin, postgres, postgresql, poudriere, powershell, preview, profiling, prompt, proxmox, ps, puppet, pv, pvecm, pvresize, python, qemu, qemu-img, qm, qmrestore, quicklisp, r, racktables, raid, raspberry pi, raspberrypi, raspbian, rbpi, rdp, redhat, redirect, registry, requirements, resize2fs, rewrite, rewrites, rhel, rigol, roccat, routing, rs0485, rs232, rsync, s-states, s_client, samba, sar, sata, sbcl, scite, scp, screen, scripting, seafile, seagate, security, sed, serial, serial port, setup, sftp, sg300, shell, shopware, shortcuts, showmount, signals, slattach, slip, slow-query-log, smbclient, snmpget, snmpwalk, software RAID, software raid, softwareraid, sophos, spacemacs, spam, specification, speedport, spi, sqlite, squid, ssd, ssh, ssh-add, sshd, ssl, stats, storage, strace, stronswan, su, submodules, subzone, sudo, sudoers, sup, swaks, swap, switch, switching, synaptics, synergy, sysfs, systemd, systemtap, tar, tcpdump, tcsh, tee, telnet, terminal, terminator, testdisk, testing, throughput, tmux, todo, tomcat, top, tput, trafficshaping, ttl, tuning, tunnel, tunneling, typo3, uboot, ubuntu, ubuntu 16.04, udev, uefi, ulimit, uname, unetbootin, unit testing, upstart, uptime, usb, usbstick, utf8, utm, utm 220, ux305, vcs, vgchange, vim, vimdiff, virtualbox, virtualization, visual studio code, vlan, vmstat, vmware, vnc, vncviewer, voltage, vpn, vsphere, vzdump, w, w701, wakeonlan, wargames, web, webdav, weechat, wget, whois, wicd, wifi, windowmanager, windows, wine, wireshark, wpa, wpa_passphrase, wpa_supplicant, x2x, xfce, xfreerdp, xmodem, xterm, xxd, yum, zones, zsh

View posts from 2017-03, 2017-02, 2017-01, 2016-12, 2016-11, 2016-10, 2016-09, 2016-08, 2016-07, 2016-06, 2016-05, 2016-04, 2016-03, 2016-02, 2016-01, 2015-12, 2015-11, 2015-10, 2015-09, 2015-08, 2015-07, 2015-06, 2015-05, 2015-04, 2015-03, 2015-02, 2015-01, 2014-12, 2014-11, 2014-10, 2014-09, 2014-08, 2014-07, 2014-06, 2014-05, 2014-04, 2014-03, 2014-01, 2013-12, 2013-11, 2013-10


Unless otherwise credited all material Creative Commons License by sjas