Skip to content

Instantly share code, notes, and snippets.

@ychaouche

ychaouche/toolbox

Last active March 20, 2024 15:31
Show Gist options
  • Save ychaouche/74e1d31911442ae13aadc63b885a06f7 to your computer and use it in GitHub Desktop.
Save ychaouche/74e1d31911442ae13aadc63b885a06f7 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
toolbox
-*-outline-*-
(best viewed in emacs with outline-mode)
* by name
** apparmor
*** intro
Some processes are monitored by AppArmor and their actions can be restricted to their AppArmor profile.
For example : access to certain paths, or execution of certain commands, or certain kernel capabilities.
If the profile doesn't allow, the user gets a permission denied.
Example : tcpdump can't read or write files not ending with .pcap.
*** log file
apparmor actions are logged in /var/log/syslog with the audit facility
*** tools
**** aa-status
get the actual status of aa,
useful for introspection as some profiles are not necessarily on disk files
**** aa-genprof
this will monitor a process and help you defined a profile interactively by answering simple questions like :
this process tries to access this ressource, allow/deny?
**** aa-logprof
this helps to update the profile in case the executable changes -update- by reading the audit logs. If new
actions or paths are accessed it will prompt you and update the profile accordingly
**** apparmor_parser -r <filename>
if you manually modify a profile, run apparmor_parser for it to take effect.
** apt
*** automatic yes
apt-get -y install
*** sources.lst
**** explication
1. 2. 3. 4.
deb http://ftp.debian.org/debian/ jessie main
1. deb ou deb-src
2. url du dépot
3. version de debian
4. filtre sur les paquets (contrib, nonfree etc.)
**** fichier par défaut officiel
https://wiki.debian.org/SourcesList#Example_sources.list
**** debug symbols
ajouter cette source
deb http://deb.debian.org/debian-debug/ buster-debug main
puis installer le paquet avec le suffixe -dbgsym
**** source repos
/etc/apt/sources.list.d/official-source-repositories.list
*** show only the description of package in the output of apt-cache show <packagename>
apt-cache show <package> | grep-dctrl -s Description-en -
grep-dctrl is a grep that is specialized to apt files format.
it is provided by the dctrl-tools package
*** remove unused packages
apt-get autoremove
*** pourquoi ce paquet est installé
apt-cache rdepends <package>
ou bien
apt rdepends <package> affichera les paquets qui ont pu installé celui-ci, soit
comme dépendance, soit comme suggestion (recommendation)
*** lister tous les fichiers d'un paquet non installé
apt-file show <packagename>
*** ce paquet dépend de
apt-cache depends <packagename>
*** lister les paquets cassés
apt-get check
*** This must be accepted explicitly before updates for this repository can be applied. see apt-secure(8) manpage for details.
You need to run apt-get update with the --allow-releasinfo-change flag
apt-get update --allow-releaseinfo-change
*** download w/o installing
apt-get download
** aptitude
*** why
aptitude why tells why a package got installed.
*** understanding the output of aptitude commands
first char is state.
i : installed
c : deleted, config files remain
p : purged or never installed
v : virtual
B : broken dependencies
C : half-configured (installation aborted)
H : half-installed (installation aborted)
W : triggers awaited
T : triggers pending
second char is the action to be done
i : install
d : delete
p : purge
u : upgrade
h : hold (won't upgrade)
F : Forbid to upgrade
r : reinstall
B : broken (don't install/reinstall/update until you fix this)a
third char is how the package was installed
A : automatic
fourth char is package trustworthness
U : untrusted
** ar
*** invocation
ar <archive> [<member>]
*** redirect output to stdout
p. This is useful to use it as an input to tar for further processing.
** augtool
*** whatis
edit configuration files programmatically
*** changing configuration from the command line
17:28:13 ~/DOCUMENTS/INTERNE/MESSAGERIE -1- $ augtool get /files/home/ychaouche/.ssh/config/Host[10]
/files/home/ychaouche/.ssh/config/Host[10] = labonedjma.net
17:29:53 ~/DOCUMENTS/INTERNE/MESSAGERIE -1- $ augtool set /files/home/ychaouche/.ssh/config/Host[10] labonedjma
Saved 1 file(s)
17:29:59 ~/DOCUMENTS/INTERNE/MESSAGERIE -1- $ augtool get /files/home/ychaouche/.ssh/config/Host[10]
/files/home/ychaouche/.ssh/config/Host[10] = labonedjma
17:30:02 ~/DOCUMENTS/INTERNE/MESSAGERIE -1- $
*** it's also an interactive tool
sudo augtool
augtool> set /files/etc/ssh/sshd_config/PermitRootLogin no
augtool> save
augtool> quit
** avconv
*** disable color in output
AV_LOG_FORCE_NOCOLOR=1 avconv ...
*** extract part of a video/audio
ffmpeg -i input.mp4 -ss 00:09:23 -t 33 -c copy output.mp4
extracts 33 seconds starting from 09:23
** awk
*** invoking awk
**** specifying program text
program text w/ -e
**** specifying program file
program file w/ -f
**** specifying the field separator
-F will let you specify the field separator.
**** shebang
#!/usr/bin/gawk -f
**** passing in variables
-v var1=val2 var2=val2 etc.
access them directly in the script,
w/o using the $ sign
*** printing specific things
**** print last column
{print $NF}
**** print a captured group
I want to capture the Duration of a video, this is from the output of ffprobe on a specific file that has a strange structure... The trick is then to use match($0,pattern,array) then reference the matching group with the array's indice.
pattern : without quotes, without escaping any special characters like parens, brackets etc.
warning : this only works with gawk
ychaouche#ychaouche-PC 16:29:31 ~/VIDEOS/SCREENCASTS $ ffprobeoutput="Facebook: https Duration: 00:00:46.73, start: 0.000000, bitrate: 869 kb/s"
ychaouche#ychaouche-PC 16:29:39 ~/VIDEOS/SCREENCASTS $ echo $ffprobeoutput
Facebook: https Duration: 00:00:46.73, start: 0.000000, bitrate: 869 kb/s
ychaouche#ychaouche-PC 16:35:24 ~/VIDEOS/SCREENCASTS $ echo $ffprobeoutput | awk 'match($0,/Duration: ([^,]+),/,A) {print A[1]}'
00:00:46.73
ychaouche#ychaouche-PC 16:35:27 ~/VIDEOS/SCREENCASTS $
**** print the number of lines
awk 'END {print NR}'
**** print last record
awk 'END {print}'
You can also change the record separator if records are separated with a specific pattern. For example, here's how to display last worklog.summary entry :
alias notes.worklog.last='awk -v RS="\n\\\*" "END {print}" ~/NOTES/LOG/worklog.summary'
14:38:01 ~ -2- $ notes.worklog.last
Lundi 19 Septembre 2022
- DNS override
14:57:09 ~ -2- $
**** select rows with a specific field value
$3 ~ /<regexp>/ {do something}
$3 ~ /<regexp>/ # will only print rows with <regexp> in third field.
$3 ~ "part of a string" # joker is implied with ~
**** nothing is printed
don't forget to use print;
**** too many lines printed
don't do this
$0 ~ regex
{
print($0,"matches");
}
do this
$0 ~ regex {
print($0,"matches");
}
the first is equivalent to $0 ~ regex {print} {print($0,"matches"), which is why all lines are printed as matching (because there's no pattern.
**** unbuffered output
use fflush();
**** emulate tail
there is no easy way
**** negative group matching
with egrep -P you can
relay=(?!127.0.0.1|local)
with awk you may
/^relay=/ && !/^relay=(127\.0\.0\.1|local)$/
**** printing an array
for (key in my_dict) { print key ": " my_dict[key] }
*** matching
**** matching a string containing meta-characters
use index() instead of the ~ operator or match.
**** matching regexes defined in user variables
put regex w/o the / in between quotes like this :
BEGIN { regex="([[:digit:]]{1,3}\\.){3}[[:digit:]]{1,3}"; }
{if (match($0,regex,A)) {...} }
*** removing things
***** remove first/last character
***** remove blank lines from a file
awk NF file
be careful : the file shouldn't contain \r chars. Otherwise, use a tr -d "\r" < file before.
*** strings and regexes
**** strings vs regexes and the \\ problem
"\." is not a valid string
"\\." is a valid string, it will be seen as "\." by the regex functions
**** strings
***** concatenate
with space, and probably add \n if adding $0
line = line $0 "\n"
***** formatting
%06.2f
6 is the for the whole number,
not just the natural part.
**** regexes
***** how to write regexes
"" can produce errors
// is the best fit for regexes
***** gawk is ERE
mawk is basic regexes only
gawk is extended regexes, with a few exceptions
\y matches beginning or end of a word
\w[ord] constituent (alnum + _)
\W is [^\W]
\s whitespace
\S = [^\s]
[:alnum:]
[:alpha:]
[:punct:]
***** no escaping necessary
parens, + etc. need not be escaped
***** ignore case
awk -v IGNORECASE=1 <awk script>
***** removing all meta-characters from a string
gsub(/[$^*()+\[\]{}.?\\|]/,"\\\\&",task);
*** communicating with the shell
**** sending output to a pipe
***** example
root@messagerie-principale[10.10.10.19] ~ # gawk -F: -e '{print $1 | "sort"}' /etc/passwd
amavis
backup
bidon
bin
clamav
daemon
Debian-exim
debian-spamd
dovecot
dovenull
games
glances
gnats
irc
list
lp
mail
man
messagebus
mysql
news
nobody
ntp
opendkim
postfix
proxy
root
serveur
sshd
statd
sync
sys
systemd-bus-proxy
systemd-network
systemd-resolve
systemd-timesync
uucp
vmail
www-data
root@messagerie-principale[10.10.10.19] ~ #
***** explanation
this is because all output of print is piped to the sort command, which output is delivered at the end.
**** getting input from a pipe
***** dno't use getline
****** here's how to not use getline
command = "cmd " var1 " " var2;
command | getline x; close(command);
will put the result of cmd var1 var2 in x.
****** close the pipe
we need to close the pipe, otherwise next call to getline won't read (EOF or error).
command = " ... ";
command | getline var;
close(command);
****** gl form
<var>="undefined";
"<command> " args | getline <var>;
close("<command> " args);
fflush()
}
****** example 1
example where <var>=country and <command>=mygeoip (from mailcop-filter) :
awk '{country="undef"; "mygeoip " $7 | getline country; close("mygeoip " $7); printf "%s %s %s %-40s %-16s %s\n",$1,$2,$3,$6,$7,country; fflush()};
****** example 2
example for DNS query log analysis
awk '/queries/ {gsub(/queries.*client /,""); gsub(/#[0-9]+/,""); gsub(/: query:.*/,""); geoip="null"; "mygeoip.whob " $3 | getline geoip; close("mygeoip.whob " $3); printf("%s %s %16s %s %s\n", $1, $2, $3, geoip, $4); fflush()}' /tmp/somequeries
****** récap
1. <var> needs to be set to undef, otherwise it will keep last value.
2. fflush() needs to be called a the end, because idk.
3. you call a command with a string "mygeoip " $7.
4. this will call mygeoip with argument $7.
5. you capture the output of that command with | getline <var>.
***** use system
result = system("ls")
*** conditionals
**** with patterns
if (/regex/) { ... } else {...}
**** gl
if (condition) {<statements>} elif (condition) {statements>} else {<statements>}
**** examples
l'alias rip :
tail -f /var/log/dovecot.log | awk '{if (match($0,/rip=10.10.10.19/)) next; else if (match($0,/Login:.*rip/)) print "external", $0 }'
*** functions
**** String funcs
don't forget to use print, otherwise you won't see anything.
***** sub, gsub, gensub
sub : 1 time.
g[lobal]sub : global sub.
gen[erate]sub : generate a new string instead of changing the original.
syntax :
[g]sub(regex, substitution, [string])
gensub(regex, substitution, mode, [string])
string is $0 by default.
mode can be g or G (global), or a number indicating which match to replace.
\1 matches first subexpression, \2 second etc.
***** match(string, regex, array)
array[0] will contain whole match, if any
array[n] will contain nth subgroup, if any
return index of first occurence.
attention sous mawk il n'y a pas de array
on a simplement match(string,regex)
***** split(string, array, sep)
fields are separated by sep. Put each field separatly in the array.
Useful for eg. to split a field that contains multiple lines to an array of lines.
***** patsplit(string, array, fieldpat)
fields are defined fieldpat. Put each field separatly in the array.
***** sprintf(format,vars...)
store formatted string to out
out=sprintf(format,vars...)
out=sprintf("it is %f outside", 39.2);
*** user variables
user variables need not be preceded by a $
*** accessing columns via a variable
col=2
$col will select 2nd column.
$(NF-3) will access 3rd to last column.
*** when things go wrong/unexpected
**** // and { on same line
the pattern and the actions opening brace need to be on the same line
symptoms :
same line printed twice
*** arrays
**** print keys
for (key in array) {print key}
** base64
Pour décoder un fichier en base64 on peut utiliser : base64 -di
-d decode
-i ignore garbage.
En effet, la format MIME exige des séparations de ligne par CRLF que base64 -d ne parse pas.
** bash
see ~/NOTES/TXT/bash.info
** bc
scale=2
ychaouche#ychaouche-PC 09:59:25 ~ $ bc <<< "scale=2; 6/14"
.42
ychaouche#ychaouche-PC 09:59:33 ~ $
** beautifulsoup
*** BeautifulSoup class
**** __init__(self,markup...)
markup is either a string or a file-like object
**** find(self,)
only return first match
**** findAll(self,name=None,attrs={},text=None...)
name = name of the tag
attrs = any attribute
**** findNext
find after this tag (not in its children)
** bind
*** ajouter une zone slave
éditer le fichier named.conf.local et ajouter un enregistrement en spécifiant :
- type : slave
- masters : la liste des serveurs maitres términés par un ;
- file : le fichier .db qui sera utilisé.
exemple
zone "radioalgerie.dz."{
type slave;
masters {10.10.10.4;};
file "/etc/bind/slave/radioalgerie.dz.db";
};
*** ne pas écouter sur ipv6
par défaut.
enlever donc les listen-on-v6 s'il y en a.
** binwalk
-e[xtract]
** boxes
pour justifier le text : -a [hv](horizontal/vertical)[jlcr](justify,left,center,right)
Example : -ahlvc (horizontal/left, vertical center)
pour choisir le design : -d
pour lister les designs disponibles : -l
pour ajouter un padding : -p (idem que -a pour horizontal, vertical etc. on ajoute t pour top, b pour bottom et -a pour all)
Exemple : -pv4h2
** bzr
*** bzr move files after they're been moved
bzr move --auto
*** last revision
-r last:1
*** show modified files
bzr log -v -r <revspec>
*** change parent branch
either edit the parent_location in : .bzr/branch/branch.conf (p)
or run bzr reconfigure --unstacked-parent=path/to/new/parent/branch (you)
** catchsegv
$ catchsegv program arguments
quand le program crash, output :
- le contenu des registres
- un stack trace
** cg & vg
search with cg like regular grep
open nth result with vg n
** chmod
** command
command -v / -V will give you path to the command, or specify if the command is a shell builtin
** cowsay
cowsay / cowthink
L'émotion avec -s(toned), -d(ead), -y(oung), -p(arano), -b(org), -g(reedy), -t(ired), -w(eird)
l'apparence avec -f (-l pour lister toutes les apparences)
** cp
*** copier les fichiers pointés par un symlink
cp -L
*** créer les répertoires intermédiaires
cp --parents (ne fonctionne qu'avec un répertoire)
** cron
*** every 5 minutes
m h d dow dom
*/5 * * * *
** ctags / etags
etags *.py. c'est tout.
Sinon etags <fichier_source> -o <fichier_etags>.
Ensuite il suffit de déplacer le curseur vers un appel de fonction/méthod
et de faire M-.,
ça emmene à la définition.
Si ce n'est pas le bon endroit,
on fait C-u M.-
** curl
*** skip certificate
-k
*** follow redirects
-L
*** output to a file
-o
*** only http status (headers) (404/500/200)
-I
*** spoofing user agent
--user-agent
example :
curl --user-agent "Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0 Waterfox/91.4.2"
*** continue old download
-C - # - is part of the command, it means do your best.
*** use a proxy
-x
** date
*** textual date
print what date is three months and one day from now :
date --date='3 months 1 day'
*** print date as YYYY-MM-DD
format is given with +<format string>
date --date yesterday +%Y-%m-%d
*** date in seconds since epoch
date +%s
*** convert seconds since epoch to date
ychaouche#ychaouche-PC 13:05:43 ~ $ date --date=@1605096302
Wed Nov 11 13:05:02 CET 2020
ychaouche#ychaouche-PC 13:05:48 ~ $
*** add durations to dates
$ date -d "2022-05-29 10:00:00 +2 months -4 days + 11 hours - 29 minutes"
Sat Jun 25 19:31:00 CET 2022
$
*** dateutils
**** convert seconds to hh:mm:ss
$ dateutils.dconv -f "%H:%M:%S" -i '%s' 830
00:13:50
**** difference between two time durations
petit problème de formatage, je ne sais pas comment régler ça encore.
ychaouche#ychaouche-PC 10:03:40 ~ $ dateutils.ddiff -f "%H:%M:%S" "01:50:00" "00:27:00"
-1:-23:0
ychaouche#ychaouche-PC 10:03:47 ~ $
-i pour formatter la date en entrée
13:44:58 ~ -1- $ dateutils.ddiff -i "%M:%S" "26:41" "27:31"
50s
13:45:27 ~ -1- $
** dbus
voir qdbus et qdbusviewer
** dd
When to use dd ?
1. When you need to copy part of a file, anywhere inside it (skip and count)
2. When you need to resume a copy that hasn't finished (skip)
cp is sometimes 2.5 times faster than dd, source : https://www.reddit.com/r/linux4noobs/comments/6u6828/dd_vs_cp/dlqhdar/
** di
an alternative to df which displays info for mounted filesystems, optimized for real partitions and disks, not loopback and pseudo-filesystems.
** diff
*** summary of differences
-q : show only files that differ between two dirs
ychaouche#ychaouche-PC 13:29:03 / $ diff -q /opt/libreoffice*
Files /opt/libreoffice6.1/CREDITS.fodt and /opt/libreoffice7.0/CREDITS.fodt differ
Common subdirectories: /opt/libreoffice6.1/help and /opt/libreoffice7.0/help
Files /opt/libreoffice6.1/LICENSE and /opt/libreoffice7.0/LICENSE differ
Only in /opt/libreoffice6.1: LICENSE.fodt
Files /opt/libreoffice6.1/LICENSE.html and /opt/libreoffice7.0/LICENSE.html differ
Common subdirectories: /opt/libreoffice6.1/presets and /opt/libreoffice7.0/presets
Common subdirectories: /opt/libreoffice6.1/program and /opt/libreoffice7.0/program
Common subdirectories: /opt/libreoffice6.1/readmes and /opt/libreoffice7.0/readmes
Common subdirectories: /opt/libreoffice6.1/share and /opt/libreoffice7.0/share
ychaouche#ychaouche-PC 13:29:05 / $
*** use -r on directories
otherwise it won't recurse
*** -c shows context
it is useful to start w/ original file, then the modified file.
- : removed from orig
+ : added to orig
! : changed
This shows too much context of both files. Unified output is better.
sample output :
ychaouche#ychaouche-PC 12:00:43 ~/DOWNLOADS/APPS/VPN_Clients $ diff -c tda.ovpn.orig tda.ovpn
*** tda.ovpn.orig 2022-05-17 16:12:15.806757623 +0100
--- tda.ovpn 2022-05-18 11:37:46.981400758 +0100
***************
*** 1,13 ****
dev tun
persist-tun
persist-key
- data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
- data-ciphers-fallback AES-256-CBC
auth SHA256
tls-client
client
resolv-retry infinite
! remote 80.246.1.223 18223 udp4
verify-x509-name "radioalgerie.local" name
auth-user-pass
remote-cert-tls server
--- 1,12 ----
dev tun
persist-tun
persist-key
auth SHA256
+ cipher AES-256-CBC
tls-client
client
resolv-retry infinite
! remote 80.246.1.223 18223 udp
verify-x509-name "radioalgerie.local" name
auth-user-pass
remote-cert-tls server
ychaouche#ychaouche-PC 12:01:29 ~/DOWNLOADS/APPS/VPN_Clients $
*** -u unified (compressed) (preferred) context
**** intro
use orig before modified version
- : deleted from original
+ : added to original
**** sample output
ychaouche#ychaouche-PC 12:31:41 ~/DOWNLOADS/APPS/VPN_Clients $ diff -u tda.ovpn.orig tda.ovpn
--- tda.ovpn.orig 2022-05-17 16:12:15.806757623 +0100
+++ tda.ovpn 2022-05-18 11:37:46.981400758 +0100
@@ -1,13 +1,12 @@
dev tun
persist-tun
persist-key
-data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
-data-ciphers-fallback AES-256-CBC
auth SHA256
+cipher AES-256-CBC
tls-client
client
resolv-retry infinite
-remote 80.246.1.223 18223 udp4
+remote 80.246.1.223 18223 udp
verify-x509-name "radioalgerie.local" name
auth-user-pass
remote-cert-tls server
ychaouche#ychaouche-PC 12:31:46 ~/DOWNLOADS/APPS/VPN_Clients $
**** short output (-u0)
ychaouche#ychaouche-PC 12:35:30 ~/DOWNLOADS/APPS/VPN_Clients $ diff -u0 tda.ovpn.orig tda.ovpn
--- tda.ovpn.orig 2022-05-17 16:12:15.806757623 +0100
+++ tda.ovpn 2022-05-18 11:37:46.981400758 +0100
@@ -4,2 +3,0 @@
-data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
-data-ciphers-fallback AES-256-CBC
@@ -6,0 +5 @@
+cipher AES-256-CBC
@@ -10 +9 @@
-remote 80.246.1.223 18223 udp4
+remote 80.246.1.223 18223 udp
ychaouche#ychaouche-PC 12:35:37 ~/DOWNLOADS/APPS/VPN_Clients $
or diff (normal output)
ychaouche#ychaouche-PC 12:35:37 ~/DOWNLOADS/APPS/VPN_Clients $ diff tda.ovpn.orig tda.ovpn
4,5d3
< data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
< data-ciphers-fallback AES-256-CBC
6a5
> cipher AES-256-CBC
10c9
< remote 80.246.1.223 18223 udp4
---
> remote 80.246.1.223 18223 udp
ychaouche#ychaouche-PC 12:36:59 ~/DOWNLOADS/APPS/VPN_Clients $
** dig
*** voir tous les enregistrements DNS
dig <nom> ANY
*** +short
one line
*** +search
append domains from the search configuration of /etc/resolv.conf
*** invoking
dig <name> <type> @<server>
*** if query takes too long
probably timed out queries.
use +qr to see the queries.
** djbdns
package for dns server, cache, client and debugging tools
http://cr.yp.to/djbdns.html
It is used for millions of hosts around the web.
Source : http://cr.yp.to/djbdns/blurb.html
<<<
November 2008 .com update: There are 78.1 million .com names on the Internet. At least 4.6 million .com names are hosted by servers that, according to the fpdns fingerprint tool, run djbdns. The only software packages used for more names are BIND (20.6 million), MyDNS (17.8 million), and PowerDNS (6.6 million).
>>>
** dmesg
dmesg -T shows timestamps in human readable format.
** dpkg / dpkg-query
*** by function
**** rechercher
***** rechercher un paquet installé par motif
dpkg/dpkg-query -l *pattern* liste les paquets dont le nom ressemblent à pattern
***** quel paquet fournit cette commande / ce fichier
dpkg/dpkg-query -S *pattern*
**** lister
***** afficher tous les paquets installés
dpkg-query -l
dpkg -l
***** lister tous les fichiers installés par un paquet
dpkg -L packagename
dpkg-query -L packagename
***** lister les fichiers d'un paquet .deb
dpkg -c <package.deb>
***** afficher l'état de tous les paquets matchant un pattern
dpkg -l <pattern>
dpkg-query -l <pattern>
**** vérifications
***** how to inspect a .deb package?
les paquets sont des archives au format ar, utiliser la commande ar pour extraire le fichier data.tar.xz comme ceci :
ar xvf <packet.deb> data.tar.xz
puis inspecter à l'aide de tar vJf l'archive data.tar.xz
AUTRE METHODE
On peu extraire directement vers un réperoire avec ar pvf <paquet.deb> data.tar.xz | tar Jvx -C <target-directory>
en effet, p[rint] va rediriger la sortie de ar vers la sortie de standard, de telle sorte à ce que tar puisse lire directement.
par exemple :
ar fp libssl-dev_1.1.0l-1~deb9u4_amd64.deb data.tar.xz | tar Jvx -C libssl-dev_1.1/
***** est-ce que ce paquet est installé
dpkg-query -W <pattern> : show any (installed) package matching pattern
dpkg / dpkg-query -s <name> : show description of a specific package
***** y a-t-il des paquets qui utilisent des fichiers dans ce dossier ?
dpkg/dpkg-query -S /path/vers/dossier
exemple:
root#ychaouche-PC 13:43:19 /usr/lib/debug/usr/lib # dpkg -S /usr/lib/debug/
kate-dbg, kdelibs5-dbg, kde-baseapps-dbg, konsole-dbg, kde-runtime-dbg, libqt4-dbg:amd64, libgmime-2.6-0-dbg, libc6-dbg:amd64: /usr/lib/debug
root#ychaouche-PC 13:44:59 /usr/lib/debug/usr/lib #
***** à quel paquet appartient ce fichier ?
dpkg/dpkg-query -S /path/vers/fichier
***** vérifier l'intégrité des paquets
****** commande et sortie
dpkg -V en tant root (sans argument)
explication de la sortie :
1. seulement les fichiers pour lesquels un test a échoué sont affichés
2. une série de 9 caractères sont affichés, un pour chaque test.
3. ? = le test n'a pas pu être fait.
. = test ok
[:alnum:] = code d'erreur
****** utilité
si la machine est déjà compromise, il ne sert à rien de lancer cette commande.
ce qu'il faudrait c'est que les hashs soient comparés avec un autre système réputé sain.
**** cancel changes to conf files
dpkg --force-confnew
**** forcer la suppression d'un paquet
dpkg --force-all --remove <package> [1]
[1] https://wiki.debian.org/DebianPackageManagement#line-271
*** by option
**** dpkg-query -S[earch] <pattern>
search for filename in installed packages
**** dpkg-query -s[tatus]
report status for a specified package (installed or not)
**** dpkg-query -l[ist packages] <pattern>
list packages
la première colonne contient deux drapeaux.
Le premier drapeau est l'action désiré pour ce paquet :
i Install
r Remove
u unknown
Le deuxième drapeau est l'état du paquet
i Installed
c config-files
n not installed
**** dpkg-query -L[ist files] <package>
list files of a package
**** dpkg-query -[sho]W <pattern>
identique à -l sauf qu'elle permet de spécifier le format de la sortie.
** dpkg-query
voir * by function ** working with packages ** debian ** dpkg
** ed
voir * ed (bookmark-jump "linux::ed")
** emacs
voir emacs.info
** expand
transform tabs to spaces
see also ** unexpand
** expect
*** shebang
#!/usr/bin/expect
*** how to run a command ?
spawn command
*** how to capture output ?
expect 'pattern' {action}
*** how to send input ?
send "input\r"
*** how to keep terminal open after last command ?
interact
*** don't use simple quotes
they don't delimit strings
*** how to use a remote bash variable?
quote the double quotes and quote the $, like this :
\"\$REGX_IP\"
** ext4magic
*** listing recovarable files
# ext4magic /dev/sdXY -a "$(date -d "-2hours" +%s)" -f deleted/folders/root -j /some/safe/path/sdXY.journal -l
example:
ext4magic /dev/sda1 -Lx -f root/ > /tmp/files
list all recoverable files in the last 24h in the /root/ subdir
(note that the argument root/ is given w/o first slash)
*** options
-a[fter] time in seconds since epoch
default is 24h
-f[older] only scan for files in this folder
-j[ournal] use the backup of the journal.
Only useful if you made a backup
(with debugfs)
before a reboot.
otherwise it reads the current journal by default.
-l[ist] the deleted files
-d[estination]
-r[ecoverable] 100% recoverable only
-R[ecoverable] partially recoverable files too
-m[ulti-stage] recover all deleted files in a multi-stage operation
-
*** notes
couldn't recover test.sh file
** extundelete
extundelete /dev/sda1 --restore-file /root/test.sh
** fail2ban
*** how to get the config of a jail ?
fail2ban-client get <jail> <field>
both <jail> and <field> support tab completion
fail2ban-client get <tab> <tab>
or you can do (nasty)
fail2ban-client -d[ump] | grep <jailname>
*** how to get dbinfo ?
fail2ban-client get dbfile
*** how to get the list of banned IPs ?
1. grep Ban /var/log/fail2ban.log
2. iptables -L INPUT -v -n
3. fail2ban-client status <jailname>
*** how to unban ?
fail2ban-client set <nextcloud> unbanip <192.168.211.76>
*** how to test a regex
fail2ban-regex [-v[erbose]] <logfile> <regex>
both <logfile> and <regex> can be strings or files
for example :
root@messagerie-principale[10.10.10.19] ~ # fail2ban-regex -v /var/log/mail.warn /etc/fail2ban/filter.d/postfix-sasl.conf
Running tests
=============
Use failregex file : /etc/fail2ban/filter.d/postfix-sasl.conf
Use log file : /var/log/mail.warn
Results
=======
Failregex: 23 total
|- #) [# of hits] regular expression
| 1) [23] ^\s*(<[^.]+\.[^.]+>)?\s*(?:\S+ )?(?:kernel: \[ *\d+\.\d+\] )?(?:@vserver_\S+ )?(?:(?:\[\d+\])?:\s+[\[\(]?postfix/smtpd(?:\(\S+\))?[\]\)]?:?|[\[\(]?postfix/smtpd(?:\(\S+\))?[\]\)]?:?(?:\[\d+\])?:?)?\s(?:\[ID \d+ \S+\])?\s*warning: [-._\w]+\[<HOST>\]: SASL ((?i)LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed(:[ A-Za-z0-9+/:]*={0,2})?\s*$
| 172.16.10.53 Sun Nov 28 07:23:44 2021
| 103.167.84.118 Sun Nov 28 08:06:19 2021
| 136.144.41.223 Sun Nov 28 13:50:58 2021
| 136.144.41.223 Sun Nov 28 13:51:04 2021
| 136.144.41.223 Sun Nov 28 13:51:15 2021
| 136.144.41.223 Sun Nov 28 13:51:25 2021
| 136.144.41.223 Sun Nov 28 13:51:36 2021
| 136.144.41.223 Sun Nov 28 13:51:39 2021
| 136.144.41.223 Sun Nov 28 13:51:45 2021
| 136.144.41.223 Sun Nov 28 13:51:56 2021
| 136.144.41.223 Sun Nov 28 13:52:06 2021
| 136.144.41.223 Sun Nov 28 13:52:17 2021
| 136.144.41.223 Sun Nov 28 13:52:20 2021
| 109.237.103.19 Sun Nov 28 14:09:23 2021
| 109.237.103.19 Sun Nov 28 14:09:32 2021
| 109.237.103.19 Sun Nov 28 14:09:47 2021
| 109.237.103.19 Sun Nov 28 14:10:02 2021
| 109.237.103.19 Sun Nov 28 14:10:08 2021
| 109.237.103.19 Sun Nov 28 14:10:18 2021
| 109.237.103.19 Sun Nov 28 14:10:32 2021
| 109.237.103.19 Sun Nov 28 14:10:46 2021
| 109.237.103.19 Sun Nov 28 14:10:53 2021
| 109.237.103.19 Sun Nov 28 14:11:04 2021
`-
Ignoreregex: 0 total
[...]
root@messagerie-principale[10.10.10.19] ~ #
*** simulate a fail2ban run
use fail2ban-regex with desired logfile and filter, see (bookmark-jump "fail2ban::fail2ban-regex")
exemple:
$ fail2ban-regex -v /var/log/mail.warn /etc/fail2ban/filter.d/postfix-sasl.conf
** fdisk
menu-driven interface to work on disks, partitions
** find
see ~/.bash_lib/help/find
** figlet
La commande figlist donne toutes les polices supportés.
Utilisez une police particulière avec l'option -f
exemple : figlet -f whimsy "le purgatoire"
utilisez l'option -w width pour avoir tout sur une ligne (exemple -w 120)
exemple
ychaouche#ychaouche-PC 17:35:56 ~ $ figlet -f weird -w 120 "le purgatoire 1.0"
_ __
/ / / /| / |
( ___ ___ ___ ___ ___ (___ ___ ___ ___ ( | ( |
| |___) | )| )| )| )| )| | )| | )|___) | ) | )
| |__ |__/ |__/ | |__/ |__/||__ |__/ | | |__ _|/ |__/
| __/ -
ychaouche#ychaouche-PC 17:35:59 ~ $
** fold/fmt
fmt is superior to fold when joining shorter lines.
fold -s is superior to fold when you need to have short lines (bullets)
you can use fill in emacs :
M-q : fill-paragraphe
ruler-mode : you know where you are
auto-fill-mode : fill-as-you-type
set-fill-column : instead of 80
** fuser
*** list processes using a file/dir/mountpoint
root@messagerie-prep[10.10.10.20] ~ # fuser -mv /var
USER PID ACCESS COMMAND
/var: root kernel mount /var
root 718 ..c.. cron
daemon 719 ..c.. atd
clamav 723 F.c.. freshclam
root 745 F.... dovecot
root 794 F.... rsyslogd
root 863 F.... log
root 891 F.... apache2
postfix 1178 F.... opendkim
mysql 1251 F.c.. mysqld
root 1293 F.... fail2ban-server
www-data 1312 F.... apache2
www-data 1313 F.... apache2
www-data 1314 F.... apache2
www-data 1315 F.... apache2
www-data 1316 F.... apache2
root 1584 F.c.. master
postfix 1585 .rc.. pickup
postfix 1586 ..c.. qmgr
amavis 1588 F...m /usr/sbin/amavi
postfix 1603 Frc.. tlsmgr
amavis 1604 F.c.m /usr/sbin/amavi
amavis 1605 F...m /usr/sbin/amavi
www-data 1696 F.... apache2
dovecot 2176 F.... auth
postfix 2181 Frc.m smtpd
postfix 2182 ..c.. proxymap
root@messagerie-prep[10.10.10.20] ~ #
*** kill processes
-k[ill]
** git
*** clone
Copies the whole data through the history of the project,
not just the working copy.
It is an exact copy
(a clone)
of the remote repo.
*** getting only the working tree (checkout)
**** archive
doesn't work w/ github because command isn't allowed in their git server [1]
git archive --remote <url> --format tar <tag>
git archive -0 for uncompressed output [2]
git archive HEAD (tar format by default)
for example:
16:06:53 ~/DOWNLOADS/TOOLS -1- $ git archive --remote=git://github.com/roma-glushko/tango.git HEAD
fatal: unable to connect to github.com:
github.com[0: 140.82.121.4]: errno=Connection timed out
16:10:57 ~/DOWNLOADS/TOOLS -1- $
[1] https://stackoverflow.com/questions/2866358/git-checkout-only-files-without-repository#comment47982597_2867314
[2] https://stackoverflow.com/questions/160608/do-a-git-export-like-svn-export#comment16482290_160608
**** clone --depth 1
**** git-export
third party script
** grep
voir /home/ychaouche/.bash_lib/help/grep:1
** grep-dctrl
*** gl invocation
grep-dctrl <option> <pattern> /var/lib/apt/lists/*_Packages
grep-aptavail -P syslog-summary (any package)
grep-status -P syslog-summary (only installed packages)
grep-available -P syslog-summary (only installed packages)
*** grep-available, grep-status, grep-aptavail
grep-available : only installed packages, fewer fields.
grep-status : only installed packages, more fields.
grep-aptavail : any package, fewer fields.
grep-dctrl : must supply the control file.
*** search by package name
-P <package>
this is equivalent to
-FPattern <package>
*** only show a specific field
-s <field>
exemple :
11:43:03 ~ -1- $ grep-dctrl -PX libdbus-1-3 -s Version /var/lib/apt/lists/*_Packages
Version: 1.6.18-0ubuntu4.5+esm3
Version: 1.6.18-0ubuntu4.5+esm3
Version: 1.6.18-0ubuntu4.4
Version: 1.6.18-0ubuntu4.4
Version: 1.6.18-0ubuntu4
Version: 1.6.18-0ubuntu4
Version: 1.6.18-0ubuntu4.5
Version: 1.6.18-0ubuntu4.5
11:43:14 ~ -1- $
*** strict package name
-X
*** search by other field
-F<field> <pattern>
*** boolean operations
-o -a -! --not ( )
*** show one line description
-d
*** hide field names
-n
*** negative matching
-v
** hash
*** hash -d
delete a hash
(forget)
hash -d ldd
(now ldd is no longer fetched from ~/bin/)
** hexedit
*** save with F2
*** save and exit : Ctrl-X
*** other editors
bless < C#
hexyl < Rust, colors, no binary
oktat < good ! kde compilant
** install
-o=OWNER : change owner of the file
-g=GROUP : change group of the file
-m=MODE : change mode (rxw)
** inxi
*** afficher le bureau (KDE, Gnome...)
inxi -S
*** pas de couleurs
inxi -c 0
** iotop
*** useful options
sudo iotop -Pok
sudo iotop -botkqqq
*** options
[P]rocesses
[a]cumulate
[p]id
[o]nly
[b]atche
[q]uiet
[k]b
[n] iterations (then quit)
*** sorting
<- ->
r to reverse the sorting order
*** currently consuming disk I/O
o
*** processes only
P
*** accumulated
a
** ip
*** general structure of an ip command
ip <object> <command>
where <object> can be one of : link, address, route...
<command> can be one of : add, delete, show, list or help
*** how to conifgure addresse on interface
ip addr add <addr> dev <device>
*** ifup / ifdown
ip link set <dev> up/down
*** show route
ip route show
*** add default gateway
ip route add default via <gateway>
*** remove route
*** flush config
ip addr flush <dev>
*** get current IP
ip -br[ief] a <ens192>
*** show all interfaces
ip -br[ief] link show
** iptables
*** common options
-v : verbose
-n : numeric (don't do long reverse dns lookups on IP)
*** lister toutes les règles de toutes les chaines,
iptables -L[ist]
*** lister toutes les règles d'une chaine
iptables -L[ist] <chaine>
liste les règles pour la chaine <chaine>
*** Ajouter une règle à une chaine
iptables -I[nsert] <chaine> 1 (top) <rulespec>
exemple : bannir tout traffic venant de <IP>
iptables -I[nsert] fail2ban-ssh 1 -s[ource] IP -j[ump] drop
*** Supprimer une règle d'une chaine
iptables -D[elete] <chaine> <rulespec>
example : supprimer une règle drop pour une IP
iptables -D file2ban-ssh -s[ource] IP -j[ump] <target>
<target> = drop ou logdrop je pense.
** javascript
voir web.info
** jmtpfs
*** how to mount phone storage?
sudo apt-get install jmtpfs
sudo jmtpfs -o allow_other /mnt/any
** join
join file1 file2
will take every line from file1, match it with line with same id from file2, and output all columns.
par exemple
$ cat file1
a a1
c c1
b b1
$ cat file2
a a2
c c2
b b2
$ join file1 file2
a a1 a2
c c1 c2
b b1 b2
$
** jshon
*** don't use this
see ****** extract multiple values from a single key. The API is awkward.
*** print keys
jshon -k
*** extract
jshon -e "key/index"
*** extract multiple values from a single key
jshon -e key/index -e key1 -u -p -e key2 -u -p -e key3
*** map a function for the rest of the document
jshon -a <options>
will output <option> applied for all the elements remaining
** jq
see ~/.bash_lib/help/jq
** k3b
if disc fails to burn, try changing the burning mode (DAO)
** kde
*** how to get the version of KDE?
any kde app should have --version option.
That option should display not only the app's version
but also qt's and kde's
eg.
kate --version
** klipper
*** popup
show klipper wih ctrl+shift+k (custom)
*** select/filter
just start typing to filter
*** perform action
to perform action based on text saved in the clipboard
1. select text
2. if it matches a regex it will execution the associated action.
perform last action again with Ctrl+alt+R
** less
voir less.help
Pour activer line numbering : -N
Stop highlighting search results : M-u (toggle)
Pour voir le fichier suivant/précédent : :n/:p
[F]ollow : F
Pour voir un autre fichier : :e[xamine]
Show current file : =
Permanently show current file : -M
Save to file : :s <filename>
Aller à la première occurence : less +/<pattern> <file>
Quitter tout de suite si le fichier n'est pas trop long : -F
Executer les caractères spéciaux : -r
** ld.so
*** what is
helps load executables and the necessary librairies in memory.
*** /lib/ld.so and /lib64/ld.so
/lib/ld is for 32bit programs
/lib64/ld is for 64bit programs
*** /lib64/ld-linux-x86-64.so.2
you can run programs with this and specify the --library-path argument, but I didn't succeed
ychaouche#ychaouche-PC 16:28:52 ~/DOWNLOADS/LIBS/FREETYPE2.6/usr/lib/x86_64-linux-gnu $ /lib64/ld-linux-x86-64.so.2 --library-path . /opt/teamviewer/tv_bin/TeamViewer
/opt/teamviewer/tv_bin/TeamViewer: relocation error: /opt/teamviewer/tv_bin/RTlib/qt/plugins/platforminputcontexts/libcomposeplatforminputcontextplugin.so: symbol xkb_compose_state_unref, version V_0.5.0 not defined in file libxkbcommon.so.0 with link time reference
*** ld.so --verify
this will tell you if ld can load the executable
*** ld.so --library-path <path>
this will tell ld in which directories to look for the shared libraries.
*** soname and library versions
if a library is libx.1 then all versions reporting their names as libx.1 are compatible.
if a newer version of libx breaks compatibility, the version will be upgraded, for eg.
libx.2.
*** LD_* environement variables
**** LD_LIBRARY_PATH
***** what it does
Prepend user-defined colon-separated paths to the list of directories for library lookups. This is preferred to LD_PRELOAD
***** OS exceptions
works on most unices, with some exceptions.
HP-UX -> SHLIB_PATH
AIX -> LIBPATH
***** binary exceptions
setuid/setgid binaries ignore LD_LIBRARY_PATH.
***** caveats
If your program runs other programs, they inherit LD_LIBRARY_PATH too.
**** LD_PRELOAD
LD_PRELOAD=/full/path/to/lib/even/if/it/is/in/pwd /bin/to/execute
This will force the binary to pick up the lib you want
but better is to run with LD_LIBRARY_PATH=. instead (just tested, it works)
**** LD_DEBUG
LD_DEBUG=bindings shows where are symbols fetched.
LD_DEBUG=versions shows what versions are required.
For example, png16 is by libfreetype.6.12,
and png12 was required by libfreetype6.11.
ychaouche#ychaouche-PC 17:12:00 ~/DOWNLOADS/LIBS/FREETYPE2.6/usr/lib/x86_64-linux-gnu $ LD_DEBUG=versions /opt/teamviewer/tv_bin/TeamViewer 2>&1 | grep PNG
20194: checking for version `PNG12_0' in file /lib/x86_64-linux-gnu/libpng12.so.0 [0] required by file /usr/lib/x86_64-linux-gnu/libfreetype.so.6 [0]
ychaouche#ychaouche-PC 17:12:41 ~/DOWNLOADS/LIBS/FREETYPE2.6/usr/lib/x86_64-linux-gnu $ LD_DEBUG=versions LD_PRELOAD=./libfreetype.so.6.12.3 /opt/teamviewer/tv_bin/TeamViewer 2>&1 | grep PNG
20222: checking for version `PNG16_0' in file /usr/lib/x86_64-linux-gnu/libpng16.so.16 [0] required by file ./libfreetype.so.6.12.3 [0]
^C
^Cychaouche#ychaouche-PC 17:14:26 ~/DOWNLOADS/LIBS/FREETYPE2.6/usr/lib/x86_64-linux-gnu $
** ldconfig
*** cache file
/etc/ld.so.conf
*** print where ld will find libs
ldconfig -p
** ldd
*** what is
sets LD_TRACE_LOADED_OBJECTS=1 to list shared libs an executable relies upon
*** LD_TRACE_LOADED_OBJECTS=1
/usr/bin/ldd is a bash script
it's a thin wrapper around ld.so
all it does is setting the environement variable LD_TRACE_LOADED_OBJECTS=1.
you can have the same effect with setting that env variable yourself before calling an executable. The executable won't be executed.
*** --verbose
Adds a version information section
# ldd --verbose /lib/arm-linux-gnueabihf/libm.so.6
linux-vdso.so.1 (0xbefe7000)
/usr/lib/arm-linux-gnueabihf/libarmmem-${PLATFORM}.so => /usr/lib/arm-linux-gnueabihf/libarmmem-v7l.so (0xb6e4d000)
libc.so.6 => /lib/arm-linux-gnueabihf/libc.so.6 (0xb6cec000)
/lib/ld-linux-armhf.so.3 (0xb6ee4000)
Version information:
/lib/arm-linux-gnueabihf/libm.so.6:
ld-linux-armhf.so.3 (GLIBC_2.4) => /lib/ld-linux-armhf.so.3
libc.so.6 (GLIBC_PRIVATE) => /lib/arm-linux-gnueabihf/libc.so.6
libc.so.6 (GLIBC_2.4) => /lib/arm-linux-gnueabihf/libc.so.6
/usr/lib/arm-linux-gnueabihf/libarmmem-v7l.so:
libc.so.6 (GLIBC_2.4) => /lib/arm-linux-gnueabihf/libc.so.6
/lib/arm-linux-gnueabihf/libc.so.6:
ld-linux-armhf.so.3 (GLIBC_2.4) => /lib/ld-linux-armhf.so.3
ld-linux-armhf.so.3 (GLIBC_PRIVATE) => /lib/ld-linux-armhf.so.3
** lnav
*** why I don't use
you can't use filter-in and filter-out at the same time.
Try this :
filter-in postfix
filter-out anvil
anvil still displayed
try other way around, anvil still displayed.
*** automatic completions
C-g
*** moving around
o/O forward/backward 1h
d/D forward/backward 1D
1-6/Shift 1-6 forward/backward hour + 10-60 minutes -backrwards doesn't work in azerty layout-
0/Shift 0 next day boundary
home/end top/bottom of file
s/s previous/next [s]lowdown (log rate drops)
e/E next/previous error
w/W next/previous warning
f/F next/previous file
*** searching
**** string search
n/N next/previous search hit
<> next/previous search hit on same line
some words and values avaiable in the logs are auto-completable with <tab>
**** sql search
sqlite tables are created on the fly to search for things.
use with ;<sql>
*** display
**** marking lines and bookmarking
m mark/unmarks a line
u/U next/previous bookmarked line
C[lear] clear all bookmarks
**** Elapsed [T]ime
**** Histogram
i : toggle histogram
z/Z : zoom in/out
**** filtering
:filter-in : only show lines matching <filter>
:filter-out : hide lines matching <filter>
:disable-filter : <tab> completion available
:enable-filter : <tab> completion available
:set-min-loglevel : <tab> completion available
**** word-wrap
:enable-word-wrap
:disable-word-wrap
**** follow
By default. Just go to EOF.
*** output
:append-to <file> : write marked lines to file
*** partitionning
the logfile can be partitionned with :partition-name
*** linuxquestion cheat-sheet
*** criticism
**** missing
disable all filters
view all filters
some filtering combination doesn't work, example : filter-in postifx, filter-out anvil, anvil isn't filtered out.
** logcheck
*** modes
paranoid for firewalls
servers, we want this
workstation, self explanatory
*** must read
/usr/share/doc/logcheck-database/README.logcheck-database.gz
this explains how to customize messages and get the most out of logcheck
*** types of messages
security alerts / cracking attempts : config file in /etc/logcheck/cracking.d/
security events : config file in /etc/logcheck/violations.d/
system events : any other line is considered a system event.
*** config files
**** logcheck.conf
email address to send to and if we want uniq lines or not (not by default)
*** evolution
logsentry
*** pour tester que ça marche
voir /var/mail/*
les mails sont peut être envoyés là.
sinon on peut utiliser logger pour ajouter des mots clés comme error, kernel panic, OOM, access denied etc.
*** source code
https://salsa.debian.org/debian/logcheck/-/blob/master/src/logcheck
warn function is never called.
*** how it works
logtail will only print new lines
syslog-summary will produce a summary of the logfile
If lines match an ignore regex, they're discarded.
If not, a mail will be sent with all un-ignored lines.
You should add lines to the desired ignore file so that you only see new/unexpected lines.
if any line matches a regex from cracking.d then logcheck sends a **security alert** mail
if any line matches a regex from violations.d then logcheck sends a **security event** mail.
otherwise logcheck sends a **system events** mail.
*** adding rules
to ignore some loglines, add them to ignore.d.server/
** logger
ajoute des messages à syslog
utile pour tester logcheck
** logrotate
use logrotate -dv /etc/logrotate.conf
with the -d[ebug] switch,
no log file will be rotated,
but you get interesting output with the -v[erbose] file
the status file is : /var/lib/logrotate/status
** logtail
print only lines that haven't been read on previous invocations of logtail.
logtail keeps the offset files in /var/cache/logcheck/offset.<filename>
** ls / touch
*** misc
ls -l shows last modification time (content has changed)
touch changes the modification time
stat show access, modification and change time
*** timestamps
access time : last time it was accessed
modify time : content has changed
change time : content or attribute has changed. This may differ from modify time.
*** list directories first
ls --group-directories-first
*** dereference symlinks
ls -H symlink
*** display full path to file
use ls -d
11:46:17 ~ -1- $ command ls -1td /home/ychaouche/NOTES/LOG/TASKS/* | head -1
/home/ychaouche/NOTES/LOG/TASKS/shorewall-procedures.flow
11:47:48 ~ -1- $
*** parsing ls output
Is considered dangerous because filepaths can contain any character other than the null byte, this includes spaces, new lines, all kinds of punctuation.
see also : http://mywiki.wooledge.org/ParsingLs
** lsmod
list modules
** lsof
*** main options
-a : AND (options are OR'ed by default)
-c comm : list files opened by command which name starts with comm
+d dir : any file that belongs to the dir directory, non recursively. Use -x to follow symbolic links.
-i @host : commands opening a connexion to host
-r : repeat mode (watch)
*** is there anything listening on this port ?
lsof -i:<portnum>
*** toutes les connexions réseau d'un programme
lsof -i(nternet) -a(nd) -p(rocess) <pid>
lsof -i(nternet) -a(nd) -c(ommand) <command>
*** don't resolve names
-n
*** don't name port numbers
-P
*** show ongoing connexions by application
while true; do lsof -i; sleep 1; done
à combiner avec tcpdump -A sur un host en particulier pour voir le contenu des paquets envoyés.
*** voir aussi
Voir ~/howm/2018/04/2018-04-25-143016.txt
** lsyncd
*** voir aussi
linux.info: /home/ychaouche/NOTES/TXT/linux.info:3037
*** run from cmdline
sudo lsyncd -nodaemon <configfile>
*** using a specific ssh identity key
1. use default.rsync instead of default.rsyncssh
2. use target instead of host
3. don't use targetdir
4. don't use an ssh section
5. add an rsh config in the rsync section in which rsh is ssh (the complete command line)
sync {
default.rsync,
source = "/home/ychaouche/SYNCHRO",
target = "10.10.10.82:/root/SYNCHRO",
rsync = {
copy_links = true,
rsh = "/usr/bin/ssh -i /root/.ssh/idroot",
}
}
** modinfo
show module information
** modprobe
*** add a module
modprobe <module>
*** remove a module
modprobe -r <module>
*** show module dependency
modprobe --show-depends
** monit
*** main config
/etc/monit/monitrc
*** restart the monitoring of a proceszs
monit monitor <proc>
*** configuring retries
use retry keyword
if failed
...
retry 3
then
restart
** mount
*** --bind
mount an already visible directory somewhere else
mount --bind /proc /usr/local/proc
*** chroot
usually
mount --bind /proc <chroot>/proc
mount --bind /dev <chroot>/dev
mount --bind /sys <chroot>/sys
** mv
*** creating backups
mv --backup (method) : make a backup of destination file (in case it gets overwritten). Useful methods : numbered / simple.
mv -b : backup with the ~ suffix, or use --suffix to supply a custom prefix
*** verbose
mv -v : show what it's doing.
*** creating parent directories
mkdir -p parents/parents/parents && mv things to $_
** mysql
*** status information
**** show full processlist
list les threads de mysql avec la requête en cours, l'état de la requête, et le temps, exprimé en secondes, pendant lequel le process est resté dans cet état.
show full processlist\G : le \G permet d'avoir un meilleur affichage lorsque les lignes sont très longues.
**** show engine innodb status\G
trouvé sur SO
à creuser.
<from howm :: mysql>
show engine innodb status\G
---------------------------
Pour diagnostic
*** engines
**** The MyISAM Engine
No support for FK
No support for transactions
Don't use it[1]
[1] #mysql
[14:09] <ychaouche> I wonder what's a good usage of MyISAM tables. No foreign key support, no transcations.
[14:09] <thumbs> ychaouche: none
[14:09] <Isotopp> never use myisam, too
**** Migration from MyISAM to InnoDB
According to : https://dev.mysql.com/doc/refman/5.7/en/converting-tables-to-innodb.html
key_buffer_size was 16 Mb, will keep it that way
innodb_buffer_pool_size is 128Mb, will keep it that way
Now we have to COMMIT or ROLLBACK each time we change a table, or else a transcation may stay astray and eventually slow down the system.
Don't rollback a million rows, just trancate the table and start over.
autocommit should be set to 0. One should commit after a number of inserts/updates/deletes instead of one commit for each operation, to save I/O.
Even selects open transactions !
set innodb_file_per_table to ON, this will create one file per table and help the OS reclaim free disk space from truncated and deleted tables.
To convert an existing table : ALTER TABLE table_name ENGINE=InnoDB;
*** variables
show variables like <pattern>
*** writing queries
**** JOINS
***** whatis
used to combine data from two (or more) tables based on shared/common columns, called the join key or common key.
***** types of joins
LEFT means include all results from left table
RIGHT means include all results from right table
INNER is an intersection
OUTER is a union
CROSS is match every row from left with every row from right.
***** join syntax
1. select <> from t1 JOIN t2 USING (field) -- parens are mandatory
1. select <> from t1 JOIN t2 ON t1.field = t2.field
**** COUNT
COUNT(column) counts the number of rows where column isn't NULL.
COUNT(*) counts the number of rows.
**** UPDATE
UPDATE table_name SET column1 = value1, column2 = value2 WHERE condition
*** login with a file
mysql --defaults-extra-file=<file>
file is typically :
[mysql]
username=<username>
password=<password>
chmod 600 <file>.
*** change output format
end queries with \G;
like so:
SELECT * FROM your_table\G;
*** user management
**** show users
select host,user from mysql.user
**** show current user
SELECT CURRENT_USER();
**** change user password
mysql> SET PASSWORD FOR 'backup'@'localhost' = PASSWORD("...");
mysql> FLUSH PRIVILEGES
**** show privileges of a user
SHOW GRANTS FOR 'user'@'host';
**** granting privileges
GRANT ALL ON roundcube.* TO 'roundcube'@'localhost';
**** create a user
*** dumps
**** no need to create the database beforehand
you can just mysql < dump.sql and it will create the database for you
** netstat
*** show only internet connections
--inet / --ip
*** show program names
-p
*** continuous output
-c
*** comparison with lsof
**** lsof
ychaouche#ychaouche-PC 15:01:46 ~/NOTES/LOG $ lsof -i -a -c thunderbird
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
thunderbi 4230 ychaouche 58u IPv4 22149 0t0 TCP 192.168.211.84:42336->mail.radioalgerie.dz:imap2 (ESTABLISHED)
thunderbi 4230 ychaouche 59u IPv4 203900 0t0 TCP 192.168.211.84:58482->mail.radioalgerie.dz:imaps (ESTABLISHED)
thunderbi 4230 ychaouche 66u IPv4 98381 0t0 TCP 192.168.211.84:57574->mail.radioalgerie.dz:imaps (ESTABLISHED)
thunderbi 4230 ychaouche 135u IPv4 23430 0t0 TCP 192.168.211.84:56802->mail.radioalgerie.dz:imaps (ESTABLISHED)
thunderbi 4230 ychaouche 138u IPv4 23431 0t0 TCP 192.168.211.84:56804->mail.radioalgerie.dz:imaps (ESTABLISHED)
thunderbi 4230 ychaouche 139u IPv4 23432 0t0 TCP 192.168.211.84:56806->mail.radioalgerie.dz:imaps (ESTABLISHED)
thunderbi 4230 ychaouche 141u IPv4 23434 0t0 TCP 192.168.211.84:42312->mail.radioalgerie.dz:imap2 (ESTABLISHED)
thunderbi 4230 ychaouche 142u IPv4 23435 0t0 TCP 192.168.211.84:42314->mail.radioalgerie.dz:imap2 (ESTABLISHED)
thunderbi 4230 ychaouche 143u IPv4 23436 0t0 TCP 192.168.211.84:42316->mail.radioalgerie.dz:imap2 (ESTABLISHED)
ychaouche#ychaouche-PC 15:01:49 ~/NOTES/LOG $
**** netstat
ychaouche#ychaouche-PC 15:01:49 ~/NOTES/LOG $ netstat --inet -p | grep thunderbird
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 192.168.211.84:42312 messagerie.algeri:imap2 ESTABLISHED 4230/thunderbird
tcp 0 0 192.168.211.84:56802 messagerie.algeri:imaps ESTABLISHED 4230/thunderbird
tcp 0 0 192.168.211.84:42316 messagerie.algeri:imap2 ESTABLISHED 4230/thunderbird
tcp 0 0 192.168.211.84:56804 messagerie.algeri:imaps ESTABLISHED 4230/thunderbird
tcp 0 0 192.168.211.84:56806 messagerie.algeri:imaps ESTABLISHED 4230/thunderbird
tcp 0 0 192.168.211.84:58482 messagerie.algeri:imaps ESTABLISHED 4230/thunderbird
tcp 0 0 192.168.211.84:57574 messagerie.algeri:imaps ESTABLISHED 4230/thunderbird
tcp 0 0 192.168.211.84:42336 messagerie.algeri:imap2 ESTABLISHED 4230/thunderbird
tcp 0 0 192.168.211.84:42314 messagerie.algeri:imap2 ESTABLISHED 4230/thunderbird
ychaouche#ychaouche-PC 15:02:00 ~/NOTES/LOG $
*** show full IP :: don't truncate
-W / --wide
** nginx
*** increase gateway timeout
si un script php prend trop de temps à s'executer il faudrait augementer le fastcgi_read_timeout dans nginx
server {
location ~ \.(php)$ {
fastcgi_pass unix:/var/run/php74-example.com.sock;
fastcgi_read_timeout 300s;
}
source : https://stackoverflow.com/a/65488991/212044
*** test config
$ nginx -t
*** list of variables
http://nginx.org/en/docs/varindex.html
*** if conditions and maps
if conditions aren't sophisticated enough.
For example,
no complex expressions with "and" or "or" boolean operators are possible.
Instead,
we use maps.
See https://imgur.com/a/I5VKF6W for how maps work
*** customizing the logs
**** steps
***** log_format name <format>;
log_format myformat '$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" test was $test';
***** access_log <path> <format>;
***** restart, don't forget ";"
*** reload/restart/stop/quit
nginx -s reload/restart/stop/quit
stop: immediatly
quit: gracefully
*** add a server alias
there's no server alias
just add names one after the other in the server_name directive,
separated by spaces
server_name www.example.com example.com;
** nl
number lines matching a certain basic regular expression
nl -bp'<BRE>'
for example :
nl -bp'^[^ ]'
Number only lines not starting with a space or tab
** nm
*** show dynamic symbols (dynamic library function calls)
-D
*** understaing the output of nm
**** columns
column1 : value in hexa
column2 : type of symbol
column3 : name of symbol
**** symbol types
T[ext] symbol is in text section
B[SS] symbol is in the uninitalized data section
U[ndefined] symbol is undefined
D[ata] symbol is in the initialized data seection
W[eak] symbol
**** symbol names and mangling[2]
_Z means the name of the symbol is mangled (function name + args and type of args)[1]
It is usually followed by a number which is the next name length, P for parameter, sometimes parameter type (b for bool) [3]
// version 1.0
void SetImage(Image *img)
-> _Z8SetImageP5Image
// version 1.1
void SetImage(Image *img, bool keep_aspect=false)
-> _Z8SetImageP5Imageb
[1] http://web.mit.edu/tibbetts/Public/inside-c/www/mangling.html
[2] https://www.ibm.com/docs/en/i/7.1?topic=linkage-name-mangling-c-only
[3] https://www.sciencedirect.com/topics/computer-science/name-mangling
** nmap
voir nmap.help
** notify-send
notify-send "label" "all the info you need"
this will send a desktop notification.
** number
convert "1" to "one"
number is avaiable in the bsdgames debian package
** numfmt
format numbers
ychaouche#ychaouche-PC 12:20:32 ~ $ numfmt 2000 --grouping
2,000
ychaouche#ychaouche-PC 12:20:34 ~ $
You can have human format (-h) with --to=iec (M,K,G etc.)
** occ
voir web.info * nextcloud ** occ
** openssl
*** how to
see * by function ** working on files *** working on specific files **** working on certificates
*** s_client
**** gle
-connect host:port -CApath /etc/ssl/certs
first verifies should return 1 (validation partielle)
last verify should return 0 (OK)
**** verity return: 1
validation partielle,
c'est normal
**** show all certs
-showcerts
**** access server with a specifc name
-servername mail.radioalgerie.dz
this is necessary when testing a server with more than one name, for e.g mail.radioalgerie.dz and messagerie.algerian-radio.dz
*** s_server
**** --accept
port
**** -cert
certificate to use
**** -key
private key
**** -state
print ssl states
**** -debug
**** -msg
print protocol messages with hex dumps
**** commands
Q : quit
*** x509
**** how to specify the certificate file
***** with -in
openssl x509 -in file
***** with stdin redirection
openssl x509 < file
*** verify
**** introduction
verifies a certificate locally,
but you have to download all the intermediate certs and add them to the -untrusted flag
+ add the -CApath argument pointing it to /etc/ssl/certs/
**** example
ychaouche#ychaouche-PC 14:14:27 ~/DATA/CERTIFICATS/messagerie.algerian-radio.dz $ openssl verify -CApath /etc/ssl/certs/ -untrusted R3.pem
fullchain.pem: OK
ychaouche#ychaouche-PC 14:14:36 ~/DATA/CERTIFICATS/messagerie.algerian-radio.dz $
**** mandatory options
***** -untrusted
add all the intermediate certs here
***** -CApath
point this to /etc/ssl/certs
if the root certificate is in the file, you don't need this option
**** other options
***** -issuer_checks
This must be used to check if issuers match.
*** ca
**** what's this for
certificate authority operations (sign CSRs and issue certs)
** openvpn
sudo openvpn --config <configfile> --auth-user-pass <credfile>
<credfile> has username at line 1 and password at line 2
** parted
*** Voir les disques et partitions
parted > print devices
sudo parted -l (no need to specify device)
*** check a filesystem
parted recommends to use filesystem specifc tools
parted should only be used to manipulate partition tables.
** paste
if file1 is
a
b
c
and file2 is
1
2
3
then paste file1 file2 would be
a 1
b 2
c 3
** pgrep
*** this command comes from Solaris
*** common options
-f[ull] : search on the full command line instead of just the command name
-l[ist] : output process name
-a[ll] : output the full command line
-[light]w[eight] : output threads
*** how I call it : pgrep -flaw
** php
voir web.info * PHP
** php-fpm
*** what is it ?
php-fpm est du fastcgi pour php, mais amélioré.
CGI > FastCGI > FPM (FastCGI Process Manager).
php-fpm permet d'executer du code php en mode CGI, comme si c'était une application standalone écrite en C [u]
*** relation avec nginx
nginx a besoin qu'on lui dise ce qu'il doit utiliser pour prendre en charge les urls qui demandent à executer du code PHP
avec l'instruction *upstream php-handler*
upstream php-handler {
server unix:/run/php/php7.3-fpm.sock;
}
ici,
php-fpm est configuré pour parler avec le reste du monde
(dont nginx)
à travers une socket.
*** nginx 504 gateway timeout
si un script php prend trop de temps à s'executer
il faudrait augementer le fastcgi_read_timeout dans nginx
server {
location ~ \.(php)$ {
fastcgi_pass unix:/var/run/php74-example.com.sock;
fastcgi_read_timeout 300s;
}
source : https://stackoverflow.com/a/65488991/212044
*** modes de fonctionnement
**** static
Use this on high traffic websites. This assures the shortest response time, but consumes memory and cpu[u]
pm = static
pm.max_children = 32
S'assure que vous avez toujours 32 process qui attendent une requête pour la servir. C'est ce qu'il y a de plus rapide pour prendre en charge une requête, mais ça bouffe aussi de la ressource système en continue même si ça ne sert rien derrière [u].
Pour voir le nombre de process, utiliser pstree -c[ompact] pour voir les process php-fpm lancés.
**** dynamic
in this mode, child processes are created and killed dynamically.
; start with this many children
; they could eventually get killed if they're idle
; but there won't be less than min_spare_servers
pm.start_server = cores x 4 (so 8 if 2 cores)
pm.min_spare_servers = cores x 2 (so 4 if 2 cores)
; this is the max, we will never create more
; than this, which is the number of starting children
; so the idea is to start high and kill if idle
pm.max_spare_servers = cores x 4
pm.process_idle_timeout = 10s (seconds) seems good
**** on-demand
for low traffic, this is a good choice. It will save memory. Respawning takes little time and users won't notice.
create process as they're recieved.
pm = ondemand
pm.max_children = 32;
pm.process_idle_timeout = 10s
; number of requests a process should serve before
; respawning. Good to fix memory leaks.
pm.max_requests = 10
*** configuring different pools
link : https://tideways.com/profiler/blog/an-introduction-to-php-fpm-tuning
could be useful to have different configs for high activity / low activiy parts of your websites / apps (like frontend / backend)
** pip
*** mise à jour d'un paquet
pip install --upgrade <package_name>
*** lister les paquets installés
pip list
*** search pour chercher
** pkg-config
*** what for
gives library version information
heavily used in configure scripts[u]
*** pc files
pkg-config gets its information from pc files,
installed by -dev packages.
for eg.:
11:59:33 ~/DOWNLOADS/CODE/mozjsonlz4 -1- $ cat /usr/lib/x86_64-linux-gnu/pkgconfig/gobject-2.0.pc
prefix=/usr
exec_prefix=${prefix}
libdir=${prefix}/lib/x86_64-linux-gnu
includedir=${prefix}/include
Name: GObject
Description: GLib Type, Object, Parameter and Signal Library
Requires: glib-2.0
Version: 2.40.2
Libs: -L${libdir} -lgobject-2.0
Libs.private: -lffi
Cflags:
11:59:34 ~/DOWNLOADS/CODE/mozjsonlz4 -1- $ package.search.byfile /usr/lib/x86_64-linux-gnu/pkgconfig/gobject-2.0.pc
libglib2.0-dev: /usr/lib/x86_64-linux-gnu/pkgconfig/gobject-2.0.pc
12:00:10 ~/DOWNLOADS/CODE/mozjsonlz4 -1- $
mais certaines lib ne livrent pas ce genre de fichier,
par exemple liblz4-dev
12:00:21 ~/DOWNLOADS/CODE/mozjsonlz4 -1- $ package.files.list liblz4-dev
/.
/usr
/usr/lib
/usr/lib/x86_64-linux-gnu
/usr/lib/x86_64-linux-gnu/liblz4.a
/usr/share
/usr/share/doc
/usr/share/doc/liblz4-dev
/usr/share/doc/liblz4-dev/lz4_format_description.txt.gz
/usr/share/doc/liblz4-dev/copyright
/usr/include
/usr/include/lz4hc.h
/usr/include/lz4.h
/usr/lib/x86_64-linux-gnu/liblz4.so
/usr/share/doc/liblz4-dev/changelog.Debian.gz
12:00:34 ~/DOWNLOADS/CODE/mozjsonlz4 -1- $
*** what to do if pc files are missing
**** short version
just add the -l<libname> flag to LDLIBS
-I and -L are usually standard.
**** long
if make fails because the makefile needs pkg-config to fill CFLAGS and LDFLAGS,
you can set them yourself.
list the files of -dev package by using package.files.list for eg.
define -I an -L accordingly,
don't forget to add the -l to link to the appropriate library.
for eg.
if the library file is liblz4
like this:
12:21:19 ~ -1- $ ls /usr/lib/x86_64-linux-gnu/liblz4.*
-rw-r--r-- 1 root root 34K Apr 14 2014 /usr/lib/x86_64-linux-gnu/liblz4.a
lrwxrwxrwx 1 root root 15 Apr 14 2014 /usr/lib/x86_64-linux-gnu/liblz4.so -> liblz4.so.1.0.0
lrwxrwxrwx 1 root root 15 Apr 14 2014 /usr/lib/x86_64-linux-gnu/liblz4.so.1 -> liblz4.so.1.0.0
-rw-r--r-- 1 root root 34K Apr 14 2014 /usr/lib/x86_64-linux-gnu/liblz4.so.1.0.0
12:21:57 ~ -1- $
then the flag should be
-llz4
(skip the lib prefix,
and skip the so suffix)
** postgres::psql
*** links
https://pinboard.in/u:winks/t:postgresql/
https://pinboard.in/u:winks/t:postgres/
*** connexion
root ne peut pas se connecter.
il faut se connceter avec l'utilisateur système postgres, sans mot de pass
$ su postgres -c psql
ou bien
$ su postgres
$ psql
*** connexion en tant qu'un autre utilisateur
il faut ajouter l'option -h
root#cloud 15:05:00 /var/www/nextcloud # psql -U nextcloud -W
Password:
psql: FATAL: Peer authentication failed for user "nextcloud"
root#cloud 15:05:14 /var/www/nextcloud # psql -U nextcloud -W -h localhost
Password:
psql: FATAL: database "nextcloud" does not exist
root#cloud 15:08:33 /var/www/nextcloud #
*** création d'un nouvel utilisateur (role)
en tant qu'utilisateur postgres, faire :
$ createuser --interactive -P
*** \d[ump]u[sers]
\du
*** \l[ist databases]
\l
*** \d[escribe] table
\d table will describe table
\d+ table will add internal details
*** \d[escribe]t[ables]
\dt
*** show current user/database
\conninfo
*** create a new database
$ createdb -U nextcloud -h localhost nextcloud
*** turn off the pager
\pset pager off
*** authentication methods
**** overview
local connections : peer authentication
remote connections : password authentication
other methods : require 3rd party security infrastructure or are platform specific.
**** pg_hba.conf
***** role
This is the file that specifies how clients may connect (h[ost] b[ased] a[uthentication])
***** structure
connection type : local (unix sockets) / host (TCP/IP)
client IP range (if it applies)
database name : all = *, sameuser, samerole. Multiple database names may be separated by commas.
user name : all = *, multiple users may be separated by commas.
authentication method : peer, trust, password
**** peer
When peer is chosen, the username is taken from the OS.
if the username is connected to the OS, he is granted access to the DB.
*** privileges
**** list of privilege
select, insert, update, delete, truncate, trigger
create : schemas for databases, objects inside schemas, tables indices for tablespaces
connect :
execute :
usage :
references : allows creation of FK
all : all the privileges
**** owner
has all the rights
*** change the owner of multiple objects at a time
REASSIGN OWNED BY nextcloud TO oc_theboss;
This will reassign tables, sequences, views etc of all objects in current database.
*** write results to file
\o out.txt
\o to get output back to stdout
*** convert integers (16291029) to timestamps (2021-03-05 11:02:33)
to_timestamp(integer)
*** select uniq / select distinct
select distinct <fields>, from <table> [...]
*** run query from command line
psql [connection string] -c[command] "query"
*** listen to connections from outside
listen_addresses = 'localhost' -> listen_addresses = '*'
dans
/etc/postgresql/11/main/postgresql.conf
*** use/connect to a database
\c <database>
*** list tables
\d
*** list system tables
\dS
*** more info when listing tables
\d+
*** use/connect to a specific database (mysql use equivalent)
\c database
** pr
-n : adds line numbers
-2 : 2 columns
-l# : specifies the number of lines per page (and thus the number of resulting pages)
-w : width of the page -for all columns ?-
Here's an example of how it could look like, in combination with fold -s
ychaouche#ychaouche-PC 13:57:45 ~ $ fold -s TMP/wanderlust.txt -w 42 | pr -3n -w 180 -l 40
2020-12-16 13:57 Page 1
1 <html> 31 up at first, even though I found it still 61 In short: install Wanderlust and put some
2 <p> 32 much easier than the other emacs-based 62 stuff in two files (~/.wl and ~/.folders).
3 (This is part I of entry on the 33 clients I tried. Anyway, I am sharing a 63
4 wanderlust e-mail client; part II will 34 very basic setup here, enough to get you 64 A little bit longer:
5 appear soon). 35 going. 65
6 36 66 get wanderlist - I am using the
7 Earlier, I have written about how I am 37 What about my setup? Well: I use maildirs 67 wl-beta packages from Ubuntu/Debian,
8 using mutt as my e-mailclient. I 38 – that is, I download my mail into a 68 which makes this a painless process, but
9 discussed running mutt inside emacs as 39 local ~/Maildir directory-tree, either 69 you can also use source packages;
10 well. Of course, mutt is an external 40 with e.g. fetchmail or with offlineimap. 70 put your Wanderlust-configuration in
11 program, which puts some limits on its 41 It's a particulary nice setup for 71 a special file: ~/.wl;
12 integration with emacs. I did try various 42 offline-usage: whenever there's a network 72 put a list of the mail folders you're
13 emacs-based clients, such as VM 43 connection, I suck up all the mails and 73 interested in, in a file called
14 (ViewMail) and GNUS, but they always left 44 have them available offline. I work like 74
15 me a bit unsatisfied. 45 this since the days when there was only 75 ~/.folders. (yes, you can customize all
16 46 expensive dial-up access to the net, and 76 this)
17 To start with, it was rather hard to set 47 later I found it very convenient when I 77
18 these programs up – and I am an 48 was traveling with a laptop and had only 78 For the rest of the discussion, let's
19 Emacs-user, I like tweaking things… 49 occasional net-access. 79 assume we have a Maildir which contains
20 Still, it was hard to get even simple 50 80 some folders:
21 things working. Maybe I have uncommon 51 So, Maildir access is pretty important 81
22 wishes, but my desired setup already sent 52 for me, and I'll describe my setup for 82 inbox for incoming e-mail
23 me to the edges of the googleable 53 using Wanderlust with it here. If you're 83 bulk for incoming Mailing List mail
24 universe. 54 using IMAP instead of Maildirs, you might 84 drafts for drafts
25 55 be interested in the Emacs with 85 sent for sent e-mail
26 But now I have found an emacs-based 56 Wanderlust and GMail-article. 86 trash for junk email
27 client that seems to work really well for 57 Getting started 87
28 me. It's called Wanderlust, and it's a 58 88 All incoming mail is going to either
29 fine piece of Japanese engineering. It 59 So, how to get started with Wanderlust? 89 inbox or bulk. I'm not going to discuss
30 can be a little bit intimidating to set 60 90 how to get the mails there – I assume
2020-12-16 13:57 Page 2
91 you're already have these thing set up; 121 wl-message-id-domain 151 (default: wl-biff-check-interval)
92 otherwise, you can take a look at tools 122 "myhost.example.com" ;; ... 152
93 like fetchmail, retchmail, procmail and 123 153 ;; hide many fields from message buffers
94 friends. Note that much of the discussion 124 wl-from "Me <me@example.com>" 154 wl-message-ignored-field-list '("^.*:")
95 here applies as well if you're using 125 ;; my From: 155 wl-message-visible-field-list
96 Wanderlust with POP or IMAP. 126 156 '("^\\(To\\|Cc\\):"
97 What to put in ~/.wl? 127 ;; note: all below are dirs (Maildirs) 157 "^Subject:"
98 128 under elmo-maildir-folder-path 158 "^\\(From\\|Reply-To\\):"
99 So, how to setup Wanderlust to use this? 129 ;; the '.'-prefix is for marking them 159 "^Organization:"
100 Well, our configuration goes into a file 130 as maildirs 160 "^Message-Id:"
101 called ~/.wl. There's a million more 131 wl-fcc ".sent" ;; 161 "^\\(Posted\\|Date\\):"
102 things you can set up here , but let's 132 sent msgs go to the "sent"-folder 162 )
103 stick to the basics here. I'll discuss 133 wl-fcc-force-as-read t ;; 163 wl-message-sort-field-list
104 more tricks and extensions later. 134 mark sent messages as read 164 '("^From"
105 135 wl-default-folder ".inbox" ;; 165 "^Organization:"
106 ;; mode:-*-emacs-lisp-*- 136 my main inbox 166 "^X-Attribution:"
107 ;; wanderlust 137 wl-draft-folder ".drafts" ;; 167 "^Subject"
108 (setq 138 store drafts in 'postponed' 168 "^Date"
109 elmo-maildir-folder-path "~/Maildir" 139 wl-trash-folder ".trash" ;; 169 "^To"
110 ;; where i store my mail 140 put trash in 'trash' 170 "^Cc"))
111 141 wl-spam-folder ".trash" ;; 171
112 wl-stay-folder-window t 142 ...spam as well 172 What to put in ~/.folders?
113 ;; show the folder pane (left) 143 wl-queue-folder ".queue" ;; 173
114 wl-folder-window-width 25 144 we don't use this 174 So, that was the basic setup. Now we need
115 ;; toggle on/off with 'i' 145 175 to tell wanderlust about the folders we'd
116 146 ;; check this folder periodically, and 176 like to see in the user-interface:
117 wl-smtp-posting-server "localhost" 147 update modeline 177 ~/.folders. Wanderlust does not
118 ;; put the smtp server here 148 wl-biff-check-folder-list '(".todo") ;; 178 automatically use all the folder in your
119 wl-local-domain "myhost.example.com" 149 check every 180 seconds 179 ~/Maildir. The folder names in ~/.folders
120 ;; put something here... 150 ;; 180 can refer to maildirs, newsgroups,
** ps
*** gle
name : [p]rocess [s]tatus
Three types of options :
- zero dash -> BSD
- single dash -> UNIX (standard)
- double dash -> GNU
shows the processes of the current terminal by the current user.
If no program was launched from this terminal, then you'll only see bash and ps
$ ps
PID TTY TIME CMD
4127 pts/3 00:00:00 bash
18628 pts/3 00:00:00 ps
$
*** options
**** ps a
remove same user filter
**** ps x
remove same terminal filter
**** ps -N(egate)
filter out
**** ps r[unning]
only running processes
**** ps -A(ll) and ps -e(very)
All processes. They have the exact same output.
$ diff <(ps -A) <(ps -e)
$
*** display ressource usage (cpu+mem)
ps u[sage]
*** process states codes
+ : is in the foreground process group
< : high-priority, not nice to other users (nice very low)
l : multi-threaded
N[ice] : low-priority, nice to other users.
R[un] : Running/runnable
S[leep] : interruptible sleep
s[ession] : session leader
*** sorting
ps --sort <column header>
column headers :
%cpu
%mem
args,cmd,command - the complete command with all its arguments
comm - only the executable name
cputime
etime - elapsed time since process has started
*** tree
use f
ps fax
for example
** pstree
*** -c
don't collapse same looking processes (default is to collapse)
*** -H <pid>
[h]ighlight the specified process
*** -s <pid>
show parents of <pid> only
** pup
*** intro
select elements using css selectors
gle syntax : pup [selectors] [extractors]
selectors are css selectors
some interesting extractors :
attr{<attr>} : get the attr attribute (attr{href} for example)
text{} : get the element's text
json{} : get a json representation of the element
*** invocation
**** pasting HTML text
$ pup [selectors] [extractors] [Enter]
<paste>
<C-d>
<output>
$
**** from HTML file
$ pup [selectors] [extractors] < <file>
<output>
$
*** selectors
**** select by name of the HTML Entity
12:07:45 ~ -1- $ pup title text{} < /tmp/youtube.html
27 INGENIOUSLY EASY HACKS YOU&#39;VE NEVER SEEN BEFORE - YouTube
12:08:22 ~ -1- $
**** select by text
element :contains{text}
**** select the parent of an element
:parentof(element)
**** select by attribute
element[attribute='value']
**** select the first child
tr td:first-child : selects first td of a row
*** extractors
**** extract an html attribute
a attr{href}
**** extract the text of an element
h1 text{}
*** see also
web.info > css
** pv
*** typical usage
operation | pv -s size in human format | operation
some useful options :
-t --timer
-p --progress
-e --eta
*** asciinema usage
pv -q[uiet] -L[imit] 2000[bytes/s] file.vt
this will just slowly print the contents of file to stdout.
*** similar Packages
bar
** pwd
*** -P resolve symlinks
** pyenv
*** mise à jour de pyenv
git pull origin master
*** lister les versions installées
pyenv versions
*** lister les versions de python disponible à l'installation
pyenv install --list
*** installer une version particulilère de python
pyenv install <version>
or better
pyenv install -v[erbose] <version>
Par exemple :
ychaouche#ychaouche-PC 15:35:27 ~/.pyenv $ pyenv install 3.10.1
Downloading Python-3.10.1.tar.xz...
-> https://www.python.org/ftp/python/3.10.1/Python-3.10.1.tar.xz
[...]
*** shims
pyenv uses shims to interecept every call to
python,
pip
or virtualenv
and redirect it to the desired version.
they're in ~/.pyenv/shims
there's one shim for python
on for pip
one for virtualenv.
switching between version of python is done through these shims.
they're put at the beginning of the $PATH variable
so they take precedence over other versions of python.
*** how to set a python version for
**** the current shell
use
pyenv shell
to set a python version for the specific shell
it will take precdence over everything.
**** a specific app
if you want to set a specific version for an app,
cd into that app and pyenv local
this will create a file named .python-version
with the desired version
**** default/global
if no local version if found,
neither in the local directory or any of the parents,
then the ~/.pyenv directory's version is picked up,
which is called the global version,
also set with
pyenv global
*** you can have many at a time for any level
pyenv global system 3.2 3.7
will make system's python, python3.2 and python3.7 all available in your PATH.
*** keeping a cache of downloaded files
create a cache directory in ~/.pyenv
** python
*** PYTHONHOME
where to look for standard library modules
*** PYTHONPATH
where to look for additional modules
** qdbus
*** view buses
qdbusviewer
*** qdbus invocation
general invocation is
qdbus <service> <path> <method> <args>
*** kglobalaccel
**** get all shortcuts
qdbus org.kde.kglobalaccel /component/kwin allShortcutInfo
qdbus org.kde.kglobalaccel /component/kwin shortcutNames
**** invoke a shortcut
qdbus org.kde.kglobalaccel /component/kwin invokeShortcut "Shortcut name" # see get all shortcuts
**** lower window
qdbus org.kde.kglobalaccel /component/kwin invokeShortcut "Window Minimize
** qdbusviewer
view buses
** rcconf
rcconf uses a zenity gui to configure the startup of services at bootime
** readelf
*** see also
similar to objdump
*** display program headers
-l
this lists the loader for example
10:55:28 ~ -1- $ readelf -l DOWNLOADS/APPS/magick | grep interpreter
[Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]
10:55:37 ~ -1- $
** readline
if a key sequence doens't work,
see if it's not already bound with stty
for example,
C-w needs to be unbound from stty in order to be avaiable to readline.
do this:
stty werase undef
Then bind C-w in inputrc:
"\C-w": kill-region
** resolv.conf
search <domaine1> <domaine2>
domains need to be separated by spaces
** rndc
*** rndc output files
/var/cache/bind/
*** vider le cache
rndc flush
*** dump the cache
rndc dumpdb -cache
then look for files in /var/cache/bind/
*** querylog
rndc querylog
cette commande est un toggle
*** transférer une zone
rndc retransfer <zone>
puis grep xfer /var/log/named/main.log pour voir si la zone a bien été ramenée.
** rsync
voir rsync.help
** scp
-P[ort]
scp -P[ort] <user>@<host>:<path> <localpath>
** sed
*** tutorial
https://www.grymoire.com/Unix/Sed.html#uh-48
*** how sed works
- it scans the file line by line
- each line is put in the pattern space
- the pattern space only holds the current line
- next line will clear last line
- hold space is where you put stuff for long term storage.
- you can't operate on the hold space.
- to operate on data stored in the hold space, you first need to copy it to pattern space beacuse commands such as p and s only work on the pattern space.
- many commands to move data to and between the two buffers
g : overwrite the pattern space with the hold space
G : append the hold space to the pattern space
h : overwrite pattern space with hold space
H : append pattern space to hold space
x : swap pattern and hold spaces
*** shebang
#!/bin/sed -f
*** regex style
**** gle
BRE (basic)
gnu sed supports Extended RE with the -r flag
things like \d aren't supported by sed, they are PCRE.
**** matching digits
[[:digit:]]
**** multiple occurences
{n,m}, requires -r flag
'\{n,m\}', requires quotes (or else the shell will remove them \)
**** \( \| \{ \+ \? but not \[
all special characters must be escaped with a \, EXCEPT square brackets [] : s/\(this\|or\|that\)/that/
\w\+ instead of \w+
Apparemment la raison est que les autres caractères sont considérés comme ERE alors que [] c'est une BRE et sed par défaut utilise les BRE.
Si on veut utiliser les ERE en sed on ajoute -r ou -E (non documenté)
**** Remplacer par un saut de ligne \n
make sure the expression is quoted and \n will be replaced by a newline as expected.
*** think about using tr for substitution
tr "SET1" "SET2" < file
tr "[:space:]," '\n'
is the equivalent of
sed 's/[[:space:],]/\n/g'
*** unbuffered output
sed -u
*** Remplacer une chaine dans plusieurs fichiers
sed -i 's/pattern/replacement/g' *
*** replace multiple occurences of a string
if a string can repeat more than once, use g
*** -n and s
you can use s without -n
*** hold and pattern space
**** gle info
for each line it reads,
sed places its output to the pattern space
the pattern space is printed (unless -n)
then cleared out for next line,
contrary to the hold space
**** putting things in the hold space
[h]old : overwrite
[H]old : append
**** getting things from hold space to pattern space
[g]et : overwrite
[G]et : append
**** swapping hold and pattern space
x
*** emulate tail
there is no easy way
*** emulate grep -A n
you can do sed -n '/regex/,+3p' to print 3 lines after /regex/ is found, /regex/ line included.
*** print between pat1 and pat2 excluded
sed -n /pat1/,/pat2/ | sed '1d;$d'
or
/begin/,/end/ {/(begin|end)/!p}
13:54:58 ~ -1- $ printf "%s\n" {1..12} | sed -En '5,10{/(5|10)/!p}'
6
7
8
9
13:55:09 ~ -1- $
*** change the regex delimiters
sed '\cregexcp' prints regex delimited by c, first occurence of c must be escaped, unless you invoke the s command, then you don't have to.
sed 's%regex%replacement%'
*** negative matching
sed -n "1,5!p" print everything but lines 1-5. this is equivalent to 1,5d
*** [i]nsert, [a]ppend, [c]hange line
doesn't make sense with sed -n.
better with sed w/o -n.
a<line><newline>
c<line><newline>
i<line><newline>
if used inside braces (grouped commands), the closing brace needs to be on a newline because a, c and i consider everything until the new line to be their argument.
a, i and c don't touch the pattern space.
example :
4:16:56 ~ -1- $ printf "%s\n" {1..12} | sed -E '5{chello world
> }'
1
2
3
4
hello world
6
7
8
9
10
11
12
14:17:08 ~ -1- $ printf "%s\n" {1..12} | sed -E '5{ahello world
}'
1
2
3
4
5
hello world
6
7
8
9
10
11
12
14:17:14 ~ -1- $ printf "%s\n" {1..12} | sed -E '5{ihello world
}'
1
2
3
4
hello world
5
6
7
8
9
10
11
12
14:17:18 ~ -1- $
*** [b]ranching (goto)
usage is :
<...> b <label>
<...> b <label>
:<label>
#!/bin/sh
sed -n '
# if an empty line, check the paragraph
/^$/ b para
# else add it to the hold buffer
H
# at end of file, check paragraph
$ b para
# now branch to end of script
b
# this is where a paragraph is checked for the pattern
:para
# return the entire paragraph
# into the pattern space
x
# look for the pattern, if there - print
/'"$1"'/ p
'
*** case insenitive matching
*** delete last line
$d
remember to use single quotes,
otherwise bash will change $d with blank
*** multiline sed scripts
$ sed -e command1;command2;command3
$ sed -e "command1;
command2;
command3;"
$ sed -f commands.sed
$ cat commands.sed
command1
command2
$
*** backreferences
use parens to create matching groups
parens need to be escaped
use \1 to reference 1st group
\n to reference nth group
sed s/\(group1\) ... \(group2\)/... \1 ... \2/
*** colorize the output
you can use the reverse video ascii escape sequence
\x1b[7m
then use the reset ascii escape sequence
\x1b[0m
example:
sed 's/\(Not After.*\)/ \x1b[7m \1 \x1b[0m /'
** shorewall
*** Shorewall clear au lieu de stop
Ceci va supprimer les règles et autoriser tout le traffic. Rétablir avec shorewall start.
Shorewall stop bloque toutes les connexions entrantes.
*** Shorewall safe-start au lieu de reload ou start.
la version de shorewall installé sur la messagerie n'accepte pas de fonction reload. Un shorewall start fait l'affaire.
safe commands resets the shorewall to the previous state user hasn't confirmed in 60 seconds.
*** Shorewall safe-restart au lieu restart
*** How to tell if shorewall is running ?
shorewall status
** sleep
sleep <seconds>
** snap
*** install a snap
snap install <package>
*** remove a snap
snap remove <packagename>
*** update a snap
snap refresh <package> # tab completion supported
*** inspect a snap
unsquashfs -l <image.snap>
*** list installed packages
snap list
*** find a snap
snap find <string>
apparently no regex allowed
for eg. find ce.tbot has no results
*** getting info
**** get info on a specific snap
snap info <snap>
snap info --verbose <snap> to show confinement level
**** get the confinement level of a specific snap
1. snap info --verbose <snap>
2. the "notes" column in the snap list output
*** get help
snap help <command>
*** interfaces and connections
**** show all interfaces
snap interfaces
**** [dis]connect an interface
snap [dis]connect <snap>:<plug> <snap>:<slot>
or
snap [dis]connect <snap>:<plug> :<slot>
**** show all connections
snap connections
**** show connections of a specific snap
snap connections <snap>
*** snap storage directory
**** old info
/var/lib/snapd/snaps is where .snap files are actually put. Each snap is relatively small! the whole OS is like 60Mo of disk.
ychaouche#ychaouche-PC 18:05:01 /var/lib/snapd/snaps $ ls
total 370M
-rw------- 2 root root 4.0K Dec 26 13:44 bare_5.snap
-rw------- 2 root root 56M Dec 26 13:44 core18_2253.snap
-rw------- 2 root root 56M Jan 30 12:33 core18_2284.snap
-rw------- 2 root root 56M Mar 17 13:23 core18_2344.snap
-rw------- 1 root root 48M May 8 18:05 core20_1434.snap.partial
-rw------- 2 root root 156M Dec 26 13:48 opera_157.snap
drwxr-xr-x 2 root root 4.0K Mar 25 2019 partial
ychaouche#ychaouche-PC 18:05:01 /var/lib/snapd/snaps $
there's also a snap directory in $HOME
**** new info
.snaps are in /var/lib/snapd/snaps/
when run, the snaps will be mounted and available on /snap/<snap-name>/
/snap/bin has been added to the $PATH at installation time (of snapd)
the /snap/core contains all the needed libs.
the problem is that it's empty :(
*** repair a broken snap
when a snap is broken,
you can't enable it,
you can't refresh it,
you can't revert it.
You just throw it away it seems.
*** inspect recent changes
snap changes
for details on a specific change
snap changes ID
*** logs
sudo journalctl -u snapd
** snapctl
this is used internally by snaps :
to interact with the system and services in its own environement
snapctl start <service-name> --enable
snapctl stop <service-name> --disable
snapctl start <service-name>
snapctl stop <service-name>
snapctl restart <service-name>
snapctl services <service-name>
** sort
*** sort by date
-k6M -k7n : sort by [M]onth on sixth column, and [n]umerically on seventh
root@messagerie-prep[10.10.10.20] /var/backup/sql # find . -mtime +30 -type f -exec ls -rthl {} \; | sort -k6M -k7n
[...]
-rw-r--r-- 1 root root 67K Oct 11 06:15 ./mail.sql.33.gz
-rw-r--r-- 1 root root 451M Oct 12 06:15 ./roundcube.sql.32.gz
-rw-r--r-- 1 root root 67K Oct 12 06:15 ./mail.sql.32.gz
root@messagerie-prep[10.10.10.20] /var/backup/sql #
*** -t field separator
sort -t, -k3 sorts on third field
*** shuf or sort -R ?
shuf uses random permutations (randperm library in coreutils / gl)
shuf supports the -n option which gives at most n results (no need to pipe to head)
voir :
~/DOWNLOADS/CODE/sort.c
http://www.maizure.org/projects/decoded-gnu-coreutils/shuf.html
sort uses md5
voir :
http://www.maizure.org/projects/decoded-gnu-coreutils/sort.html
*** Sorting version numbers with -V
this will turn this
ychaouche#ychaouche-PC 13:34:02 ~/DOWNLOADS/APPS/waterfox $ strings ~/DOWNLOADS/LIBS/libstdc++.so.6.0.21 | grep ^GLIBCXX_3. | sort
GLIBCXX_3.4
GLIBCXX_3.4
GLIBCXX_3.4.1
GLIBCXX_3.4.1
GLIBCXX_3.4.10
GLIBCXX_3.4.10
GLIBCXX_3.4.11
GLIBCXX_3.4.11
GLIBCXX_3.4.12
GLIBCXX_3.4.12
GLIBCXX_3.4.13
GLIBCXX_3.4.13
GLIBCXX_3.4.14
GLIBCXX_3.4.14
GLIBCXX_3.4.15
GLIBCXX_3.4.15
GLIBCXX_3.4.16
GLIBCXX_3.4.16
GLIBCXX_3.4.17
GLIBCXX_3.4.17
GLIBCXX_3.4.18
GLIBCXX_3.4.18
GLIBCXX_3.4.19
GLIBCXX_3.4.19
GLIBCXX_3.4.2
GLIBCXX_3.4.2
GLIBCXX_3.4.20
GLIBCXX_3.4.20
GLIBCXX_3.4.21
GLIBCXX_3.4.21
GLIBCXX_3.4.3
GLIBCXX_3.4.3
GLIBCXX_3.4.4
GLIBCXX_3.4.4
GLIBCXX_3.4.5
GLIBCXX_3.4.5
GLIBCXX_3.4.6
GLIBCXX_3.4.6
GLIBCXX_3.4.7
GLIBCXX_3.4.7
GLIBCXX_3.4.8
GLIBCXX_3.4.8
GLIBCXX_3.4.9
GLIBCXX_3.4.9
ychaouche#ychaouche-PC 13:34:14 ~/DOWNLOADS/APPS/waterfox $
into this
ychaouche#ychaouche-PC 13:34:14 ~/DOWNLOADS/APPS/waterfox $ strings ~/DOWNLOADS/LIBS/libstdc++.so.6.0.21 | grep ^GLIBCXX_3. | sort -V
GLIBCXX_3.4
GLIBCXX_3.4
GLIBCXX_3.4.1
GLIBCXX_3.4.1
GLIBCXX_3.4.2
GLIBCXX_3.4.2
GLIBCXX_3.4.3
GLIBCXX_3.4.3
GLIBCXX_3.4.4
GLIBCXX_3.4.4
GLIBCXX_3.4.5
GLIBCXX_3.4.5
GLIBCXX_3.4.6
GLIBCXX_3.4.6
GLIBCXX_3.4.7
GLIBCXX_3.4.7
GLIBCXX_3.4.8
GLIBCXX_3.4.8
GLIBCXX_3.4.9
GLIBCXX_3.4.9
GLIBCXX_3.4.10
GLIBCXX_3.4.10
GLIBCXX_3.4.11
GLIBCXX_3.4.11
GLIBCXX_3.4.12
GLIBCXX_3.4.12
GLIBCXX_3.4.13
GLIBCXX_3.4.13
GLIBCXX_3.4.14
GLIBCXX_3.4.14
GLIBCXX_3.4.15
GLIBCXX_3.4.15
GLIBCXX_3.4.16
GLIBCXX_3.4.16
GLIBCXX_3.4.17
GLIBCXX_3.4.17
GLIBCXX_3.4.18
GLIBCXX_3.4.18
GLIBCXX_3.4.19
GLIBCXX_3.4.19
GLIBCXX_3.4.20
GLIBCXX_3.4.20
GLIBCXX_3.4.21
GLIBCXX_3.4.21
ychaouche#ychaouche-PC 13:34:39 ~/DOWNLOADS/APPS/waterfox $
*** Sorting on part of a field
**** example 1
$ sort --debug -k3.8,3 /tmp/scores
This will sort on third field which looks like this :
1661767449.M745000P3402.messagerie,S=8134,W=8323:2,c:X-Spam-Status: No, score=-3.412 tagged_above=-999 required=5
so score is 5 characters, score= is 6 characters, but first character is the space precedeing score, so we actually want the 8th character, starting from space, and we need to stop the comparison on 3rd field (,3), otherwise sort will conitnue the comparison to EOL by default.
**** example 2
sort -k8.2,8.7 /tmp/quotalist
sort on 8th field
but only between 2nd and 7th characters
works pretty well :
root@messagerie-principale[10.10.10.19] ~ # sort -k8.2,8.7 /tmp/quotalist | tail
pub.blida@algerian-radio.dz : 1004.24 Mo / 1024 Mo (098.00%)
lamine.harrane@algerian-radio.dz : 1020.36 Mo / 1024 Mo (099.00%)
y.hamel@algerian-radio.dz : 1021.43 Mo / 1024 Mo (099.00%)
contact@radioalgerie.dz : 1027.92 Mo / 1024 Mo (100.00%)
dg.eprs@algerian-radio.dz : 1024.41 Mo / 1024 Mo (100.00%)
fouzia.boulehbel@algerian-radio.dz : 1026.32 Mo / 1024 Mo (100.00%)
mustafa.benaoumeur@algerian-radio.dz : 1028.86 Mo / 1024 Mo (100.00%)
radionet@radioalgerie.dz : 1025.49 Mo / 1024 Mo (100.00%)
saad.tarafi@algerian-radio.dz : 1027.14 Mo / 1024 Mo (100.00%)
dcrr@algerian-radio.dz : 1200.56 Mo / 1024 Mo (117.00%)
root@messagerie-principale[10.10.10.19] ~ #
*** Visual debugging
--debug will show where sort occurs.
*** sort | uniq -> sort -u
nuf saidxs
** sqlite
*** getting help
.help
*** open a database
.open path
*** show tables
.tables
*** describe table
.schema <table> (omit semi-colon)
pragma table_info(table_name) (osqueryi)
*** show current db
.databases
*** run query from command line
sqlite3 databasefile.sqlite "query in between quotes"
use -column -csv -list to change output formatting
*** change output format
**** .mode column
.mode column
name path cmdline process state start_time elapsed_time remote_address remote_port state
---------- ------------ --------------------------------------------- ------------- ---------- ------------ -------------- ----------- -----------
ssh /usr/bin/ssh ssh -p44044 root@messagerie.algerian-radio.dz S 1657203011 10.10.10.19 44044 ESTABLISHED
ssh /usr/bin/ssh ssh -p44044 root@messagerie.algerian-radio.dz S 1657203160 10.10.10.19 44044 ESTABLISHED
ssh /usr/bin/ssh ssh root@messagerie.algerian-radio.dz -p 4404 S 1657204190 10.10.10.19 44044 ESTABLISHED
konversati /usr/bin/kon /usr/bin/konversation -caption Konversation S 1657208270 162.251.69.69 6667 ESTABLISHED
kdeconnect /usr/lib/kde /usr/lib/kde4/libexec/kdeconnectd S 1657184878 0.0.0.0 0 LISTEN
thunderbir /home/ychaou /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/th S 1657184924 10.10.10.19 993 ESTABLISHED
thunderbir /home/ychaou /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/th S 1657184924 10.10.10.19 993 ESTABLISHED
thunderbir /home/ychaou /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/th S 1657184924 10.10.10.19 993 ESTABLISHED
thunderbir /home/ychaou /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/th S 1657184924 10.10.10.19 993 ESTABLISHED
thunderbir /home/ychaou /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/th S 1657184924 10.10.10.19 993 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 204.79.197.200 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 104.21.61.82 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 142.250.201.42 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 13.107.42.14 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 142.251.37.227 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 10x4.21.61.82 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 13.107.42.14 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 87.248.119.252 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 52.35.251.160 443 ESTABLISHED
ssh /usr/bin/ssh ssh root@messagerie.algerian-radio.dz -p 4404 S 1657186761 10.10.10.19 44044 ESTABLISHED
ssh /usr/bin/ssh ssh root@messagerie.algerian-radio.dz -p 4404 S 1657186761 10.10.10.19 44044 ESTABLISHED
ssh /usr/bin/ssh ssh serveur@messagerie.algerian-radio.dz -p 4 S 1657186761 10.10.10.19 44044 ESTABLISHED
ssh /usr/bin/ssh ssh root@messagerie.algerian-radio.dz -p 4404 S 1657186761 10.10.10.19 44044 ESTABLISHED
ssh /usr/bin/ssh ssh serveur@messagerie.algerian-radio.dz -p 4 S 1657186761 10.10.10.19 44044 ESTABLISHED
**** .mode line
osquery> select processes.name, processes.path, processes.cmdline, processes.state as "process state", processes.start_time, processes.elapsed_time, process_open_sockets.remote_address, process_open_sockets.remote_port, process_open_sockets.state from processes JOIN process_open_sockets ON processes.pid = process_open_sockets.pid where process_open_sockets.family=2 and process_open_sockets.protocol=6;
name = ssh
path = /usr/bin/ssh
cmdline = ssh -p44044 root@messagerie.algerian-radio.dz
process state = S
start_time = 1657203011
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
name = ssh
path = /usr/bin/ssh
cmdline = ssh -p44044 root@messagerie.algerian-radio.dz
process state = S
start_time = 1657203160
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
name = ssh
path = /usr/bin/ssh
cmdline = ssh root@messagerie.algerian-radio.dz -p 44044
process state = S
start_time = 1657204190
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
name = konversation
path = /usr/bin/konversation
cmdline = /usr/bin/konversation -caption Konversation
process state = S
start_time = 1657208270
elapsed_time =
remote_address = 162.251.69.69
remote_port = 6667
state = ESTABLISHED
name = kdeconnectd
path = /usr/lib/kde4/libexec/kdeconnectd
cmdline = /usr/lib/kde4/libexec/kdeconnectd
process state = S
start_time = 1657184878
elapsed_time =
remote_address = 0.0.0.0
remote_port = 0
state = LISTEN
name = thunderbird-bin
path = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin
cmdline = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird
process state = S
start_time = 1657184924
elapsed_time =
remote_address = 10.10.10.19
remote_port = 993
state = ESTABLISHED
name = thunderbird-bin
path = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin
cmdline = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird
process state = S
start_time = 1657184924
elapsed_time =
remote_address = 10.10.10.19
remote_port = 993
state = ESTABLISHED
name = thunderbird-bin
path = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin
cmdline = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird
process state = S
start_time = 1657184924
elapsed_time =
remote_address = 10.10.10.19
remote_port = 993
state = ESTABLISHED
name = thunderbird-bin
path = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin
cmdline = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird
process state = S
start_time = 1657184924
elapsed_time =
remote_address = 10.10.10.19
remote_port = 993
state = ESTABLISHED
name = thunderbird-bin
path = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin
cmdline = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird
process state = S
start_time = 1657184924
elapsed_time =
remote_address = 10.10.10.19
remote_port = 993
state = ESTABLISHED
name = waterfox-g4
path = /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4
cmdline = /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4
process state = S
start_time = 1657185139
elapsed_time =
remote_address = 13.107.42.14
remote_port = 443
state = ESTABLISHED
name = waterfox-g4
path = /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4
cmdline = /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4
process state = S
start_time = 1657185139
elapsed_time =
remote_address = 87.248.119.252
remote_port = 443
state = ESTABLISHED
name = waterfox-g4
path = /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4
cmdline = /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4
process state = S
start_time = 1657185139
elapsed_time =
remote_address = 52.35.251.160
remote_port = 443
state = ESTABLISHED
name = ssh
path = /usr/bin/ssh
cmdline = ssh root@messagerie.algerian-radio.dz -p 44044
process state = S
start_time = 1657186761
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
name = ssh
path = /usr/bin/ssh
cmdline = ssh root@messagerie.algerian-radio.dz -p 44044
process state = S
start_time = 1657186761
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
name = ssh
path = /usr/bin/ssh
cmdline = ssh serveur@messagerie.algerian-radio.dz -p 44044
process state = S
start_time = 1657186761
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
name = ssh
path = /usr/bin/ssh
cmdline = ssh root@messagerie.algerian-radio.dz -p 44044
process state = S
start_time = 1657186761
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
name = ssh
path = /usr/bin/ssh
cmdline = ssh serveur@messagerie.algerian-radio.dz -p 44044
process state = S
start_time = 1657186761
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
osquery>
**** .mode list
osquery> .separator " | "
osquery> select processes.name, processes.path, processes.cmdline, processes.state as "process state", processes.start_time, processes.elapsed_time, process_open_sockets.remote_address, process_open_sockets.remote_port, process_open_sockets.state from processes JOIN process_open_sockets ON processes.pid = process_open_sockets.pid where process_open_sockets.family=2 and process_open_sockets.protocol=6;
name | path | cmdline | process state | start_time | elapsed_time | remote_address | remote_port | state
ssh | /usr/bin/ssh | ssh -p44044 root@messagerie.algerian-radio.dz | S | 1657203011 | | 10.10.10.19 | 44044 | ESTABLISHED
ssh | /usr/bin/ssh | ssh -p44044 root@messagerie.algerian-radio.dz | S | 1657203160 | | 10.10.10.19 | 44044 | ESTABLISHED
ssh | /usr/bin/ssh | ssh root@messagerie.algerian-radio.dz -p 44044 | S | 1657204190 | | 10.10.10.19 | 44044 | ESTABLISHED
konversation | /usr/bin/konversation | /usr/bin/konversation -caption Konversation | S | 1657208270 | | 162.251.69.69 | 6667 | ESTABLISHED
kdeconnectd | /usr/lib/kde4/libexec/kdeconnectd | /usr/lib/kde4/libexec/kdeconnectd | S | 1657184878 | | 0.0.0.0 | 0 | LISTEN
thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird | S | 1657184924 | | 10.10.10.19 | 993 | ESTABLISHED
thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird | S | 1657184924 | | 10.10.10.19 | 993 | ESTABLISHED
thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird | S | 1657184924 | | 10.10.10.19 | 993 | ESTABLISHED
thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird | S | 1657184924 | | 10.10.10.19 | 993 | ESTABLISHED
thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird | S | 1657184924 | | 10.10.10.19 | 993 | ESTABLISHED
waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | S | 1657185139 | | 13.107.42.14 | 443 | ESTABLISHED
waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | S | 1657185139 | | 13.107.42.14 | 443 | ESTABLISHED
waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | S | 1657185139 | | 87.248.119.252 | 443 | ESTABLISHED
waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | S | 1657185139 | | 52.35.251.160 | 443 | ESTABLISHED
ssh | /usr/bin/ssh | ssh root@messagerie.algerian-radio.dz -p 44044 | S | 1657186761 | | 10.10.10.19 | 44044 | ESTABLISHED
ssh | /usr/bin/ssh | ssh root@messagerie.algerian-radio.dz -p 44044 | S | 1657186761 | | 10.10.10.19 | 44044 | ESTABLISHED
ssh | /usr/bin/ssh | ssh serveur@messagerie.algerian-radio.dz -p 44044 | S | 1657186761 | | 10.10.10.19 | 44044 | ESTABLISHED
ssh | /usr/bin/ssh | ssh root@messagerie.algerian-radio.dz -p 44044 | S | 1657186761 | | 10.10.10.19 | 44044 | ESTABLISHED
ssh | /usr/bin/ssh | ssh serveur@messagerie.algerian-radio.dz -p 44044 | S | 1657186761 | | 10.10.10.19 | 44044 | ESTABLISHED
osquery>
**** .mode csv
same as list with .separator set to ","
**** .mode pretty
default
*** date time functions
datetime(timestamp,'unixepoch')
*** write results to a files
.headers on
.mode column
.once query_results.txt (only one query)
.output query_results.txt
.output (revert to stdout)
*** queries
***** join
SELECT fields... FROM T1 JOIN T2 USING field
** ssh
voir (bookmark-jump "bash_help::ssh")
/home/ychaouche/.bash_lib/help/ssh:1
** strace
*** filtrer
**** -e file
tracer uniquement les appels systèmes qui prennent un fichier en argument.
**** -e network
les appels système réseau (socket, accept, bind, connect, recvmsg, sendto etc.)
accept: connexions entrantes
connect: connexions sortantes
bind: bind a socket to an address and port number
listen: listen for incomming connexions
how it usually works:
socket: create a socket to listen for incoming connexions
bind: bind the socket to an IP and a port
listen: listen for incoming connexions
when a new connexion comes in, accept it (accept syscall).
then create another socket for that specific connexion,
bind it to a different port,
and use that socket to communicate with that client,
the first socket continues to listen for other incoming connexions.
**** -e process
fork, wait, exec..
**** -e signal
self-ex
*** verbose
-s(tring) : maximum string size (default 32)
-v(erbose) : show all the arguments to a function call
*** passing env variables to the executable
strace -E var=value
*** show file paths associated to fd
-y
*** dump read/write data from specific fd
-e read=fd,fd
-e write=fd,fd
*** only trace syscalls accessing /path/
-P /path/
*** show timestamps
-r : relative
-t : time
-tt : µs
*** profiling
-T : show time spent in syscall
*** distillerror :: summary
source: https://www.brendangregg.com/Shell/distillerror_example01.txt
d/l: ~/DOWNLOADS/CODE/SCRIPTS/distillerror
** stty
helps to define some terminal properties.
For example :
stty wearse undef
this line ^ would free C-w so that we can redefine it in inputrc.
stty stop undef
this line frees C-s so that we can use it in readline for interactive forward search.
** su
*** howtos
**** execute a command as another user
su - <user> -s /bin/bash -c "command with arguments in between quotes"
-s /bin/bash is necessary if the user doesn't have a shell.
*** the "-"
the - is the same -l
It starts a login shell, not just a regular shell. It loads the environement the user would have had he logged in.
** swapon / swapoff
use a partition as swap
swapon /dev/sda7/
will use sda7 as a swap partition.
no need for the partition to be mounted.
swapoff turns off swapping
** syslog-summary
résume les lignes du syslog
root@cloud[10.10.10.84/24] 12:15:38 ~ # syslog-summary /var/log/syslog | sed '1,4d;$d'
2 cloud rsyslogd: [origin software="rsyslogd" swVersion="8.1901.0" x-pid="428" x-info="https://www.rsyslog.com"] rsyslogd was HUPed
1 cloud systemd: logrotate.service: Succeeded.
1 cloud systemd: Started Rotate log files.
13 cloud CRON: (logcheck) CMD ( if [ -x /usr/sbin/logcheck ]; then nice -n10 /usr/sbin/logcheck; fi)
147 cloud CRON: (www-data) CMD (/usr/bin/php /var/www/nextcloud/cron.php)
74 cloud CRON: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)
25 cloud CRON: (root) CMD ( [ -x /usr/lib/php/sessionclean ] && if [ ! -d /run/systemd/system ]; then /usr/lib/php/sessionclean; fi)
25 cloud systemd: Starting Clean php session files...
25 cloud systemd: phpsessionclean.service: Succeeded.
25 cloud systemd: Started Clean php session files.
12 cloud CRON: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
2 cloud systemd: Starting Daily apt download activities...
2 cloud systemd: apt-daily.service: Succeeded.
2 cloud systemd: Started Daily apt download activities.
1 cloud CRON: (root) CMD (test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily ))
1 cloud systemd: Starting Daily apt upgrade and clean activities...
1 cloud systemd: apt-daily-upgrade.service: Succeeded.
1 cloud systemd: Started Daily apt upgrade and clean activities.
1 cloud CRON: (root) CMD (test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly ))
1 cloud systemd: Started Session 341473 of user root.
1 cloud systemd: session-341473.scope: Succeeded.
1 cloud systemd: Started Session 341500 of user root.
1 cloud systemd: Started Session 341503 of user root.
1 cloud systemd: Started Session 341513 of user root.
root@cloud[10.10.10.84/24] 12:15:40 ~ #
** systemctl
*** whatis
permet de controller systemd
*** how to invoke it?
systemctl <action> <service>
eg:
systemctl stop mysqld[u]
*** start/stop enable/disable
enable / disable a service at bootup
start / stop the service now
systemctl stop <service>
*** status
status + dernière ligne de log
17:01:43 ~ -1- $ systemctl status snap-certbot-2836.mount
Failed to issue method call: No such interface 'org.freedesktop.DBus.Properties' on object at path /org/freedesktop/systemd1/unit/snap_2dcertbot_2d2836_2emount
17:01:45 ~ -1- $
*** mask/unmask
systmectl mask/unmask service
*** revert
this will revert a unit file to its initial state (as shipped by the vendro/distro[u])
** tar
*** copy a directory over to another location
DLtar vcf- sourcedir | pv -s SIZE in human readable form | tar vxf- -C targetdir
*** what is an archive
an archive is a file containing the contents of many files, along with their metadata (name, owner, permissions)
*** misc info
**** extract only some files
you can extract only some files out of an archive
**** good for backups
tar has useful features to make incremental or full backups
**** always use -f option
always use -f option. By default, -f is -
**** recursive by default
tar is recusrive by default
*** commands
**** list
tar -t -f archive.tar
tar tvzf archive.tar.gz
**** extract
***** extract a single member
tar -f archive.tar -x path/to/file
will extract to $PWD
***** extract a member without creating its parents
--strip-components=<N>, where N is the number of parents to skip (do not create)
***** extract a XZ compressed file
-J or --xz
***** extract a to a directory
--directory=dir / --directory dir
-C dir
**** create an archive of a directory
***** all members
tar -cvzf dir.tar.gz dir/
***** exclude some members
tar -cvzf dir.tar.gz dir/ --exclude=PATTERN
**** update old archive
tar uvzf archive.tar DIR1/ DIR2/
doesn't work on compressed archives
**** remove a member
--delete path/to/member
**** follow symlinks
tar uhf .bash_lib2.tar .bash_lib/
this will include the help subdirectory
which is a link
*** compression options
***** XZ = J
debian's .deb file contain XZ compressed tar files.
ar fp libssl-dev_1.1.0l-1~deb9u4_amd64.deb data.tar.xz | tar Jvx -C libssl-dev_1.1/
*** read from stdin
this is the default (-f -)
** tctrace
A TCP traceroute, useful when ICMP is filtered by a firewal.
** tcpdump
*** device selection
-i[nterface]
*** how to capture
. use -i to specify the interface
. use -v to get verbose output
. use "or"/"and" to combine filters
. save to file with -w <filename>
- open with wireshark / tshark
*** output formats
**** display port numbers instead of port names
-n[umeric]
**** display IPs instead of hostnames
-n[umeric]
**** verbose
-v[erbose]
**** capture a certain number of packets
-c[apture] <n>
*** filerting
**** gle syntax
man pcap-filter
tcpdump <direction> <type> <protocol>
type = host[default], net, port, portrange
direction = dst,src
protocol = tcp,udp
examples :
tcpdump dst host 192.168.100.10 and src port 25
**** show traffic coming through a specific port
tcpdump port n
tcpdump src port n
tcpdump dst port n
**** show incoming connexions
tcpdump tcp[13]==2 and host <myhost>
see man tcpdump to understand what tcp[13] is.
basically, this will look at the 13th byte of the TCP packet where control flags are.
1st byte 2nd byte 3rd byte 4th byte
,----------- ,----------- ,------------- ,----------
/ `\ / `\/ `\/ `\
0 7 15 23 31
-----------------------------------------------------------------
| source port[2]] | destination port [2] |
-----------------------------------------------------------------
| sequence number [4] |
-----------------------------------------------------------------
| ack number [4] |
-----------------------------------------------------------------
| HL+RSVD[1] |control bits[1]| window size[2] |
-----------------------------------------------------------------
| TCP checksum[2] | urgent pointer[2] |
-----------------------------------------------------------------
The flags work like a mask, with values starting at the right.
+--------------------+
| control bits |
|--------------------|
| C | E| U| A|P|R|S|F|
|--------------------|
| 7| 6| 5| 4|3|2|1|0| bit order
|128|64|32|16|8|4|2|1| bit value
+--------------------+
So, for filtering on FIN, tcp[13]==1
for filtering on SYN+ACK, tcp[13]==16+2=18
etc.
**** filter by network
tcpdump dst net not (192.168.0.0/16 or 10.0.0.0/8)
show only packets going to outside of the network.
*** output interpretation
**** flags
P[ush]
. ack
S[yn]
F[in]
U[rgent]
R[eset]
**** [S] > [R.]
A Syn immediately followed by a Reset+Ack : port closed. Don't talk to me.
**** [S] > [S.] > [.]
Complete three-way handshake.
**** sequence numbers
should increase.
first in a series should be equal to last ack number
**** ack numbers
should increase;
next seq number should be last ack number
*** unbuffering output
-l
*** common options
**** -A[SCII]
Dump packet contents as strings
Show HTTP/IMAP for ex.
**** -l[line-bufferd]
line-buffered (unbuffered output)
**** -q[uick]
quick|quiet : print less
**** -v[erbose]
verbose output
**** -w[rite]
save to file
*** -r permission denied
this is blocked by apparmor.
file extension must be .pcap
** tee
*** append
tee -a
** telnet
you *NEED* to invoke telnet w/o arguments to enter its interactive mode.
$ telnet
telnet> open google.fr 443
Trying 142.251.37.163...
Connected to google.fr.
Escape character is '^]'.
^]
telnet> open google.fr 80
?Already connected to google.fr
telnet> close
Connection closed.
telnet> open google.fr 443
Trying 142.251.37.163...
Connected to google.fr.
Escape character is '^]'.
^]
telnet>
** timeout
run a command within the specified amount of time
timeout "$timeout" bash -c "echo > /dev/tcp/$host/$port" && echo "port $port reached" || echo "couldn't reach port $port"
** top
z : couleurs
x : highlight sort column
y : highlight running tasks
c : show full command name / path
mm : change meter style of memory to blocks
tt : change meter style of cpu to blocks
V : tree view
0 : leave blanks where the value is 0
1 : show all cpus
** tr
*** keep only one occurence
tr -s[queeze]
useful for replacing multiple newlines with just one
*** replace spaces and puntuations with "_"
tr -s "[:space:][:punct:]" _
source : https://www.linuxquestions.org/questions/blog/michael-uplawski-1023960/download-radio-broadcasts-in-mp3-format-37903/
*** remove newlines
remove both \n and \r with tr -d
root@messagerie-principale[10.10.10.19] ~ # grep -E '(FN|TEL)' /tmp/meziane | tr -d '\n\r'
FN:Tahar MEZIANEFN:Meziane ZIANIFN:MEZIANE HamidFN:Abdelkader mezianeFN:MEZIANE MouradTEL;TYPE=home:5375root@messagerie-principale[10.10.10.19] ~ #
** tracepath
tracepath is a replacement to traceroute
except it uses random udp ports instead of ICMP protocol
so theoritically can be used even if ICMP disabled on host
practically, if a host doesn't respond with traceroute, it won't respond to tracepath too.
** truncate
-s 0 : zero the file
** type
*** get the path only
type -p <name> will return only the path to the command instead of <name> is <path>
** tty
gives the pts associated with current virtual terminal
exemple
ychaouche#ychaouche-PC 10:00:29 ~ $ tty
/dev/pts/7
ychaouche#ychaouche-PC 10:00:30 ~ $
** ulimit
*** whatis
The ulimit bash builtin allows to set resource limits for programs run by current shell.
*** print current limits
ulimit -a
*** specifying values
values must be in 1024 increments
*** unset a limit
set it to unlimited
ulimit -<option> unlimited
*** resident memory (rss) limit
-m[emory]
*** virtual memory limit
-v[irtual]
*** soft and hard limits
when neither -H or -S are supplied, both hard and soft limits are changed
soft limits can be changed but have to remain lower than hard limits.
hard limits can only be lowered.
** unexpand
transform spaces to tab
see also ** expand
** unoconv
$ unoconv file.doc
will create file.pdf
it can also convert excel files!
** update-alternatives
*** voir les alternatives à une commande
--query <command>
exemple :
ychaouche#ychaouche-PC 13:26:03 /usr/share/man $ update-alternatives --query pager
Name: pager
Link: /usr/bin/pager
Slaves:
pager.1.gz /usr/share/man/man1/pager.1.gz
Status: auto
Best: /usr/bin/lv
Value: /usr/bin/lv
Alternative: /bin/less
Priority: 77
Slaves:
pager.1.gz /usr/share/man/man1/less.1.gz
Alternative: /bin/more
Priority: 50
Slaves:
pager.1.gz /usr/share/man/man1/more.1.gz
Alternative: /usr/bin/lv
Priority: 80
Slaves:
pager.1.gz /usr/share/man/man1/lv.1.gz
Alternative: /usr/bin/most
Priority: 60
Slaves:
pager.1.gz /usr/share/man/man1/most.1.gz
Alternative: /usr/bin/pg
Priority: 10
Slaves:
pager.1.gz /usr/share/man/man1/pg.1.gz
ychaouche#ychaouche-PC 13:28:09 /usr/share/man $
*** changer l'alternative à une commande
sudo update-alternatives --config <command> (TUI)
** unsquashfs :: squashfs
*** list files in a squash image
unsquashfs -lls <file>
*** extract files
unsquashfs -li <file>
*** extract specific files
unsquashfs -li <file> <path>
** useradd / adduser
*** wiw (which is which)
useradd : bas niveau, ne pas utiliser.
adduser : haut niveau, à utiliser, même pour ajouter un user existant à un group existant.
*** system users
**** Pour ajouter un utilisateur system
adduser --system username
**** difference avec un utilisateur ordinaire
Normal users are used by people. System users are used by daemons.
System users do not have homes and no login shells.
*** ajouter un utilisateur existant à un groupe existant
adduser <user> <group>
or
newgrp <group>, which doesn't require logout/login
** valgrind
warns if the number of frees is inferior to the number of mallocs.
significantly slows down the execution of the program
compiler avec les symboles de débogage pour avoir la ligne de code qui pose problème
kcachegrind permet de lire les fichiers produits par callgrind (valgrind --callref ou qqch comme ça). Il permet de voir quelles sont les fonctions appelées et à quelles fréquences elles sont appelées.
plus de 2 000 000 d'instructions sont nécessaires pour faire tourner le plus simple des programmes C++. Tout ça concerne le runtime.
** vim
*** copying the whole line
yy
*** paste
p
*** replace character under cursor
r
*** delete character under cursor
x
** vsphere :: ESXi :: vmware
*** voir aussi tech.info
section * ESXi :: vmware
*** Changer l'IP du host à partir de la webui
--------------------------------------------
Dans Networking, choisir la carte vmk0, cliquer sur éditer. Voir : https://imgur.com/a/AEjLfZj
*** how to resize the disk
1. You need to power off the VM and remove snapshots.
2. Le disque augmente, mais pas la partition, il faut donc lancer l'utilitaire de disque windows (formattage) et étendre la partition.
aucun redémarrage n'est nécessaire.
*** Installation de vmware tools
Il suffit de cliquer sur install vmware tools,
cela va monter le CD/DVD vmware sur la machine hôte.
Il faut ensuite aller vers la machine hôte et naviguer avec le clavier pour lancer l'installation depuis le CD/DVD.
*** comment faire le backup d'une VM
Il faut l'exporter en tant que template,
ce qui permet de recréer la VM
même sur un autre hyperviseur.
*** cloner une VM par copie de fichiers
** watch
*** highlights differences
-d
*** watch an alias or complicated bash line
turn that to a script file and exec that file instead
** wget
-O[utput file]
-c[ontinue]
** whob
in scripts, don't do
whob $IP
do
echo "$IP" | whob
because whob only reads from stdin.
** wireshark
*** filtres de capture
Le filtre de capture comprend le format bpf,
bcp moins granulaire que les filtres d'affichage.
Seuls les protocoles de la couche 3 sont filtrables
(tcp, ip, icmp),
ni ceux plus haut (applicatif http, dns),
ni ceux plus bas (ethernet, 802.11...)
exemple :
host 192.168.100.150 and tcp port 445
*** Remonter une info en colonne
**** clique-droit sur le champ
Appliquer en colonne
**** clique-droit sur l'en tête des colonnes
Column preferences > +
*** trouver le nom d'un champ
Voir le nom du champ entre parenthèse dans la status bar une fois qu'on est dessus.
*** suivre une conversation particulière
Statistiques > Conversations > select one then right-clic > apply as filter.
*** rechercher l'host avec la plus grande consommation de b/w
statistics > endpoints > IPv4 > sort by bytes
*** voir les requêtes HTTP
statistiques > HTTP > Requests
*** détecter des lenteurs dans le réseau
Stats > Conversations > choisir une conversation puis cliquer sur Graph > <type>, choisir <RTT> (round-trip time), cocher éventuellement <RTT by sequence number>.
Ça donne un graphique étalé dans le temps des temps de réponse
*** ne pas utiliser ...!=... mais !(...==...)
par exemple, ip.addr peut être soit l'addresse de destination ou l'addresse source.
ip.addr != <IP> veut dire soit l'une ou l'autre des addresses est différente de <IP>, ce qui est tout le temps vrai quand il y a deux machines différentes qui se parlent.
mais !(ip.addr == <IP>) veut dire aucune des addresses ne doit être égale à <IP>, c'est ce qu'on utilise pour filtrer les conversations incluant notre IP.
ip.addr != <myip> donne quelques paquets venant de mon IP.
!(ip.addr == <myip>) ne donne aucune paquet venant de mon IP.
source : https://www.wireshark.org/lists/wireshark-users/200903/msg00247.html
explication : https://ask.wireshark.org/question/1751/difference-between-ipaddr-192021-and-ipaddr-192021/
*** voir la consommation global de b/w
donne une indication sur d'éventuels pics
Statistiques > I/O Graphs
*** grapher n'importe quelle valeur
stats > I/O graph > +
puis mettre la valeur qu'on veut grapher et la fonction d'aggeregation si on le souhaite (moyenne)
*** grep sur les paquets
frame contains chainedecaractèressansguillemets
ou bien
frame match regex
ça va chercher dans tous les champs de tous les paquets (tous protocoles confondus)
*** créer un bouton de filtre rapide
Il suffit de cliquer tout à fait à droite du input de filtrage pour créer un bouton qui servira à appliquer directement le filtre désiré.
*** extraire des fichiers
Fichier > Exporter objets > HTTP/SMB/TFTP
*** infos rapides (erreurs, warnings)
bouton doré en bas à gauche
** wmctrl
*** gle
permet de faire les opérations de wm depuis la ligne de commande
(move, resize, stick, always on top etc.)
*** combien de fenêtre ouvertes ?
wmctrl -l
** xargs
use -0 in conjunction with find -print0 to parse files with special characters, spaces etc.
** xbindkeys
*** config file
~/.xbindkeysrc
*** how to get key codes
xbindkeys -k
*** mouse buttons
b:1(left) b:2(middle) b:3(right) b:4(mousewheel-up) b:5(mousewheel-down)
*** special keys
Release, Control, Shift, Mod1 (Alt), Mod4
windows key : Mod4 + Super_L[left]
*** reload after config file change
it is automatic. Nevertheless, you can still use
killall -HUP xbindkeys
** xclip
*** invokation
# 1. print the contents of the clipboard
$ xclip -o -selection clipboard
# 2. set the content of the clipboard
$ echo "ha" | xclip [-i] -selection clipboard
$ xclip -selection clipboard <<<"HA"
# 3. paste file to the clipboard
$ xclip [-i] -selection clipboard <file>
*** put things in the clipboard
echo "what" | xclip -selection clipboard
now Ctrl+v will paste what.
*** get things from the clipboard
xclip -o -selection clipboard
will output what's in the clipboard
** xdotool
xdotool type --window <wid> "whatever" <- this will simulate keyboard input to window that has the <wid> id.
xdotool search --class <class> --limit 1 key "ctrl+l" <- send ctrl+l to the first window wich class <class>
classname : specific (capoizapodizapodiza, Google-cahrome)
class : generic (Google-chrome)
** xmllint
shell to navigate xml code
** xprop
*** à quel programe appartient cette fenêtre ?
xprop > click. Parfois WM_COMMAND donne la commande (systemsettings, vlc) mais pas tout le temps (firefox, libreoffice)
** youtube-dl
*** n'est plus maintenu
voir youtube-dlp, nécessite python3.6, n'est pas fourni sur mint.
*** pour éviter qu'il ne se plante
youtube-dl -f mp4 pour éviter qu'il cherche du webm tout seul et du m4a tout seul et qu'il se plante à la fusion.
youtube-dl -f mp3 ne fonctionnera pas. On télécharge avec -x et on transforme après -avconv/ffmpeg-
--prefer-avconv
--external-downloader avconv
--yes-playlist
*** Pour télécharger une playlist
simplement mettre l'ID de la playlist, -i éventuellement pour ignorer les erreurs des vidéos qui ne sont plus dispos etc.
*** output filename
-o filename.ext
%(ext)s
%(title)s
*** mise à jour
??
*** --geo-bypass
** zip
voir ~/.bash_lib/help/zip
* by function
** text processing
*** transforming
**** convert tabs to spaces
expand
**** convert spaces to tab
unexpand
**** formatting numbers
see * byname ** numfmt
**** converting "1" to "one"
see * byname ** number
**** replace multiple newlines with just one
tr -s[queeze]
useful for replacing multiple newlines with just one
**** replace spaces and puntuations with underscore
tr -s "[:space:][:punct:]" _
source : https://www.linuxquestions.org/questions/blog/michael-uplawski-1023960/download-radio-broadcasts-in-mp3-format-37903/
**** remove newlines
remove both \n and \r with tr -d
root@messagerie-principale[10.10.10.19] ~ # grep -E '(FN|TEL)' /tmp/meziane | tr -d '\n\r'
FN:Tahar MEZIANEFN:Meziane ZIANIFN:MEZIANE HamidFN:Abdelkader mezianeFN:MEZIANE MouradTEL;TYPE=home:5375root@messagerie-principale[10.10.10.19] ~ #
*** searching
**** grep
voir * core commands
**** tre-agrep, grep approximatif
*** producing
**** figlet
voir * byname ** figlet
**** boxes
voir * byname ** boxes
**** cowsay
voir * byname ** cowsay
*** processing
**** join fields with paste
see * byname ** paste
**** sed
voir * byname ** sed
**** awk
voir * byname ** awk
**** nl
voir * core commands
**** sort
voir * core commands
**** get info from file2 based on id from file1 with join
see * byname ** join
**** fold -s / fmt
see * byname ** fold/fmt
**** paginate a file with pr
see * byname ** pr
**** json
***** jq
see * byname ** jq
***** jshon
voir * byname ** jshon
***** other tools
****** gle
- aeson-pretty : provides a single pretty print command, written in haskell
- jparse : compacts to a single line
- jq
- jshon : The API is awkward. see ***** jshon ****** extract multiple values from a single key.
- kwalify <- this is for YAML
- yajl-tools : validate / minmize / beautify json
- emacs json-mode
- VS code
****** ff ext
json-lite : has some folding
json-formatter : only adds newlines and tabs
**** diff
voir * core commands
** command line tricks
*** pick a random element from a list
ychaouche#ychaouche-PC 16:15:04 ~ $ shuf -n1 -e one two three four
two
ychaouche#ychaouche-PC 16:15:20 ~ $ shuf -n1 -e one two three four
four
ychaouche#ychaouche-PC 16:15:21 ~ $ shuf -n1 -e one two three four
three
ychaouche#ychaouche-PC 16:15:22 ~ $ shuf -n1 -e one two three four
one
ychaouche#ychaouche-PC 16:15:22 ~ $ shuf -n1 -e one two three four
one
ychaouche#ychaouche-PC 16:15:22 ~ $ shuf -n1 -e one two three four
four
ychaouche#ychaouche-PC 16:15:23 ~ $ shuf -n1 -e one two three four
three
ychaouche#ychaouche-PC 16:15:23 ~ $ shuf -n1 -e one two three four
one
ychaouche#ychaouche-PC 16:15:23 ~ $ shuf -n1 -e one two three four
two
ychaouche#ychaouche-PC 16:15:23 ~ $
*** Rejouer une commande précédente avec correctif
^coquille^correctif^ va rejouter l'ancienne commande en changeant coquille par correctif
*** defining a function in linear code
use a ; at the end of the last command
foo(){command; command; command;}; foo $1
*** undefining a function
unset -f funcname
*** to know if ^D will quit the shell or not :: how many nested levels
echo $SHLVL # if this prints 1, then you are at the top level shell
*** paste to a command
**** direct paste
if the command has a read, you just paste after the read, no need for EOF anywhere.
ychaouche#ychaouche-PC 16:55:16 ~/MUSIQUE/UNEDIT $ while read file; do echo $file; done
demosophie.aac
socialcredit.aac
critiquedepierrehillard.aac
wikipedia.aac
PierreHILLARDPANDEMIEMONDIALISME.aac
VitaminD.aac
--- ^ pasted ^ ---
--- v echo v ---
demosophie.aac
socialcredit.aac
critiquedepierrehillard.aac
wikipedia.aac
PierreHILLARDPANDEMIEMONDIALISME.aac
VitaminD.aac
^C
ychaouche#ychaouche-PC 16:55:31 ~/MUSIQUE/UNEDIT $
**** sponge
reads all stdin before passing it to the next command
$ sponge | command
^V
[...]
^D
[next command]
$
*** get the path to a command
command -v
command -V prints an additional "is" as in x "is" y
gives path to the command,
or tell if the command is a shell builtin
*** numeric sequence
for file in /var/log/log.{2..14}.gz
do
<...>
done
ychaouche#ychaouche-PC 14:55:04 ~ $ for i in {1..10}; do echo -n $i; done; echo
12345678910
ychaouche#ychaouche-PC 14:55:05 ~ $
see also [1]
[1] https://stackoverflow.com/questions/5349718/how-can-i-repeat-a-character-in-bash
*** redirections
command > file 2>&1 will redirect both 1 and 2 to file
but command 2>&1 > file will only redirect 1 to file, because when 2 was redirected 1 was still pointing to stdout.
*** command grouping
{ command1; command2; command3 } | process_output
*** globbing
**** examples
ls {fullchain,privkey}.pem
ychaouche#ychaouche-PC 14:49:27 ~/SCRIPTS $ ls ~/DATA/RADIOALGERIE.DZ/SSL/{fullchain,privkey}.pem
-rwxrwxrwx 1 root root 3.5K Nov 2 10:50 /home/ychaouche/DATA/RADIOALGERIE.DZ/SSL/fullchain.pem
-rwxrwxrwx 1 root root 1.7K Nov 2 10:50 /home/ychaouche/DATA/RADIOALGERIE.DZ/SSL/privkey.pem
ychaouche#ychaouche-PC 14:54:28 ~/SCRIPTS $
**** characters
? : any character
. : itself
* : any string
[abc] : a or b or c
[!abc] : anything but a or b or c
[a-z] : the a to z range
{abc,def} : abc or def
**** extended globs (extglobs)
***** setting/setting extglobs
shopt -s extglob # set
<do things>
shopt -u extglob # unset
***** constructs
?(pattern-list) : Matches zero or one occurrence of the given patterns
*(pattern-list) : Matches zero or more occurrences of the given patterns
+(pattern-list) : Matches one or more occurrences of the given patterns
@(pattern-list) : Matches one of the given patterns
!(pattern-list) : Matches none of the given patterns
*** execute previous command with string substitution
replace all : !!:gs/from/to/
replace all : ^from^to^:G # didn't work,
12:36:52 /usr/share/man -1- $ di -h -t ext4 -t fuseblk -t btrfs -t ntfs -t fat
stat: ext4 No such file or directory
stat: -t No such file or directory
stat: fuseblk No such file or directory
stat: -t No such file or directory
stat: btrfs No such file or directory
stat: -t No such file or directory
stat: ntfs No such file or directory
stat: -t No such file or directory
stat: fat No such file or directory
12:37:38 /usr/share/man -1- $ ^-t^-I^:G
bash:
12:38:09 /usr/share/man -1- $
*** stopping a pipe after head finishes
so (long | pipe | command) | head -1
Any command writing to stdout will be captured by head.
If it tries to write to it while head has finished, it will receive a sigpipe and die.
Sometimes, for example if you're writing a for loop, the last command will die but the for loop will continue to run.
So what needs to be done is to add a "break" when sigpipe is sent.
for example :
root@messagerie-principale[10.10.10.19] ~ # command ls -1t /var/log/dovecot.log* | while read -r filename; do zgrep -H --line-buffered --color -E 'login.*a.chaouche' $filename | tail -1 || break; done | head -1/var/log/dovecot.log:Oct 11 09:58:19 imap-login: Info: Login: user=<a.chaouche@algerian-radio.dz>, method=PLAIN, rip=192.168.211.106, lip=10.10.10.19, lport=993, service=imap, ssl=TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
root@messagerie-principale[10.10.10.19] ~ #
Will return immediately, because of the
tail -1 || break
w/o the break, all other files will be processed.
*** wait until a process writes to a FIFO
< /path/to/fifo || continue
*** do precise arihtmetic operations (floats)
scale=2
ychaouche#ychaouche-PC 09:59:25 ~ $ bc <<< "scale=2; 6/14"
.42
ychaouche#ychaouche-PC 09:59:33 ~ $
*** tab-complete hostnames defined in /etc/host
some commands like ssh can complete it automatically,
but commands like krdp do not.
In such cases, use M-@.
*** print a tree of the filesystem
tree.
Example:
root@messagerie-secours[CHROOT][10.10.10.20] ~/SCRIPTS/APACHE # tree /var/www/MAINTENANCE-MODE/
/var/www/MAINTENANCE-MODE/
├── css
│ ├── style.css
│ └── style.css~
├── images
│ ├── linen_header.jpg
│ ├── linen.jpg
│ ├── linen_login.jpg
│ └── roundcube_logo.png
├── javascript
│ ├── jquery.min.js
│ └── TimeCircles.js
├── maintenance.html
├── maintenance.html~
└── style
├── TimeCircles.css
└── TimeCircles.css~
4 directories, 12 files
root@messagerie-secours[CHROOT][10.10.10.20] ~/SCRIPTS/APACHE #
*** redirect stdout to more than one process
command | tee >(p1) >(p2) >(p3) >/dev/null
10:54:22 ~ -1- $ openssl s_client -connect messagerie.algerian-radio.dz:443 -CApath /etc/ssl/certs/ </dev/null | tee >(grep Verify) >(grep Start) >/dev/null
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = algerian-radio.dz
verify return:1
Start Time: 1694685269
Verify return code: 0 (ok)
DONE
10:54:29 ~ -1- $
see also: pee
*** colorize part of the output
use sed to replace the matching line with ascii escape sequences
you can use the reverse video ascii escape sequence
\x1b[7m
then use the reset ascii escape sequence
\x1b[0m
example:
sed 's/\(Not After.*\)/ \x1b[7m \1 \x1b[0m /'
*** break long lines
use fmt -s
-s prevent the joining of the next line.
example output
------------------------------ --------------------
Dec 10 11:00:28 to=<sabrinagostotop@gmail.com>, status=deferred (host
alt1.gmail-smtp-in.l.google.com[142.250.153.26] said: 452-4.2.2 The
recipient's inbox is out of storage space. Please direct the 452-4.2.2
recipient to 452 4.2.2 https://support.google.com/mail/?p=OverQuotaTemp
n24-20020a170906b31800b00a1c9d73e570si2436365ejz.529 - gsmtp (in reply
to RCPT TO command))
------------------------------ --------------------
Dec 10 11:03:28 to=<gacemcpradio@gmail.dz>, status=bounced (Name service
error for name=gmail.dz type=MX: Malformed or unexpected name server
reply)
------------------------------ --------------------
Dec 10 11:09:14 to=<fouzia.boulehbel@algerian-radio.dz>, status=bounced
(host messagerie.algerian-radio.dz[private/dovecot-lmtp] said: 552 5.2.2
<fouzia.boulehbel@algerian-radio.dz> Quota exceeded (mailbox for user
is full) (in reply to end of DATA command))
------------------------------ --------------------
*** add timestamps to stdin
just pipe it to /usr/bin/ts
** other gems
https://github.com/alebcay/awesome-shell
** Editors
vim
hexedit
Emacs -> voir emacs.info
ed -> voir linux.info * ed (bookmark-jump "linux::ed")
** working on files
*** working on specific files
**** working on log files
logcheck
logger
lnav
logrotate
dmesg
syslog-summary
logtail
**** working on source files
cg & vg
ctags / etags
git
bzr
**** working with archives
pax prend en charge plusieurs types d'archives.
**** working with XML files
Chercher dans un fichier xml avec xgrep en utilisant xpath avec l'option -x ou des regexpn avec -s
**** working with csv files
***** csvkit
****** installation
pip install csvkit
this installs openpyxl 3.0.5 which only works with python3
****** tools
after that, you will have a bunch of utilities in /usr/local/bin
ychaouche#ychaouche-PC 15:00:38 ~ $ ls /usr/local/bin/csv
csvclean csvformat csvjoin csvlook csvsort csvstack
csvcut csvgrep csvjson csvpy csvsql csvstat
ychaouche#ychaouche-PC 15:00:38 ~ $
****** csvgrep
csvgrep -m <search_pattern> -c<column_number>
**** working with pdf files
***** packages
poppler-uils
libpodofo-utils
***** move pages
podofopages --move <from> <to> [0 based]
will move page number <from> to number <to>
it is part of the libpodofo-utils package
***** merge pdfs into one document
pdfunite will concatenate multiple pdf files into one single file
it is part of the poppler-utils package
***** extract pages
pdftk 6-serveurs.pdf cat 1 output 6-serveurs.p1.pdf
***** convert pdfs to image
same as ** convert images to pdf except use -density 300 to get sharp text.
**** working with doc files
***** convert to pdf
$ unoconv file.doc
will create file.pdf
***** examine malicious macros
article [1]
uses oledump.py[2],
itslef using ole python modules
sources :
[1] http://web.archive.org/web/20220816195545/https://fishtech.group/cybersecurity/extracting-and-analyzing-malicious-word-macros-for-threat-hunting/
[2] https://github.com/DidierStevens/DidierStevensSuite/blob/bc54396e18e7957bb27502dfbbb8ab072509bc9f/oledump.py#L1888
**** working on binary files
binwalk
binary diffs : radare, dhex
**** working on links
***** copier les fichiers pointés par un symlink
cp -L
rsync --copy-links
***** dereference symlinks
ls -H symlink
readlink -f symlink
realpath symlink
stat -c "%N" symlink
find symlink -printf "%l\n"
***** print real path to current directory
pwd -P
readlink -f .
realpath .
ls -ld .
stat -c "%N" .
find . -printf "%l\n"
12:11:48 ~/VIDEOS -1- $ readlink -f .
/mnt/partage_local/VIDEOS
12:11:55 ~/VIDEOS -1- $ realpath .
/mnt/partage_local/VIDEOS
12:12:02 ~/VIDEOS -1- $ pwd -P
/mnt/partage_local/VIDEOS
12:12:09 ~/VIDEOS -1- $ pwd
/home/ychaouche/VIDEOS
12:12:11 ~/VIDEOS -1- $
***** finding all links
find -type l
***** finding broken links only
find -xtype l
for more explanation see *** find **** -xtype l
***** finding working links only
find -type l -not -xtype l
example :
19:07:31 ~/snap -1- $ find . -type l -not -xtype l -exec file {} \;
./slack/67/.config/gtk-2.0/gtkfilechooser.ini: symbolic link to `/home/ychaouche/.config/gtk-2.0/gtkfilechooser.ini'
./slack/67/.config/dconf/user: symbolic link to `/home/ychaouche/.config/dconf/user'
./slack/67/.config/ibus/bus: symbolic link to `/home/ychaouche/.config/ibus/bus'
./slack/67/.config/gtk-3.0/settings.ini: symbolic link to `/home/ychaouche/.config/gtk-3.0/settings.ini'
./slack/67/.config/gtk-3.0/bookmarks: symbolic link to `/home/ychaouche/.config/gtk-3.0/bookmarks'
./slack/68/.config/gtk-2.0/gtkfilechooser.ini: symbolic link to `/home/ychaouche/.config/gtk-2.0/gtkfilechooser.ini'
./slack/68/.config/dconf/user: symbolic link to `/home/ychaouche/.config/dconf/user'
./slack/68/.config/ibus/bus: symbolic link to `/home/ychaouche/.config/ibus/bus'
./slack/68/.config/gtk-3.0/settings.ini: symbolic link to `/home/ychaouche/.config/gtk-3.0/settings.ini'
./slack/68/.config/gtk-3.0/bookmarks: symbolic link to `/home/ychaouche/.config/gtk-3.0/bookmarks'
./riseup-vpn/current: symbolic link to `179'
./certbot/current: symbolic link to `2618'
19:07:44 ~/snap -1- $
**** working on ceritificates
***** how to verify a chained cert
openssl crl2pkcs7 -nocrl -certfile <file> | openssl pkcs7 -print_certs -noout
explanation
-----------
CRL : Certificate Revocation List
crl2pkcs7 will convert the certfile from <> to PKCS7 format [u]
-in option is wrong. It is for CRL files.
Use -certfile to give the certificate file
-nocrl is mandatory. w/o this the program will wait for input from stdin
the pkcs7 command will print the certificates
***** verify alt subject
x509 -text | grep DNS
root#ychaouche-PC 11:56:19 /etc/letsencrypt/live # openssl x509 -in radioalgerie.dz-0001/fullchain.pem -text | grep DNS
DNS:*.radioalgerie.dz, DNS:radioalgerie.dz
root#ychaouche-PC 11:56:23 /etc/letsencrypt/live #
or
x509 -text then grep -A1 on Alt
example :
ychaouche#ychaouche-PC 11:41:58 ~/DOWNLOADS/TOOLS $ openssl x509 -in fullchain.pem -text | grep -i alt -A1
X509v3 Subject Alternative Name:
DNS:*.radioalgerie.dz, DNS:radioalgerie.dz
ychaouche#ychaouche-PC 11:42:19 ~/DOWNLOADS/TOOLS $
***** print subject and dates
openssl x509 -in <certfile> -noout -subject -dates
***** verify a remote certificate
openssl s_client -servername <servername> -connect host:port -CApath /etc/ssl/certs [-starttls <smtp|pop3|imap>] | openssl x509 -noout -subject -dates
**** working on HTML files
html2txt
**** working on configuration files
You can use augtool from the augeas library to edit any value in any config file,
provided it has its own lense
17:28:13 ~/DOCUMENTS/INTERNE/MESSAGERIE -1- $ augtool get /files/home/ychaouche/.ssh/config/Host[10]
/files/home/ychaouche/.ssh/config/Host[10] = labonedjma.net
17:29:53 ~/DOCUMENTS/INTERNE/MESSAGERIE -1- $ augtool set /files/home/ychaouche/.ssh/config/Host[10] labonedjma
Saved 1 file(s)
17:29:59 ~/DOCUMENTS/INTERNE/MESSAGERIE -1- $ augtool get /files/home/ychaouche/.ssh/config/Host[10]
/files/home/ychaouche/.ssh/config/Host[10] = labonedjma
17:30:02 ~/DOCUMENTS/INTERNE/MESSAGERIE -1- $
*** Get/Change the encoding of a file
uchardet permet de donner l'encodage d'un fichier. Dans quelques cas, file aussi.
iconv -to -from
recode est dangereux car il ré-encode sur place.
*** renaming files
**** rename
you need to know perl
on my machine it is a link to alternatives which is a link to prename (perl rename)
**** mmv
easiest :
mmv *.html.* #2.html.#1 <- will replace main.html.en to main.en.html. #n will be replaced by the wildcards characters : * anything, ? a single char, [a-z] a range of chars.
a special wildcard character ";" is for specifying recursivity : ;*.html.* will find any .html. file in any subdirectory, including the 0th (cwd).
**** prename
*** data recovery
extundelete /dev/sda1 --restore-file /root/test.sh
# list files
ext4magic /dev/sda1 -a "$(date -d "-4hours" +%s)" -f /root/ -j -l
# list files
ext4magic /dev/sda1 -Lx -f root/ > /tmp/files
other tools:
dff (digital forensics framework)
scalpel
testdisk
*** finding file duplicates
fdupes https://github.com/adrianlopezroche/fdupes
dugu https://github.com/DeaDSouL/dugu
rmlint
ddupes
rdfind https://rdfind.pauldreik.se/
jdupes
fslint
findup
duff
hadori
hardlink
*** finding broken links
see *** find **** -xtype l
*** creating temporary files
outfile=$(mktemp)
echo blah > "$outfile"
rm -f $outfile
*** remove old files
tmpreaper
*** file paths
**** extract filename out of file path
basename
but using bash is also good.
see filename.path.basename
function filename.path.basename () {
# much faster than calling basename, especially in a loop
echo ${1##*/}
}
**** getting full path to a file
realpath <file>
readlink -f <file>
*** emptying a file
1. > <file>
2. echo -n > <file>
3. cat < /dev/zero|null > <file>
4. truncate -s 0 <file>
*** printing files
to print large diagrams into multiple pages use rasterbator.net
or look for a printing software that has a "tiling" option
adobe acrobat has it,
but last version for linux is 2014
** working on directories
*** monitoring directories
**** fsniper
Write rules on file names or filetypes that are triggered as soon as a new file arrives in a watched directory.
*** disk usage viewers
**** filelight
lent, vue radiale ne permet pas de voir rapidement ce qui consomme le plus.
**** ncdu
***** description
fast, vue en barchart avec options de tri permet de voir rapidement les plus gros. Permet d'effacer. Plusieurs façons de trier.
***** keys
c : show count of files in subdir
i : info
g : show perecentage + graph
r : refresh (recalc)
< / h : up
***** src
see https://dev.yorhel.nl/ncdu
*** print real path to current directory
pwd -P
readlink -f .
realpath .
ls -ld .
12:11:48 ~/VIDEOS -1- $ readlink -f .
/mnt/partage_local/VIDEOS
12:11:55 ~/VIDEOS -1- $ realpath .
/mnt/partage_local/VIDEOS
12:12:02 ~/VIDEOS -1- $ pwd -P
/mnt/partage_local/VIDEOS
12:12:09 ~/VIDEOS -1- $ pwd
/home/ychaouche/VIDEOS
12:12:11 ~/VIDEOS -1- $
** working on filesystems
*** mount an already mounted directory somewhere else
use --bind
mount --bind /proc /usr/local/proc
*** how to create a working chroot
you need to mount /proc /dev and /sys of the live system.
mount --bind /proc <chroot>/proc
mount --bind /dev <chroot>/dev
mount --bind /sys <chroot>/sys
*** squashfs
**** list files in a squash image
unsquashfs -lls <file>
**** extract files
unsquashfs -li <file>
**** extract specific files
unsquashfs -li <file> <path>
*** how to run a program inside a chroot
use schroot
voir /home/ychaouche/NOTES/TXT/linux.info:1543
** working on processes
*** redirect output of a running process
reredirect on github : https://github.com/jerome-pouiller/reredirect/
dupx -used gdb-
https://github.com/nelhage/reptyr
*** locate and modify a variable in a running process
scanmem + gameconqueror
gameconquere is a UI to scanmem
*** how do you know if a service boots or not ?
systemctl is-enabled <servicename>.service
tab completion works for systemctl commands and services
example :
root#cloud 13:11:07 ~ # systemctl is-enabled lsyncd.service
lsyncd.service is not a native service, redirecting to systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install is-enabled lsyncd
disabled
root#cloud 13:11:15 ~ #
*** is the service running ?
systemctl is-active <service>
** working on disks
*** documented
parted
fdisk
di
*** other tools
cfdisk
parted
gdisk pour GPT
lsblk <- most useful to have an overview.
root@pve:~# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
loop0 7:0 0 30G 0 loop
loop1 7:1 0 40G 0 loop
sda 8:0 0 558.7G 0 disk
├─sda1 8:1 0 1007K 0 part
├─sda2 8:2 0 512M 0 part
└─sda3 8:3 0 558.2G 0 part
├─pve-swap 253:0 0 8G 0 lvm [SWAP]
├─pve-root 253:1 0 96G 0 lvm /
├─pve-data_tmeta 253:2 0 4.4G 0 lvm
│ └─pve-data-tpool 253:4 0 429.5G 0 lvm
│ ├─pve-data 253:5 0 429.5G 0 lvm
│ ├─pve-vm--101--disk--0 253:7 0 20G 0 lvm
│ ├─pve-vm--102--disk--0 253:8 0 20G 0 lvm
│ ├─pve-vm--103--disk--0 253:10 0 32G 0 lvm
│ └─pve-vm--103--state--http_OK 253:12 0 4.5G 0 lvm
└─pve-data_tdata 253:3 0 429.5G 0 lvm
└─pve-data-tpool 253:4 0 429.5G 0 lvm
├─pve-data 253:5 0 429.5G 0 lvm
├─pve-vm--101--disk--0 253:7 0 20G 0 lvm
├─pve-vm--102--disk--0 253:8 0 20G 0 lvm
├─pve-vm--103--disk--0 253:10 0 32G 0 lvm
└─pve-vm--103--state--http_OK 253:12 0 4.5G 0 lvm
sdb 8:16 0 1.4T 0 disk
└─sdb1 8:17 0 1.4T 0 part
├─DataStorage-vm--106--disk--2 253:9 0 100G 0 lvm
└─DataStorage-vm--106--disk--0 253:17 0 250G 0 lvm
sr0 11:0 1 1024M 0 rom
root@pve:~#
*** ajout d'un disque à la 10.10.10.21
=======================================
Copie du mail que j'ai envoyé à Mounia aujourd'hui mardi 07/02/17 à 12:19 sous le titre : [SRV] Comment ajouter un nouveau disque à une machine linux
Voici le contenu du mail :
#######################################""
Quand tu branches le disque tu dois pouvoir le retrouver dans /dev/sdX où X va représenter une lettre (a,b,c,d, etc.)
Sur la 10.10.10.21 :
root@backup[10.10.10.21] /mnt/diskB # ls /dev/sd*
brw-rw---T 1 root disk 8, 0 Aug 17 09:18 /dev/sda
brw-rw---T 1 root disk 8, 1 Aug 17 09:18 /dev/sda1
brw-rw---T 1 root disk 8, 2 Aug 17 09:18 /dev/sda2
brw-rw---T 1 root disk 8, 5 Aug 17 09:18 /dev/sda5
brw-rw---T 1 root disk 8, 16 Aug 17 09:18 /dev/sdb
brw-rw---T 1 root disk 8, 17 Aug 17 09:18 /dev/sdb1
root@backup[10.10.10.21] /mnt/diskB #
On voit que la machine possède deux disques : /dev/sda et /dev/sdb. Chaque partition est un numéro dans le disque. Ainsi, le disque /dev/sda possède 3 prtitions numérotées sda1, sd2 et sda5. Le disque sdb possède une seule partition sdb1.
Chaque partition est montée sur "un point de montage" c'est à dire un dossier dans le système de fichier, souvent à la racine mais pas forcément. Pour voir les partitions et leurs points de montage on tape la commande mount comme ceci :
root@backup[10.10.10.21] /mnt/diskB # mount
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
udev on /dev type devtmpfs (rw,relatime,size=10240k,nr_inodes=251735,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=202580k,mode=755)
/dev/disk/by-uuid/93b60fb8-c831-4413-a854-65d2888fa41d on / type ext4 (rw,relatime,errors=remount-ro,user_xattr,barrier=1,data=ordered)
tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)
tmpfs on /run/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=1229660k)
/dev/sdb1 on /var/vmail type ext4 (rw,relatime,errors=remount-ro,user_xattr,barrier=1,data=ordered)
rpc_pipefs on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
root@backup[10.10.10.21] /mnt/diskB #
Dans cet exemple, on peut voir que la machine possède 2 partitions montées : l'une sur "/" et l'autre sur /var/vmail/.
- /dev/disk/by-uuid/93b60fb8-c831-4413-a854-65d2888fa41d est montée sur "/"
- /dev/sdb1 est montée sur /var/vmail/
La première partition est monté par ID universel unique ou UUID (Universal Unique ID) du disque et non par son nom classique "/dev/sda2", c'est juste une autre manière de catégoriser les disques qui est plus universelle.
La commande mount ne montre que les partitions montées sur le système, il peut y avoir des partitions non montées (par ex. des partitions windows).
Pour voir toutes les partitions, on utilise la commande parted -l comme ceci :
root@backup[10.10.10.21] /mnt/diskB # parted -l
Model: ATA ST3250318AS (scsi)
Disk /dev/sda: 250GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Number Start End Size Type File system Flags
1 1049kB 246GB 246GB primary ext4 boot
2 246GB 250GB 4222MB extended
5 246GB 250GB 4222MB logical linux-swap(v1)
Model: ATA ST500DM002-1BD14 (scsi)
Disk /dev/sdb: 500GB
Sector size (logical/physical): 512B/4096B
Partition Table: gpt
Number Start End Size File system Name Flags
1 2097kB 500GB 500GB ext4 storage
root@backup[10.10.10.21] /mnt/diskB #
On vois bien ici que la machine possède une partition supplémentaire qui est le swap et dont le numéro est 5, on peut donc la retrouver dans /dev/sda5. Cette partition de 422 Mb sert uniquement à conserver sur le disque toute ou partie de la RAM, par exemple lors d'une mise en veille ou d'une hibernation (mise en veille prolongée). C'est ce qui permet au système au moment d'être réactivé de retrouver toutes les données qui étaient en mémoire avant sa mise en veille.
On peut utiliser une autre commande pour voir les partitions avec le taux de consommation, c'est la commande df comme ceci :
root@backup[10.10.10.21] /mnt/diskB # df -h
Filesystem Size Used Avail Use% Mounted on
rootfs 226G 9.7G 205G 5% /
udev 10M 0 10M 0% /dev
tmpfs 198M 328K 198M 1% /run
/dev/disk/by-uuid/93b60fb8-c831-4413-a854-65d2888fa41d 226G 9.7G 205G 5% /
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 1.2G 0 1.2G 0% /run/shm
/dev/sdb1 459G 77G 359G 18% /var/vmail
root@backup[10.10.10.21] /mnt/diskB #
On vois ici que la première partition du premier disque montée sur la racine du système de fichier "/" est présente deux fois dans les résultats de la commande df : une fois avec le libellé rootfs et une fois avec son UUID. Elle est utilisée à seulement 5%.
La première partition du deuxième disque /dev/sdb1 et utilisée à 18% et est montée sur /var/vmail, c'est elle qui contient toutes les boites principales et les boites de backup.
Je pense que le système de fichier racine ne devrait pas dépasser les 50Go d'espace disque. Cette partition contient les bibliothèques systèmes et les executables.
Ce que je préconise c'est de mettre tout /var/ dans une partition à part, car c'est elle qui contiendra les boites emails ainsi que les bases de données et les fichiers log, ce qui va prendre le plus de place.
Comme nous avons deux disques, l'un de 226G et l'autre de 460 Go, je préconise de créer le schéma de partitionnement suivant :
50 Go depuis le disque 1 pour "/"
175Go depuis le disque 1 + 459 Go depuis le disque 2 = 634 Go pour "/var/"
Comme ça on peut profiter de l'espace disque perdu du disque 1 qui ne sera jamais utilisé si on laisse le schéma de partionnement actuel.
Comment monter une partition ?
Une fois que tu as branché le disque et que tu connais sa lettre, tu peux monter le disque temporairement à l'emplacement souhaité avec la commande mount, comme ceci :
mount /dev/sdb1/ /mnt/diskB/
Le dossier /mnt/ est un dossier classiquement utilisé pour le montage temporaire d'une partition. Il faut au préalable créer le dossier diskB à cet emplacement.
mkdir /mnt/diskB/
A partir de là on pourra lire et écrire sur cette partition, mais uniquement pour cette session... au prochain redémarrage de la machine la partition ne sera pas montée.
Pour que le montage soit persistant, il faut ajouter une ligne dans le fichier /etc/fstab. C'est un fichier qui est lu par le système au démarrage et qui indique quelles sont les partitions à monter et à quels emplacements dans le système de fichier elles seront disponibles (les points de montages).
Par exemple, voici le contenu de la fstab sur 10.10.10.21 :
root@backup[10.10.10.21] /mnt/diskB # cat /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
# / was on /dev/sda1 during installation
UUID=93b60fb8-c831-4413-a854-65d2888fa41d / ext4 errors=remount-ro 0 1
# swap was on /dev/sda5 during installation
UUID=6baf6f45-7521-489d-b808-3c9029de431d none swap sw 0 0
/dev/sr0 /media/cdrom0 udf,iso9660 user,noauto 0 0
/dev/sdb1 /var/vmail ext4 errors=remount-ro 0 1
root@backup[10.10.10.21] /mnt/diskB #
Si tu regardes la dernière ligne c'est celle-là que j'ai ajouté pour le deuxième disque.
Voici l'ordre des champs et leur significations :
# <file system> <mount point> <type> <options> <dump> <pass>
Le premier champ va indiquer le chemin vers le device : /dev/sdb1
Ensuite, le point de montage /var/vmail
Ensuite le type du système de fichier, j'ai formatté la partition en ext4 donc j'indique ext4. Si c'était une partition windows, on aurait eu probablement du NTFS.
Ensuite les options de montage. Il y en a beaucoup, j'ai juste indiqué qu'en cas d'erreurs trouvées sur le disque que la partition soit monté en lecture seule (remount-ro, ro = read only).
Les deux dernières colonnes 0 et 1 j'ai simplement copié ce que j'ai trouvé dans la première ligne (celle du premier disque)
Quand la machine va redémarrer elle va lire le fichier /etc/fstab et va monter le deuxième disque comme indiqué.
N'hésite pas à revenir vers moi pour toute question ou commentaire.
CC à système : documentation.
#######################################""
*** using swap
swapon /dev/sda7
will use sda7 as swap
swapoff will turn off swap
*** comment avoir le UUID d'une partition
sudo blkid /dev/<device>
only works as root
09:36:28 ~ -2- $ sudo blkid /dev/sda1
/dev/sda1: LABEL="RM-CM-)servM-CM-) au systM-CM-(me" UUID="2C1AE3A61AE36B72" TYPE="ntfs"
09:36:31 ~ -2- $ sudo blkid /dev/sda2
/dev/sda2: UUID="367A3A5F7A3A1BD5" TYPE="ntfs"
09:36:33 ~ -2- $
*** partition resizing
cfdisk -> resize
** working on other hardware
*** list
best tool : hwlist.sh
download : https://docs.google.com/uc?export=download&id=0Bwop4xigaCYXUG0xYThNU1QzSjg
url : http://simplylinuxfaq.blogspot.in/p/how-to-find-hardware-details-in-linux.html
hwlist.sh <- top, strips off uninstalled modules :
dmidecode <- best, not too much details
hwinfo <- good, too much detail
inxi <- very readable
lshw <-
pourquoi différence entre output de inxi et Ctrl-Echap ? (system activity)
what are bogomips ?
*** k3b
voir * by name
** working with loopdevices
losetup -a to show all loopdevices
** working with libraries
*** undocumented
readelf -x
objdump -x <lib> -> has a "versions definitions" section
where libraries put their version number
for binaries to process.
*** how to
**** show dynamic symbols
nm -D <bin or lib>
this will show functions or global variables not resolved until runtime,
probably after loading all the proper shared libraries
**** check if ld.so can load an executable
$ /lib64/ld-linux-x86-64.so.2 --verify <bin>
$ echo $?
**** run a program w/ particular libs
ld.so --library-path <path> <bin>
or
LD_LIBRARY_PATH=<...> <bin>
**** show where symbols are being fetched from
LD_DEBUG=bindings <bin>
**** show what version of libraries are needed to run a binary
LD_DEBUG=versions <bin>
For example, png16 is by libfreetype.6.12, and png12 was required by libfreetype6.11.
$ LD_DEBUG=versions /opt/teamviewer/tv_bin/TeamViewer 2>&1 | grep PNG
20194: checking for version `PNG12_0' in file /lib/x86_64-linux-gnu/libpng12.so.0 [0] required by file /usr/lib/x86_64-linux-gnu/libfreetype.so.6 [0]
ychaouche#ychaouche-PC 17:12:41 ~/DOWNLOADS/LIBS/FREETYPE2.6/usr/lib/x86_64-linux-gnu $ LD_DEBUG=versions LD_PRELOAD=./libfreetype.so.6.12.3 /opt/teamviewer/tv_bin/TeamViewer 2>&1 | grep PNG
20222: checking for version `PNG16_0' in file /usr/lib/x86_64-linux-gnu/libpng16.so.16 [0] required by file ./libfreetype.so.6.12.3 [0]
^C
$
**** show the required shared libraries needed by a binary
ldd <bin>
**** print where ld will search for libs
ldconfig -p
the cache fil being /etc/ld.so.conf
**** show the versions supplied by a library
find which lib provides that version using strings:
$ strings /lib/i686/libc.so.6 | grep GLIBC_2.3
$ strings /path/to/newglib/libc.so.6 | grep GLIBC_2.3
for example
16:54:38 ~/DOWNLOADS/APPS/MAGIK/usr/lib -1- $ strings /lib/x86_64-linux-gnu/libm.so.6 | grep GLIBC
GLIBC_2.2.5
GLIBC_2.4
GLIBC_2.15
GLIBC_2.18
GLIBC_PRIVATE
16:57:37 ~/DOWNLOADS/APPS/MAGIK/usr/lib -1- $
**** show what version of libc6 is installed
# package.is.installed libc6
libc6:amd64 2.19-18+deb8u10
#
*** see also
linux.info * libraries
** working with the desktop
*** documented
wmctrl
xdotool
xprop
notify-send
xbindkeys
qdbus
qdbusviewer
klipper
*** keyboard
**** send keyboard strokes
xdotool type --window <wid> "whatever" <- this will simulate keyboard input to window that has the <wid> id.
xdotool search --class <class> --limit 1 key "ctrl+l" <- send ctrl+l to the first window with class <class>
classname : this is specific (capoizapodizapodiza, Google-cahrome)
class : this is generic (Google-chrome)
**** working with the clipboard
***** get content of the clipboard
xclip -o -selection clipboard
***** set content of the clipboard
echo "thing" | xclip -selection clipboard # puts "thing" in the clipboard
***** keep a history of selected text
see * by name ** klipper
**** visual keyboard
xvkbd
**** get all shortcuts
qdbus org.kde.kglobalaccel /component/kwin allShortcutInfo
qdbus org.kde.kglobalaccel /component/kwin shortcutNames
**** invoke a shortcut
qdbus org.kde.kglobalaccel /component/kwin invokeShortcut "Shortcut name" # see get all shortcuts
**** show keyboard keys
***** screenkey
version mint non configurable. C'est la version originelle.
J'ai modifié timeout directement dans le code source.
version en ligne configurable. C'est la 0.2 [1][2]
[1] https://gitlab.com/screenkey/screenkey
[2] https://www.thregr.org/~wavexx/software/screenkey/#cannot-stop-screenkey-or-no-status-icon
***** key-mon
*** show mouse clicks
kde config center > desktop effects > all effects > Mouse click animation
Win + Alt + c
*** wm operations
**** gle
wmctrl
**** combien de fenêtre ouvertes ?
wmctl -l
**** lower a specific window
qdbus org.kde.kglobalaccel /component/kwin invokeShortcut "Window Minimize
**** à quel programe appartient cette fenêtre ?
xprop > click. Parfois WM_COMMAND donne la commande (systemsettings, vlc) mais pas tout le temps (firefox, libreoffice)
**** sending desktop notification
notify-send "label" "all the info you need"
this will send a desktop notification.
*** dbus
**** view buses
qdbusviewer
**** keyboard shortcuts
voir *** keyboard
*** sound
**** view controls
ychaouche#ychaouche-PC 11:34:29 /usr/share/man $ amixer scontrols
Simple mixer control 'Master',0
Simple mixer control 'Headphone',0
Simple mixer control 'Headphone Mic',0
Simple mixer control 'Headphone Mic Boost',0
Simple mixer control 'Headphone+LO',0
Simple mixer control 'Speaker',0
Simple mixer control 'PCM',0
Simple mixer control 'Line Out',0
Simple mixer control 'Beep',0
Simple mixer control 'Capture',0
Simple mixer control 'Capture',1
Simple mixer control 'Auto-Mute Mode',0
Simple mixer control 'Digital',0
Simple mixer control 'Headset Mic',0
Simple mixer control 'Headset Mic Boost',0
Simple mixer control 'Input Source',0
Simple mixer control 'Input Source',1
Simple mixer control 'Loopback Mixing',0
ychaouche#ychaouche-PC 11:43:01 /usr/share/man $
**** increase/decrease volume
amixer set Master 5%+
amixer set Master 5%-
**** mute PC speakers
amixer set Speaker mute
unplug/replug head/earphones if necessary.
**** get current volume
ychaouche#ychaouche-PC 15:39:24 /usr/share/man $ amixer get Master | egrep -o '[0-9]{1,3}%'
51%
ychaouche#ychaouche-PC 15:39:27 /usr/share/man $
*** automation
use xvfb-run
xvfb-run is a command-line tool
that simplifies the task of running X11 clients
(typically GUI applications)
in a virtual X server environment.
It is a wrapper for the Xvfb command,
which creates a virtual X server
that runs in memory
without a physical display.
xvfb-run sets up an X authority file,
writes a cookie to it,
and then starts the specified command within the virtual X server environment.
This allows X11 clients to run without requiring a physical display or user interaction.
xvfb-run is often used for automated testing of GUI applications,
as well as for running X11 clients in headless environments
such as servers or containers.
** working with databases
*** sqlite
**** getting help
.help
**** open a database
.open path
**** show tables
.tables
**** describe table
.schema <table> (omit semi-colon)
pragma table_info(table_name) (osqueryi)
**** show current db
.databases
**** run query from command line
sqlite3 databasefile.sqlite "query in between quotes"
**** change output format
***** .mode column
.mode column
name path cmdline process state start_time elapsed_time remote_address remote_port state
---------- ------------ --------------------------------------------- ------------- ---------- ------------ -------------- ----------- -----------
ssh /usr/bin/ssh ssh -p44044 root@messagerie.algerian-radio.dz S 1657203011 10.10.10.19 44044 ESTABLISHED
ssh /usr/bin/ssh ssh -p44044 root@messagerie.algerian-radio.dz S 1657203160 10.10.10.19 44044 ESTABLISHED
ssh /usr/bin/ssh ssh root@messagerie.algerian-radio.dz -p 4404 S 1657204190 10.10.10.19 44044 ESTABLISHED
konversati /usr/bin/kon /usr/bin/konversation -caption Konversation S 1657208270 162.251.69.69 6667 ESTABLISHED
kdeconnect /usr/lib/kde /usr/lib/kde4/libexec/kdeconnectd S 1657184878 0.0.0.0 0 LISTEN
thunderbir /home/ychaou /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/th S 1657184924 10.10.10.19 993 ESTABLISHED
thunderbir /home/ychaou /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/th S 1657184924 10.10.10.19 993 ESTABLISHED
thunderbir /home/ychaou /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/th S 1657184924 10.10.10.19 993 ESTABLISHED
thunderbir /home/ychaou /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/th S 1657184924 10.10.10.19 993 ESTABLISHED
thunderbir /home/ychaou /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/th S 1657184924 10.10.10.19 993 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 204.79.197.200 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 104.21.61.82 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 142.250.201.42 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 13.107.42.14 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 142.251.37.227 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 10x4.21.61.82 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 13.107.42.14 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 87.248.119.252 443 ESTABLISHED
waterfox-g /tmp/.mount_ /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 S 1657185139 52.35.251.160 443 ESTABLISHED
ssh /usr/bin/ssh ssh root@messagerie.algerian-radio.dz -p 4404 S 1657186761 10.10.10.19 44044 ESTABLISHED
ssh /usr/bin/ssh ssh root@messagerie.algerian-radio.dz -p 4404 S 1657186761 10.10.10.19 44044 ESTABLISHED
ssh /usr/bin/ssh ssh serveur@messagerie.algerian-radio.dz -p 4 S 1657186761 10.10.10.19 44044 ESTABLISHED
ssh /usr/bin/ssh ssh root@messagerie.algerian-radio.dz -p 4404 S 1657186761 10.10.10.19 44044 ESTABLISHED
ssh /usr/bin/ssh ssh serveur@messagerie.algerian-radio.dz -p 4 S 1657186761 10.10.10.19 44044 ESTABLISHED
***** .mode line
osquery> select processes.name, processes.path, processes.cmdline, processes.state as "process state", processes.start_time, processes.elapsed_time, process_open_sockets.remote_address, process_open_sockets.remote_port, process_open_sockets.state from processes JOIN process_open_sockets ON processes.pid = process_open_sockets.pid where process_open_sockets.family=2 and process_open_sockets.protocol=6;
name = ssh
path = /usr/bin/ssh
cmdline = ssh -p44044 root@messagerie.algerian-radio.dz
process state = S
start_time = 1657203011
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
name = ssh
path = /usr/bin/ssh
cmdline = ssh -p44044 root@messagerie.algerian-radio.dz
process state = S
start_time = 1657203160
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
name = ssh
path = /usr/bin/ssh
cmdline = ssh root@messagerie.algerian-radio.dz -p 44044
process state = S
start_time = 1657204190
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
name = konversation
path = /usr/bin/konversation
cmdline = /usr/bin/konversation -caption Konversation
process state = S
start_time = 1657208270
elapsed_time =
remote_address = 162.251.69.69
remote_port = 6667
state = ESTABLISHED
name = kdeconnectd
path = /usr/lib/kde4/libexec/kdeconnectd
cmdline = /usr/lib/kde4/libexec/kdeconnectd
process state = S
start_time = 1657184878
elapsed_time =
remote_address = 0.0.0.0
remote_port = 0
state = LISTEN
name = thunderbird-bin
path = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin
cmdline = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird
process state = S
start_time = 1657184924
elapsed_time =
remote_address = 10.10.10.19
remote_port = 993
state = ESTABLISHED
name = thunderbird-bin
path = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin
cmdline = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird
process state = S
start_time = 1657184924
elapsed_time =
remote_address = 10.10.10.19
remote_port = 993
state = ESTABLISHED
name = thunderbird-bin
path = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin
cmdline = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird
process state = S
start_time = 1657184924
elapsed_time =
remote_address = 10.10.10.19
remote_port = 993
state = ESTABLISHED
name = thunderbird-bin
path = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin
cmdline = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird
process state = S
start_time = 1657184924
elapsed_time =
remote_address = 10.10.10.19
remote_port = 993
state = ESTABLISHED
name = thunderbird-bin
path = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin
cmdline = /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird
process state = S
start_time = 1657184924
elapsed_time =
remote_address = 10.10.10.19
remote_port = 993
state = ESTABLISHED
name = waterfox-g4
path = /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4
cmdline = /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4
process state = S
start_time = 1657185139
elapsed_time =
remote_address = 13.107.42.14
remote_port = 443
state = ESTABLISHED
name = waterfox-g4
path = /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4
cmdline = /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4
process state = S
start_time = 1657185139
elapsed_time =
remote_address = 87.248.119.252
remote_port = 443
state = ESTABLISHED
name = waterfox-g4
path = /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4
cmdline = /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4
process state = S
start_time = 1657185139
elapsed_time =
remote_address = 52.35.251.160
remote_port = 443
state = ESTABLISHED
name = ssh
path = /usr/bin/ssh
cmdline = ssh root@messagerie.algerian-radio.dz -p 44044
process state = S
start_time = 1657186761
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
name = ssh
path = /usr/bin/ssh
cmdline = ssh root@messagerie.algerian-radio.dz -p 44044
process state = S
start_time = 1657186761
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
name = ssh
path = /usr/bin/ssh
cmdline = ssh serveur@messagerie.algerian-radio.dz -p 44044
process state = S
start_time = 1657186761
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
name = ssh
path = /usr/bin/ssh
cmdline = ssh root@messagerie.algerian-radio.dz -p 44044
process state = S
start_time = 1657186761
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
name = ssh
path = /usr/bin/ssh
cmdline = ssh serveur@messagerie.algerian-radio.dz -p 44044
process state = S
start_time = 1657186761
elapsed_time =
remote_address = 10.10.10.19
remote_port = 44044
state = ESTABLISHED
osquery>
***** .mode list
osquery> .separator " | "
osquery> select processes.name, processes.path, processes.cmdline, processes.state as "process state", processes.start_time, processes.elapsed_time, process_open_sockets.remote_address, process_open_sockets.remote_port, process_open_sockets.state from processes JOIN process_open_sockets ON processes.pid = process_open_sockets.pid where process_open_sockets.family=2 and process_open_sockets.protocol=6;
name | path | cmdline | process state | start_time | elapsed_time | remote_address | remote_port | state
ssh | /usr/bin/ssh | ssh -p44044 root@messagerie.algerian-radio.dz | S | 1657203011 | | 10.10.10.19 | 44044 | ESTABLISHED
ssh | /usr/bin/ssh | ssh -p44044 root@messagerie.algerian-radio.dz | S | 1657203160 | | 10.10.10.19 | 44044 | ESTABLISHED
ssh | /usr/bin/ssh | ssh root@messagerie.algerian-radio.dz -p 44044 | S | 1657204190 | | 10.10.10.19 | 44044 | ESTABLISHED
konversation | /usr/bin/konversation | /usr/bin/konversation -caption Konversation | S | 1657208270 | | 162.251.69.69 | 6667 | ESTABLISHED
kdeconnectd | /usr/lib/kde4/libexec/kdeconnectd | /usr/lib/kde4/libexec/kdeconnectd | S | 1657184878 | | 0.0.0.0 | 0 | LISTEN
thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird | S | 1657184924 | | 10.10.10.19 | 993 | ESTABLISHED
thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird | S | 1657184924 | | 10.10.10.19 | 993 | ESTABLISHED
thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird | S | 1657184924 | | 10.10.10.19 | 993 | ESTABLISHED
thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird | S | 1657184924 | | 10.10.10.19 | 993 | ESTABLISHED
thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird-bin | /home/ychaouche/DOWNLOADS/APPS/THUNDERBIRD/thunderbird/thunderbird | S | 1657184924 | | 10.10.10.19 | 993 | ESTABLISHED
waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | S | 1657185139 | | 13.107.42.14 | 443 | ESTABLISHED
waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | S | 1657185139 | | 13.107.42.14 | 443 | ESTABLISHED
waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | S | 1657185139 | | 87.248.119.252 | 443 | ESTABLISHED
waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | /tmp/.mount_waterfjpzMfx/usr/bin/waterfox-g4 | S | 1657185139 | | 52.35.251.160 | 443 | ESTABLISHED
ssh | /usr/bin/ssh | ssh root@messagerie.algerian-radio.dz -p 44044 | S | 1657186761 | | 10.10.10.19 | 44044 | ESTABLISHED
ssh | /usr/bin/ssh | ssh root@messagerie.algerian-radio.dz -p 44044 | S | 1657186761 | | 10.10.10.19 | 44044 | ESTABLISHED
ssh | /usr/bin/ssh | ssh serveur@messagerie.algerian-radio.dz -p 44044 | S | 1657186761 | | 10.10.10.19 | 44044 | ESTABLISHED
ssh | /usr/bin/ssh | ssh root@messagerie.algerian-radio.dz -p 44044 | S | 1657186761 | | 10.10.10.19 | 44044 | ESTABLISHED
ssh | /usr/bin/ssh | ssh serveur@messagerie.algerian-radio.dz -p 44044 | S | 1657186761 | | 10.10.10.19 | 44044 | ESTABLISHED
osquery>
***** .mode csv
same as list with .separator set to ","
***** .mode pretty
default
**** date time functions
datetime(timestamp,'unixepoch')
**** write results to a files
.headers on
.mode column
.once query_results.txt (only one query)
.output query_results.txt
.output (revert to stdout)
**** queries
****** join
SELECT fields... FROM T1 JOIN T2 USING field
*** postgres
**** links
https://pinboard.in/u:winks/t:postgresql/
https://pinboard.in/u:winks/t:postgres/
**** connexion
root ne peut pas se connecter.
il faut se connceter avec l'utilisateur système postgres, sans mot de pass
$ su postgres -c psql
ou bien
$ su postgres
$ psql
**** connexion en tant qu'un autre utilisateur
il faut ajouter l'option -h
root#cloud 15:05:00 /var/www/nextcloud # psql -U nextcloud -W
Password:
psql: FATAL: Peer authentication failed for user "nextcloud"
root#cloud 15:05:14 /var/www/nextcloud # psql -U nextcloud -W -h localhost
Password:
psql: FATAL: database "nextcloud" does not exist
root#cloud 15:08:33 /var/www/nextcloud #
**** création d'un nouvel utilisateur (role)
en tant qu'utilisateur postgres, faire :
$ createuser --interactive -P
**** \d[ump]u[sers]
\du
**** \l[ist databases]
\l
**** \d[escribe] table
\d table will describe table
\d+ table will add internal details
**** \d[escribe]t[ables]
\dt
**** show current user/database
\conninfo
**** create a new database
$ createdb -U nextcloud -h localhost nextcloud
**** turn off the pager
pset pager off
**** authentication methods
***** overview
local connections : peer authentication
remote connections : password authentication
other methods : require 3rd party security infrastructure or are platform specific.
***** pg_hba.conf
****** role
This is the file that specifies how clients may connect (h[ost] b[ased] a[uthentication])
****** structure
connection type : local (unix sockets) / host (TCP/IP)
client IP range (if it applies)
database name : all = *, sameuser, samerole. Multiple database names may be separated by commas.
user name : all = *, multiple users may be separated by commas.
authentication method : peer, trust, password
***** peer
When peer is chosen, the username is taken from the OS.
if the username is connected to the OS, he is granted access to the DB.
**** privileges
***** list of privilege
select, insert, update, delete, truncate, trigger
create : schemas for databases, objects inside schemas, tables indices for tablespaces
connect :
execute :
usage :
references : allows creation of FK
all : all the privileges
***** owner
has all the rights
**** change the owner of multiple objects at a time
REASSIGN OWNED BY nextcloud TO oc_theboss;
This will reassign tables, sequences, views etc of all objects in current database.
**** write results to file
\o out.txt
\o to get output back to stdout
**** convert integers (16291029) to timestamps (2021-03-05 11:02:33)
to_timestamp(integer)
**** select uniq / select distinct
select distinct <fields>, from <table> [...]
**** run query from command line
psql [connection string] -c[command] "query"
**** listen to connections from outside
listen_addresses = 'localhost' -> listen_addresses = '*'
dans
/etc/postgresql/11/main/postgresql.conf
*** mysql
**** status information
***** show full processlist
list les threads de mysql avec la requête en cours, l'état de la requête, et le temps, exprimé en secondes, pendant lequel le process est resté dans cet état.
show full processlist\G : le \G permet d'avoir un meilleur affichage lorsque les lignes sont très longues.
***** show engine innodb status\G
trouvé sur SO
à creuser.
<from howm :: mysql>
show engine innodb status\G
---------------------------
Pour diagnostic
**** engines
***** The MyISAM Engine
No support for FK
No support for transactions
Don't use it[1]
[1] #mysql
[14:09] <ychaouche> I wonder what's a good usage of MyISAM tables. No foreign key support, no transcations.
[14:09] <thumbs> ychaouche: none
[14:09] <Isotopp> never use myisam, too
***** Migration from MyISAM to InnoDB
According to : https://dev.mysql.com/doc/refman/5.7/en/converting-tables-to-innodb.html
key_buffer_size was 16 Mb, will keep it that way
innodb_buffer_pool_size is 128Mb, will keep it that way
Now we have to COMMIT or ROLLBACK each time we change a table, or else a transcation may stay astray and eventually slow down the system.
Don't rollback a million rows, just trancate the table and start over.
autocommit should be set to 0. One should commit after a number of inserts/updates/deletes instead of one commit for each operation, to save I/O.
Even selects open transactions !
set innodb_file_per_table to ON, this will create one file per table and help the OS reclaim free disk space from truncated and deleted tables.
To convert an existing table : ALTER TABLE table_name ENGINE=InnoDB;
**** variables
show variables like <pattern>
**** writing queries
***** JOINS
****** whatis
used to combine data from two (or more) tables based on shared/common columns, called the join key or common key.
****** types of joins
LEFT means include all results from left table
RIGHT means include all results from right table
INNER is an intersection
OUTER is a union
CROSS is match every row from left with every row from right.
****** join syntax
1. select <> from t1 JOIN t2 USING (field) -- parens are mandatory
1. select <> from t1 JOIN t2 ON t1.field = t2.field
***** COUNT
COUNT(column) counts the number of rows where column isn't NULL.
COUNT(*) counts the number of rows.
***** UPDATE
UPDATE table_name SET column1 = value1, column2 = value2 WHERE condition
**** login
mysql --defaults-extra-file=<file>
file is typically :
[mysql]
username=<username>
password=<password>
chmod 600 <file>.
**** change user password
mysql> SET PASSWORD FOR 'backup'@'localhost' = PASSWORD("...");
mysql> FLUSH PRIVILEGES
** working with packages
*** debian
**** mise à jours
***** Lister les updates sans les installer
Source : http://unix.stackexchange.com/a/188014/22046
Problème : elle n'affiche pas toutes les descriptions.
Ajouté au bashrc : Oui, fonction updatable_packages
Aide sur IRC : utiliser
Code :
(function a { read input;dpkg -l ${input} | grep " ${input} " | awk '{$1=$2=$3=$4=$5=$6="";print $0 }' | sed 's/^ */,/';unset input;};{ apt-get --just-print upgrade 2>&1 | perl -ne 'if (/Inst\s([\w,\-,\d,\.,~,:,\+]+)\s\[([\w,\-,\d,\.,~,:,\+]+)\]\s\(([\w,\-,\d,\.,~,:,\+]+)\)? /i) {print "$1 ,$2, $3 \n"}';} | while read -r line; do echo -en "$line $(echo $line | awk '{print $1}' | a )\n"; done;) > /tmp/updates.csv
***** Mises à jour auto
You need two softwares : unattended-upgrades and apt-listchanges
Edit conf files of both at /etc/apt/apt.conf.d/50unattended-upgrades and 20auto-upgrades and 02periodic and /etc/apt/listchanges.conf
Quand il peut pas installer un paquet
-------------------------------------
Vérifier les sources : elles doivent contenir buster-update et buster tout court.
***** mise à jour de la distro
1. apt-get dist-upgrade pour déjà être au top de la distro courante
2. reboot
3. mettre les repos de la prochaine distro
(ne pas sauter de distro)
dans /etc/apt/sources.list
4. reprendre à 1 jusqu'à ce qu'on soit à la version la plus à jour.
**** rechercher
***** rechercher un paquet installé par motif
dpkg/dpkg-query -l *pattern* liste les paquets dont le nom ressemblent à pattern
***** quel paquet fournit cette commande / ce fichier
dpkg/dpkg-query -S *pattern*
**** lister
***** afficher tous les paquets installés
dpkg-query -l
dpkg -l
***** lister tous les fichiers installés par un paquet
dpkg -L packagename
dpkg-query -L packagename
***** lister tous les fichiers d'un paquet non installé
apt-file show <packagename>
***** lister les fichiers d'un paquet .deb
dpkg -c <package.deb>
***** lister les paquets cassés
apt-get check
**** vérifications
***** how to inspect a .deb package?
les paquets sont des archives au format ar, utiliser la commande ar pour extraire le fichier data.tar.xz comme ceci :
ar xvf <packet.deb> data.tar.xz
puis inspecter à l'aide de tar vJf l'archive data.tar.xz
AUTRE METHODE
On peu extraire directement vers un réperoire avec ar pvf <paquet.deb> data.tar.xz | tar Jvx -C <target-directory>
en effet, p[rint] va rediriger la sortie de ar vers la sortie de standard, de telle sorte à ce que tar puisse lire directement.
par exemple :
ar fp libssl-dev_1.1.0l-1~deb9u4_amd64.deb data.tar.xz | tar Jvx -C libssl-dev_1.1/
***** vérifier l'intégrité des paquets
****** commande et sortie
dpkg -V en tant root (sans argument)
explication de la sortie :
1. seulement les fichiers pour lesquels un test a échoué sont affichés
2. une série de 9 caractères sont affichés, un pour chaque test.
3. ? = le test n'a pas pu être fait.
. = test ok
[:alnum:] = code d'erreur
****** utilité
si la machine est déjà compromise, il ne sert à rien de lancer cette commande.
ce qu'il faudrait c'est que les hashs soient comparés avec un autre système réputé sain.
***** lister les paquets cassés
apt-get check
**** cancel changes to conf files
dpkg --force-confnew
**** infos
***** why did this package got installed?
aptitude why
ou bien
apt-cache rdepends <package>
ou bien
apt rdepends <package> affichera les paquets qui ont pu installé celui-ci, soit
comme dépendance, soit comme suggestion (recommendation)
***** infos sur un paquet .deb
dpkg --infos <package.deb>
***** show only the description of package in the output of apt-cache show <packagename>
apt-cache show <package> | grep-dctrl -s Description-en -
grep-dctrl is a grep that is specialized to apt files format.
it is provided by the dctrl-tools package
***** à quel paquet appartient ce fichier ?
dpkg/dpkg-query -S /path/vers/fichier
***** est-ce que ce paquet est installé
dpkg-query -W <pattern> : show any (installed) package matching pattern
dpkg / dpkg-query -s <name> : show description of a specific package
***** y a-t-il des paquets qui utilisent des fichiers dans ce dossier ?
dpkg/dpkg-query -S /path/vers/dossier
exemple:
root#ychaouche-PC 13:43:19 /usr/lib/debug/usr/lib # dpkg -S /usr/lib/debug/
kate-dbg, kdelibs5-dbg, kde-baseapps-dbg, konsole-dbg, kde-runtime-dbg, libqt4-dbg:amd64, libgmime-2.6-0-dbg, libc6-dbg:amd64: /usr/lib/debug
root#ychaouche-PC 13:44:59 /usr/lib/debug/usr/lib #
***** afficher l'état de tous les paquets matchant un pattern
dpkg -l <pattern>
dpkg-query -l <pattern>
***** afficher les dépendances d'un paquet
apt-cache depends <packagename>
***** lister les paquets cassés
apt-get check
**** suppression
***** forcer la suppression d'un paquet
dpkg --force-all --remove <package> [1]
[1] https://wiki.debian.org/DebianPackageManagement#line-271
***** remove unused packages
apt-get autoremove
**** erreurs et solutions
***** This must be accepted explicitly before updates for this repository can be applied. see apt-secure(8) manpage for details.
you need to run apt-get update with the --allow-releaseinfo-change flag
**** installer des paquets avec symboles de débogage
ajouter cette source à sources.lst
deb http://deb.debian.org/debian-debug/ buster-debug main
puis installer le paquet avec le suffixe -dbgsym
**** installer un .deb
dpkg -i paquet.deb
installer les dépendances d'abord.
*** snaps
voir * by name
** working with terminals
*** get the /dev/pts/? associated with the current virtual terminal
use tty
like this
ychaouche#ychaouche-PC 10:00:29 ~ $ tty
/dev/pts/7
ychaouche#ychaouche-PC 10:00:30 ~ $
*** asciinema
pv -q[uiet] -L[imit] 2000[bytes/s] file.vt
this will just slowly print the contents of file to stdout.
** working with users
*** adding users
**** always use adduser
mnemonic :
- it starts with an a.
- you want to add a user
useradd : bas niveau, ne pas utiliser.
adduser : haut niveau, à utiliser, même pour ajouter un user existant à un group existant.
**** system users
***** Pour ajouter un utilisateur system
adduser --system username
***** difference avec un utilisateur ordinaire
System users are used by daemons,
do not have homes nor login shells.
**** add to a group
adduser user --ingroup group
*** ajouter un utilisateur existant à un groupe existant
adduser <user> <group>
or
newgrp <group>, which doesn't require logout/login
*** supprimer un utiliasteur d'un group
** working with kernel modules
*** add/remove modules
modporbe to add
modprobe -r to remove
*** list modules
lsmod
*** module info
modinfo
*** show modules dependency
modprobe --show-depends
** working with services
*** sysvinit
**** disable/enable services at boot time
***** update-rc.d
update-rc.d <service-name> disable/enable
# update-rc.d lsyncd disable
# ls /etc/rc?.d/*lsyncd
lrwxrwxrwx 1 root root 16 May 20 07:55 /etc/rc0.d/K01lsyncd -> ../init.d/lsyncd
lrwxrwxrwx 1 root root 16 May 20 07:55 /etc/rc1.d/K01lsyncd -> ../init.d/lsyncd
lrwxrwxrwx 1 root root 16 May 20 07:55 /etc/rc2.d/K01lsyncd -> ../init.d/lsyncd
lrwxrwxrwx 1 root root 16 May 20 07:55 /etc/rc3.d/K01lsyncd -> ../init.d/lsyncd
lrwxrwxrwx 1 root root 16 May 20 07:55 /etc/rc4.d/K01lsyncd -> ../init.d/lsyncd
lrwxrwxrwx 1 root root 16 May 20 07:55 /etc/rc5.d/K01lsyncd -> ../init.d/lsyncd
lrwxrwxrwx 1 root root 16 May 20 07:55 /etc/rc6.d/K01lsyncd -> ../init.d/lsyncd
#
***** rcconf
rcconf uses a zenity gui to configure the startup of services at bootime
** working with alternatives
*** voir les alternatives à une commande
--query <command>
exemple :
ychaouche#ychaouche-PC 13:26:03 /usr/share/man $ update-alternatives --query pager
Name: pager
Link: /usr/bin/pager
Slaves:
pager.1.gz /usr/share/man/man1/pager.1.gz
Status: auto
Best: /usr/bin/lv
Value: /usr/bin/lv
Alternative: /bin/less
Priority: 77
Slaves:
pager.1.gz /usr/share/man/man1/less.1.gz
Alternative: /bin/more
Priority: 50
Slaves:
pager.1.gz /usr/share/man/man1/more.1.gz
Alternative: /usr/bin/lv
Priority: 80
Slaves:
pager.1.gz /usr/share/man/man1/lv.1.gz
Alternative: /usr/bin/most
Priority: 60
Slaves:
pager.1.gz /usr/share/man/man1/most.1.gz
Alternative: /usr/bin/pg
Priority: 10
Slaves:
pager.1.gz /usr/share/man/man1/pg.1.gz
ychaouche#ychaouche-PC 13:28:09 /usr/share/man $
*** changer l'alternative à une commande
sudo update-alternatives --config <command> (TUI)
** working with A/V files
*** working with mp3 files
**** cutting
***** general note about mp3cut
mp3cut -o option MUST precede all others.
***** Skip first seconds
mp3cut -o output.mp3 -t 00:00:00- input.mp3
***** Trim last seconds
mp3cut -o output.mp3 -t -00:00:00 input.mp3
***** From-To
mp3cut -o output.mp3 -t 00:00:00-00:00:00 input.mp3
**** sound gain
mp3gain :
-g n : apply gain of n
-u : undo changes
-r : all files set to same loudness
-a : normalize album loudness, but files keep their relative loudness (the louder are still louder)
use like this:
mp3gain -g 5 sound.mp3
*** adding bgm
**** command
avconv -i video.in -i audio.in video.out
**** video w/ audio
add -filter_complex "amix=duration=shortest"
example :
avconv -i file:///home/ychaouche/MUSIQUE/SMALLCHUNKS/roserouge-22db-02\:24_stgermain.mp3 -i ~/VIDEOS/SCREENCASTS/audiomon-withdates.mkv -filter_complex "amix=duration=shortest" ~/VIDEOS/SCREENCASTS/audiomon-withdates-music.mkv
**** video w/o audio
add -shortest.
REM : l'option -shortest seul ne va pas mixer les deux sons (video + mp3) mais grader un seul (soit vidéo soit mp3)
*** Extracting audio from a video file
**** old
You need to specify exactly the same extension to the output file as the one you see in the input file.
Then use the follwing two options :
- -map 0:1 if the audio is in 0:1 (avprobe to check)
- -c:a copy : copy the audio codec.
Like this :
avconv -i ~/VIDEOS/SCREENCASTS/libreofficemacrosbgm.mp4.mp4 -map 0:1 -c:a copy extractedaudio.ac3
**** new
two steps :
1/ detect the audio format with avprobe
2/ use -c:a and specify the same extension as the input file
example :
avconv -i u2_lamp.mp4 -c:a copy u2_lamp.aac
*** get duration of a media
avprobe -v error -show_format_entry duration -sexagesimal file.mp4
the -v error will get rid of most output
-show_format_entry duration will output duration only
-sexagesimal will print in HH:MM:SS form instead of number of seconds.
*** capture desktop sound ?
using audacity, see this screen capture : ~/IMAGES/SCREENSHOT/audacityrecorddesktopsounds.jpg
Audio host : choisir Alsa
Output device : pulse est choisi chez moi
Input device : Headphone Mic:1 est choisi chez moi
*** test the microphone ?
Using audacity, click on the microphone vuemeter, it will activate it. Change input source if necessary.
If that's not working, run alsamixer and change the input source there ! (yes sometimes that works)
What works on my particular config :
in alsamixer : input source = headset mic
in audacity : input source = sysdefault : headphone mic:0
Le mieux pour la capture sonor c'est de mettre capture et capture 1 à 100% dans alsamixer.
If that doesn't work, unplug/re-plug the headphones.
2023-05-02 at 11:23:19
As of today,
here's what works:
https://imgur.com/a/nMFj2ZL
in alsamixer
- input source = headset mic
- desaturate the gains
in audacity
- input source = HDA Intel PCH HW:0,0 Headphone Mic:0
** working with images
*** get dimensions/geometry of an image
identify <image> (works on most formats)
file <image> (works on some formats)
ychaouche#ychaouche-PC 08:53:12 ~/DOWNLOADS/APPS/firefox $ file ~/TMP/b668d036.png
/home/ychaouche/TMP/b668d036.png: PNG image data, 240 x 215, 8-bit/color RGBA, non-interlaced
ychaouche#ychaouche-PC 08:55:21 ~/DOWNLOADS/APPS/firefox $
*** convert images to pdf
this is restricted by /etc/Imagemagick/policy.xml
Edit the file to enable conversion to pdf.
convert <images> output.pdf
*** convert pdfs to image
same as ** convert images to pdf except use -density 300 to get sharp text.
*** resize image
convert -resize 50% <in> <out>
*** optimizing/reducing GIF size
resize it:
convert source.gif -resize 50% destination.gif
reduce the number of colors:
gifsicle <input.gif> > <output.gif> --colors 256
select one frame every n frames
gifsicle in.gif \#{1..47..5} > out.gif
will select one out of every 5 frames
the # must be escaped.
the number of frames can be obtained with av.image.frames
add delay
gifsicle -b -d c <image.gif> #inplace modification
-b : batch operations (on every frame)
-d : delay
c : centiseconds
to get the delay in the original gif
identify -format "%T+" <orig.gif>
+ is just a separator
it can be anything else.
%T is the delay
*** extract text from images :: OCR
tesseract <image input file> <outputwithoutthe.txtextension>
*** convert images to ascii art
jp2a
-i --invert
--colors
--width=
--height=
*** identify -format formats
\ backslash, the next character is literal and not subject to interpretation
\n newline
\r carriage return
< less-than character.
> greater-than character.
& ampersand character.
%% a percent sign
%b file size of image read in (use -precision 16 to force results in B)
%c comment meta-data property
%d directory component of path
%e filename extension or suffix
%f filename (including suffix)
%g layer canvas page geometry (equivalent to "%Wx%H%X%Y")
%h current image height in pixels
%i image filename (note: becomes output filename for "info:")
%k CALCULATED: number of unique colors
%l label meta-data property
%m image file format (file magic)
%n number of images in current image sequence, report once per frame
%o output filename (used for delegates)
%p index of image in current image list
%q quantum depth (compile-time constant)
%r image class and colorspace
%s scene number (from input unless re-assigned)
%t filename without directory or extension (suffix)
%u unique temporary filename (used for delegates)
%w current width in pixels
%x x resolution (density)
%y y resolution (density)
%z image depth (as read in unless modified, image save depth)
%A image transparency channel. Values include Undefined (no transparency channel), Blend, Copy, or Update.
%B file size of image read in bytes
%C image compression type
%D image GIF dispose method
%G original image size (%wx%h; before any resizes)
%H page (canvas) height
%M Magick filename (original file exactly as given, including read mods)
%N number of images in current image sequence, report once per image sequence
%O page (canvas) offset ( = %X%Y )
%P page (canvas) size ( = %Wx%H )
%Q image compression quality ( 0 = default )
%S ?? scenes ??
%T image time delay (in centi-seconds)
%U image resolution units
%W page (canvas) width
%X page (canvas) x offset (including sign)
%Y page (canvas) y offset (including sign)
%Z unique filename (used for delegates)
%@ CALCULATED: trim bounding box (without actually trimming)
%# CALCULATED: 'signature' hash of image values
*** convert webp to png
convert won't work
you need to install webp
then use dwebp to decompress it,
and -o to save the result to a png file
dwebp image.webp -o image.png
*** get the number of frames in a gif
identify image.gif
identify -format "%n" image.gif
** working with binaries
*** which loader does this binary need?
$ readelf -l myapp | grep interpreter
[Requesting program interpreter: /lib/ld-linux.so.2]
*** print which loader does this binary runs
patchelf --print-interpreter <bin>
*** print rpath variable
patchelf --print-rpath <bin>
ou bien readelf -a/d chercher la variable runpath
0x000000000000001d (RUNPATH) Library runpath: [/snap/core18/current/lib/x86_64-linux-gnu/]
** working with printers
*** listing printers
lpstat -a
16:49:13 ~ -1- $ lpstat -a
hpitsysnet accepting requests since Sun 14 Feb 2021 11:19:39 AM CET
hpitsysnet_samba_pw accepting requests since Tue 27 Feb 2024 09:34:30 AM CET
rai accepting requests since Mon 18 May 2020 11:41:48 AM CET
X548-Series accepting requests since Mon 21 Mar 2022 03:48:34 PM CET
17:00:12 ~ -1- $
*** printing
lpr -P<printer_name> document.pdf
(tested, works)
** network
*** geoip fencing
**** at the kernel level
***** step 1 : install the requirements
apt install xtables-addons-dkms libtext-csv-xs-perl
dkms : dynamic kerenl module support (load modules which code isn't the kernel)
***** step 2 : build the geoip database
mkdir -p /usr/share/xt_geoip/
cd /usr/share/xt_geoip/
/usr/lib/xtables-addons/xt_geoip_dl
/usr/lib/xtables-addons/xt_geoip_build -D . *.csv
***** step 3 : load the xt_geoip kernel module
modprobe xt_geoip
lsmod | grep xt_geoip
***** step 4 : change firewall rules with cctld
for example :
set a policy that drops everything by default
root@messagerie[192.168.100.20] ~ # cat /etc/shorewall/policy
[...]
$FW net ACCEPT
net $FW DROP
then set exception rules to allow incoming connections from Algeria
root@messagerie[192.168.100.20] ~ # cat /etc/shorewall/rules
ACCEPT net:^[DZ] $FW all
**** at nginx level
***** source
https://www.howtoforge.com/nginx-how-to-block-visitors-by-country-with-the-geoip-module-debian-ubuntu
***** steps
****** make sure nginx is compiled with geoip support
nginx -V 2>&1 | sed -E s/--/'\n'/g | grep geoip
****** install the geoip-database
either
apt-get install geoip-database libgeoip1
or
curl http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz | gunzip > /usr/share/GeoIP/GeoIP.dat [u]
****** use the $geoip_country variable and the map function
******* in nginx.conf
locate the http block and add the following before any include [Q]
http {
[...]
geoip_country /usr/share/GeoIP/GeoIP.dat;
map $geoip_country_code $allowed_country {
default no;
DZ yes;
}
[...]
}
This will set the $allowed_country variable to no,
except for algerian IPs.
******* in the vhost conf
locate the server block and add
[...]
if ($allowed_country = no) {
redirect https://http.cat/403 [u]
# return 444;
}
[...]
**** see also
~/howm/2018/03/2018-03-25-095648.txt
*** Tunnels
ssh passerelle -L portlocal:destination:portdest
Si je veux accéder à un port de la passerelle, destination sera localhost et localhost sera donc la passerelle et pas ma propre machine.
Si je veux accéder à une autre machine, je met son addresse IP dans le schéma d'addressage de la passerelle (LAN de la passerelle).
Exemple : accéder depuis ma machine vers la machine proxy qui n'est pas accessible directement, en passant par proxmox.
ssh root@pve.radioalgerie.dz -p 5022 -L 5023:10.250.20.30:22 -N
Je peux maintenant accéder par ssh (port 22) à la machine 10.250.20.30 (proxy) en me connectant localement sur le port 5023, comme ceci :
ychaouche#ychaouche-PC 13:30:26 ~/DOWNLOADS/TOOLS $ ssh root@localhost -p 5023
Enter passphrase for key '/home/ychaouche/.ssh/id_rsa':
Welcome to Ubuntu 16.04.6 LTS (GNU/Linux 5.3.10-1-pve x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
Last login: Sun Sep 6 12:26:12 2020 from 10.250.20.1
-bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
-bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
root@proxy1:~#
Tada !!
On va essayer maintenant le SCP.
ychaouche#ychaouche-PC 13:34:05 ~/DOWNLOADS/TOOLS $ scp -P 5023 root@localhost:/etc/nginx/sites-enabled/default /home/ychaouche/SRV/
Enter passphrase for key '/home/ychaouche/.ssh/id_rsa':
bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)
default 100% 4646 4.5KB/s 00:00
ychaouche#ychaouche-PC 13:34:20 ~/DOWNLOADS/TOOLS $
Re-tadaaa !!
*** remote command execution
**** executer une commande
ssh -t[ty] host command
l'option -t permet d'éviter les erreurs suivantes :
bash: cannot set terminal process group (-1): Inappropriate ioctl for device
bash: no job control in this shell
stty: standard input: Inappropriate ioctl for device
**** executer plusieurs commandes
ssh host "bash -s" < script
**** executer un alias
use ssh -t to force pseudo-tty allocation
ssh -t login@host "bash -ci <alias>"
13:58:17 ~ -1- $ net.host.messagerie.ssh -t "bash -ci sys.distro"
/root/.bashrc_common: line 321: net.ip.private: command not found
Debian GNU/Linux 8 \n \l
Connection to messagerie.algerian-radio.dz closed.
14:01:06 ~ -1- $
*** ip spoofing
voir ~/DATA/BACKUPS/NEWWIKI/data/pages-426/firewalltest.txt
hping3 <IP> -a <spoofed IP> -p <port> -S[yn]
*** file transfer & file sharing
**** fex
send and receive large files over the internet with last-byte resume capability.
**** filetea
share files through urls
**** how to copy the output of a command to a remote host
use cat like this
command | ssh host 'cat > file'
*** packet tracing
tctrace is A TCP traceroute, useful when ICMP is filtered by a firewal.
*** network configuration steps
**** 1. set static ip
ip addr add <address> dev <device>
**** 2. set default gateway
ip route add default via <gateway address>
**** 3. profit
**** 4. if you want to start afresh
ip addr flush <device>
*** Get NetBIOS name of an IP
**** command
nmblookup -A <IP>
**** output interpretation
10:39:43 /usr/share/man -1- $ nmblookup -A 192.168.211.86
Looking up status of 192.168.211.86
ITSNOWY <00> - B <ACTIVE>
WORKGROUP <00> - <GROUP> B <ACTIVE>
ITSNOWY <20> - B <ACTIVE>
WORKGROUP <1e> - <GROUP> B <ACTIVE>
WORKGROUP <1d> - B <ACTIVE>
..__MSBROWSE__. <01> - <GROUP> B <ACTIVE>
MAC Address = 08-2E-5F-07-88-19
10:49:12 /usr/share/man -1- $
first line :
ITSNOWY : name
<00> : suffix for workstation.
Other possible values :
<20> : File server
<01> : browser
<03> : messenger
<1B> : domain master browser
<1C> : domain controller
- : ?
: no group name
B : broadcast node type
other possible values :
P : point-to-point
M : Mixed (B then P)
H : Hybrid (P then B)
<ACTIVE> : successfully registered.
Other possible values :
<PERMANENT> : doesn't expire
*** collect DNS stats
dsc
*** ban an IP
shorewall ban|logdrop <IP>
to stop a connexion that was already established, use cutter
cutter
*** copy files to another machine and create intermedite parent folders
create a tar archive on the source machine
copy to dst machine
untar
I bet this can be done in a single operation (pipes)
*** probe a port from outside
use ipvoid.com
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment