Skip to content

Instantly share code, notes, and snippets.

@wallace11
Last active October 2, 2020 21:48
Show Gist options
  • Save wallace11/3c43397d89a5ee2c14391db4d88a5dc9 to your computer and use it in GitHub Desktop.
Save wallace11/3c43397d89a5ee2c14391db4d88a5dc9 to your computer and use it in GitHub Desktop.

Tricks

Command Description
dd if=/dev/<sdx> bs=<bs> count=1 | hexdump -C hexdump -C -n <bytes> <dev> Print hexdump of a drive

Directory indexing

  1. Set hashed b-trees to speed up lookup for large dirs: tune2fs -O dir_index /dev/<SDX>
  2. Optimize directories (reindexing/sorting and compressing): e2fsck -D /dev/<SDX>

Apply default permissions to folder

chmod g+s <PATH>             # Set gid
setfacl -d -m g::rwx <PATH>  # Set default permission for group to rwx
setfacl -d -m o::rx <PATH>   # Set default for other

Verify: getfacl <PATH>

Source

Reformat disk

  1. Reset all data: dd if=/dev/zero of=/dev/<SDX> bs=4096 status=progress
    Calculate block size

  2. Create new partition:

    parted /dev/<SDX> mklabel gpt
    parted -a opt /dev/<SDX> mkpart primary <PARTITION> 0% 100%

    <PARTITION> - ext4,fat32

  3. Format: mkfs.ext4 /dev/<SDX>

    Option Description
    -m 0 reserved-blocks-percentage
    -T largefile usage-type (defined in /etc/mke2fs.conf)

    For FAT: dosfstools

  4. Label:

    Filesystem Command
    EXT e2label /dev/<SDX> <LABEL>
    FAT fatlabel /dev/<SDX> <LABEL>

Create swap file

  1. Create swap
    fallocate --length 2GiB <SWAPFILE> # Initiate swap
    chmod 600 <SWAPFILE>               # Change permissions
    mkswap <SWAPFILE>                  # Define as swap
    swapon <SWAPFILE>                  # Activate
  2. Add to fstab: <SWAPFILE> swap swap defaults 0 0 >> /etc/fstab
  3. (Optional) Set swappiness: vm.swappiness=10

Disable swap:

swapoff -a
rm -f <SWAPFILE>

Encrypt drive

Source

  1. cryptsetup --key-size 512 luksFormat /dev/sdXX /path/to/key
  2. <name> UUID=<UUID> /path/to/key > /etc/crypttab
  3. systemctl daemon-reload && systemctl start systemd-cryptsetup@<name>.service

Header backup

cryptsetup luksHeaderBackup /dev/sdXX --header-backup-file header.img
gpg2 --recipient <EMAIL> --encrypt header.img

Resizing LVM partition

Source

# We need to resize the logical volume to use all the existing and free space of the volume group
$ lvm
lvm> lvextend -l +100%FREE /dev/ubuntu-vg/ubuntu-lv
lvm> exit

# And then, we need to resize the file system to use the new available space in the logical volume
$ resize2fs /dev/ubuntu-vg/ubuntu-lv
resize2fs 1.44.1 (24-Mar-2018)
Filesystem at /dev/ubuntu-vg/ubuntu-lv is mounted on /; on-line resizing required
old_desc_blocks = 1, new_desc_blocks = 58
The filesystem on /dev/ubuntu-vg/ubuntu-lv is now 120784896 (4k) blocks long.
docker volume rm $(docker volume ls -qf dangling=true)
docker rm -vf $(docker ps -aq)
docker system prune -a

Commands

Command Description
gpg --decrypt <FILE>.sec.asc | gpg --import Import encrypted secret key
gpg --edit-key <KEY> trust Trust key
gpg --export -a <KEY> > public.key Export public key
gpg --armor --export-secret-keys <KEY> | gpg --armor --symmetric --output <FILE>.sec.asc Export private key and protect with password
gpg --list-packets <FILE>.gpg Show information about encrypting keys

* <KEY> Can be user's email

Multi-recipient

  1. Import the keys with gpg --import <KEY>
  2. Echo gpg ids (emails) to .gpg-id
  3. Sign all keys: gpg --edit-key <KEY>
    1. lsign
    2. y
    3. save
  4. pass init -p <subdir> $(cat /path/to/.gpg-id)

Source

Tricks

Use in headeless machine

export GPG_TTY=$(tty)

Troubleshooting

Unsafe permissions on homedir

chmod 700 ~/.gnupg
chmod 600 ~/.gnupg/*

Handy Commands

Description Command
Change Nemo terminal gsettings set org.cinnamon.desktop.default-applications.terminal exec xfce4-terminal
Keyboard configure (Ubuntu) dpkg-reconfigure keyboard-configuration
Display system info inxi -Fxz
Convert file encoding iconv -f SHIFT-JIS -t UTF-8 <INPUT> -o <OUTPUT>
Automatic start-up of user services sudo loginctl enable-linger <USERNAME>
Clean journal journalctl --vacuum-size=<SIZE>M
Log into another user su -s /bin/bash <USERNAME>
Advertise hostname dhcpcd

Chroot inside LiveCD

sudo mount /dev/sda1 /mnt
sudo mount --bind /dev /mnt/dev
sudo mount --bind /proc /mnt/proc
sudo mount --bind /sys /mnt/sys
sudo chroot /mnt

Create monitor

gtf 1280 1024 60                                                # Get options for the resolution & refresh rate
xrandr --newmode "1280x1024_60.00" <OUTPUT-OF-1>                # Setup the new mode
xrandr --addmode VIRTUAL1 1280x1024_60.00                       # Add the new mode to an existing input device
xrandr --output VIRTUAL1 --mode 1280x1024_60.00 --left-of LVDS1 # Activate

PulseAudio Auto Switch

  • Automatically switch pulseaudio sink to Bluez
    /etc/pulse/default.pa

    .ifexists module-bluetooth-discover.so
    load-module module-bluetooth-discover
    load-module module-switch-on-connect  # Add this
    .endif
  • Auto select A2DP profile (instead of HSP/HFP)
    /etc/bluetooth/audio.conf

    [General]
    Disable=Headset

Ubuntu install specific app version

sudo apt-cache policy ${PKG}
sudo apt-get install ${PKG}=${VERSION}
sudo apt-mark hold ${PKG}

xbindkeys

  1. Install: sudo apt-get install xbindkeys xautomation x11-utils
  2. Create config: xbindkeys --defaults > $HOME/.xbindkeysrc

Some Useul ones:

#Logitech Mouse Button
"xte 'keydown Control_L' 'key W' 'keyup Control_L'"
   b:13

#Change Language
"xte 'keydown Alt_L' 'key Shift_L' 'keyup Alt_L'"
   control + space

Arch Linux Arm

Error: bsdtar: Ignoring malformed pax extended attribute

Old version of bsdtar on Ubuntu - requires v3.3+.

wget https://www.libarchive.org/downloads/libarchive-3.3.1.tar.gz
tar xzf libarchive-3.3.1.tar.gz
cd libarchive-3.3.1
./configure
make
sudo make install

Confirm via bsdtar --version. If done via sudo need to exit and enter again. source

Packages

  • nfs-utils (Arch)
  • nfs-kernel-server (Ubuntu)

Server

  • Create root just for NFS: /src/nfs
  • Bind locations: mount --bind /mnt/src /src/nfs/dest
    fstab: /mnt/src /srv/nfs/dest none bind 0 0

Arch

/etc/exports

Option Description
ro / rw Clients read only / read-write access
sync / Server replies after changes by previous request are written to disk
async Server does not have to wait
wdelay / Server delays committing write requests when it suspects another write request is imminent.
no_wdelay Disable the delay. Can only be enabled if sync is enabled
no_all_squash / Does not change the mapping of remote users
all_squash Squash all remote users including root
root_squash / Prevent root users connected remotely from having root access (squashing remote root privileges)
no_root_squash Disable root squashing
Command Description
exportfs -v View exports
exportfs -arv Re-export

/etc/nfs.conf

  • Restrict share to interface
    [nfsd]
    host=<server-ip/hostname>
    

Ubuntu

/etc/default/nfs-kernel-server

  • Disable NFSv3: RPCMOUNTDOPTS="--manage-gids --no-nfs-version 3"

Restarting

sudo systemctl restart nfs-config
sudo systemctl restart nfs-kernel-server

Performance

rsize/wsize

  • Check: cat /proc/fs/nfsd/max_block_size

/etc/tmpfiles.d/nfsd-block-size.conf:

w /proc/fs/nfsd/max_block_size - - - - 32768

Client

  • showmount -e <server>

Mount

<server>:/path   /path   nfs   <option> 0 0

Options

Mounting

Option Description
auto/noauto Will mount/not mount the share until it is accessed
x-systemd.device-timeout How long before give up mounting (seconds)
x-systemd.idle-timeout Unmount after idling (seconds)
timeo Time the NFS client waits for a response before it retries an NFS request. (600 = 60 seconds)
hard/soft Continue trying forever / stop after retrans
bg/fg Continue to try mounting / exit with error (when using mount command)

Performance

Option Description
noatime/nodiratime Dont record access time to files/dirs
sync Force flushing when writing data

idmapping

  • Both server and client
  • Check cat /sys/module/nfs/parameters/nfs4_disable_idmapping

/etc/modprobe.d/nfsd.conf

options nfs nfs4_disable_idmapping=0
options nfsd nfs4_disable_idmapping=0

Commands

Command Description
ssh -d Debugging
ssh-keygen Generate a new pair of keys
ssh-copy-id <remote-user>@<remote-ip> Copy local public key to a remote machine

sshfs

fstab

sshfs#<USERNAME>@<SERVER_IP>:/server/path   /mnt/<DIR>   fuse   IdentityFile=/home/<USERNAME>/.ssh/id_rsa,defaults,allow_other,default_permissions 0 0

or

<USERNAME>@<SERVER_IP>:/server/path  /mnt/<DIR> fuse.sshfs  noauto,x-systemd.automount,_netdev,reconnect,allow_other,IdentityFile=/home/<USERNAME>/.ssh/id_rsa  0 0

Options:

  • uid/gid=1000
  • cache=yes
  • kernel_cache
  • compression=no

For Crouton

echo "sshfs -o IdentityFile=/home/<user>/.ssh/id_rsa,allow_other,default_permissions <username>@<server ip>:/server/path /mnt/<folder>" >> /etc/rc.local

Port forwarding

  • A <--> B

  • B <--> C

  • On B: ssh -NTL <port b>:<ip a>:<port a> <ip a>

  • On C: ssh -NTL <port c>:localhost:<port b> <ip b>

  • Add new user: useradd -m <USERNAME>
  • Edit users: vipw ; Edit groups: vigr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment