Skip to content

Instantly share code, notes, and snippets.

@tie

tie/tricks.md

Last active July 27, 2024 10:55
Show Gist options
  • Save tie/0d48c87767e5ff3d2cdf1bff2f530c3d to your computer and use it in GitHub Desktop.
Save tie/0d48c87767e5ff3d2cdf1bff2f530c3d to your computer and use it in GitHub Desktop.
Download ZIP
Not so obvious things
Raw
tricks.md

Linux things

Fix stupid Docker

Docker daemon messes up iptables configuration.

>/etc/docker/daemon.json cat <<EOF
{
	"iptables": false
}
EOF

Administration

Managing users

Running in musl and busybox environment.

  • Do not use addgroup/adduser commands family. Vi is all you need to add another user or group. OK, maybe also openssl to generate password hash.
  • You can put comments in passwd, shadow, and groups files!
  • It’s safe to delete /etc/securetty. I don’t know why would anyone need TTY restrictions these days anyway.

Networking

Disable priveleged ports on Linux

After reading dozens of shitty iptables, authbind, systemd and xinetd solutions, here is the sysctl option:

# despite the name, works for IPv6 too
sysctl net.ipv4.ip_unprivileged_port_start=0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment