Skip to content

Instantly share code, notes, and snippets.

@calzoneman

calzoneman/linux-flight-rules.md

Last active February 8, 2019 06:09
Show Gist options
  • Save calzoneman/c2de827e8dea645083a8 to your computer and use it in GitHub Desktop.
Save calzoneman/c2de827e8dea645083a8 to your computer and use it in GitHub Desktop.
Download ZIP
Miscellaneous solutions/reminders to problems I've encountered more than once
Raw
linux-flight-rules.md

pip [for Python 3.2] throws UnicodeDecodeError on Debian Wheezy

Solution: export LANG=en_US.UTF-8

OpenVPN installation instructions

https://wiki.debian.org/OpenVPN

make-ovpn

#!/bin/bash

cd /etc/openvpn/easy-rsa/keys
cp client-template.conf "$1".ovpn
echo "<ca>" >> "$1".ovpn
cat ca.crt | grep -A 100 "BEGIN CERTIFICATE" | grep -B 100 "END CERTIFICATE" >> "$1".ovpn
echo "</ca>" >> "$1".ovpn
echo "<cert>" >> "$1".ovpn
cat "$1".crt | grep -A 100 "BEGIN CERTIFICATE" | grep -B 100 "END CERTIFICATE" >> "$1".ovpn
echo "</cert>" >> "$1".ovpn
echo "<key>" >> "$1".ovpn
cat "$1".key | grep -A 100 "BEGIN PRIVATE KEY" | grep -B 100 "END PRIVATE KEY" >> "$1".ovpn
echo "</key>" >> "$1".ovpn

OpenVPN doesn't forward traffic

  1. Make sure /proc/sys/net/ipv4/ip_forward is set to 1
  2. Make sure the push "redirect-gateway def1 bypass-dhcp" option is set in /etc/openvpn/server.conf
  3. Use the following iptables rules:
# Generated by iptables-save v1.4.14 on Fri Nov 20 00:26:06 2015
*nat
:PREROUTING ACCEPT [18:1124]
:POSTROUTING ACCEPT [10:717]
:OUTPUT ACCEPT [10:717]
-A PREROUTING -d <server IP>/32 -p udp -m udp --dport 53 -j REDIRECT --to-ports 11194
-A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source <server IP>
-A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source <server IP>
-A POSTROUTING -s 10.8.0.0/24 -o venet0 -j MASQUERADE
COMMIT
# Completed on Fri Nov 20 00:26:06 2015

fail2ban is slow to shut down/start up

Check /var/lib/fail2ban/fail2ban.sqlite:

select count(1) from bans;
select ip, datetime(dateofban, 'unixepoch', 'localtime') from bans order by 2;

Check /var/log/fail2ban.log.

If there are a ton of IPs in the ban table, fail2ban may be taking a while to ban/unban each one individually on startup/shutdown (this was a bug in an old version of fail2ban).

konsole not opening URLs in Firefox

  • Edit ~/.config/konsolerc:
[General]
BrowserApplication=firefox

Remove a SAN from a certbot certificate

  • Run certbot certificates to get a list of certificate names
  • Run certbot certonly --cert-name <cert-name> -d <list-of-domains> to register a new certificate which may exclude some previously included domains

Emojis not displaying in non-browser applications (e.g. terminals)

  • Firefox ships with its own emoji font built in
  • Download an emoji font (such as Noto Color Emoji) and place in ~/.fonts
  • Run fc-cache -vf

DualShock 4 controller not being recognized by Rocket League

  • Go to the game's controller settings (I did this through big picture mode; not sure what the menu is in desktop mode)
  • Set "Steam Input" to "Forced Off"

startx: parse_vt_settings: Cannot open /dev/tty0 (Permission denied)

  • Check if the Xorg binary has the suid flag set (on gentoo: equery uses x11-base/xorg-server)

Arch Linux: grub-mkconfig hanging on lvm root

mkdir /mnt/hostlvm
mount --bind /run/lvm /mnt/hostlvm
arch-chroot /mnt
ln -s /hostlvm /run/lvm
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment