4,452
edits
→User Accounts: remove user accounts section (moved) |
→Links: fail2ban |
||
(41 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
= Links = | |||
[[fail2ban]] | |||
[[Mirth Connect]] | |||
[[Web services]] | [[Web services]] | ||
[[ | [[User accounts]] | ||
[[Samba]] | |||
[[Disk management]] | [[Disk management]] | ||
Line 8: | Line 16: | ||
[[Network management]] | [[Network management]] | ||
[[Synergy]] | [[Synergy]] | ||
Line 16: | Line 22: | ||
[[OS X]] | [[OS X]] | ||
[[Hurd|Debian GNU/Hurd]] | |||
[[Slackware]] | [[Slackware]] | ||
[[Some differences between Debian/Ubuntu, RHEL/CentOS, and Slackware]] (WIP) | |||
[[Category:System administration]] | [[Category:System administration]] | ||
= | = Initial setup (for Ubuntu distribution) = | ||
== | == Set timezone == | ||
<syntaxhighlight lang="bash"> | |||
$ sudo timedatectl set-timezone America/Denver | |||
</syntaxhighlight> | |||
== Composer == | |||
{{testedon|2022-10-08|Ubuntu 22.04.1 LTS}} | |||
Composer is a PHP package management tool. Usually needed for setting up web application development environment. | |||
< | <syntaxhighlight lang="console"> | ||
$ | $ cd | ||
</ | $ mkdir bin | ||
$ cd bin | |||
$ wget https://private.michaelhan.net/getcomposer.txt | |||
$ mv getcomposer.txt getcomposer | |||
$ chmod u+x getcomposer | |||
$ ./getcomposer | |||
$ mv composer.phar composer | |||
</syntaxhighlight> | |||
=== SSH config for connection | |||
== SSH keys == | |||
{{testedon|2022-10-08|Ubuntu 22.04.1 LTS}} | |||
Create private/public SSH key file using the default bit encryption and with a comment. The command creates files under ~/.ssh folder. | |||
<syntaxhighlight lang="bash"> | |||
$ ssh-keygen -C user@host.domain | |||
</syntaxhighlight> | |||
== SSH config for connection == | |||
The config file ~/.ssh/config stores information about various SSH connections, and allows the definition of hostname, username, ports, and other settings. | The config file ~/.ssh/config stores information about various SSH connections, and allows the definition of hostname, username, ports, and other settings. | ||
< | <syntaxhighlight lang="html5"> | ||
Host hostname1 | Host hostname1 | ||
HostName hostname1.domain.com | HostName hostname1.domain.com | ||
User username1 | User username1 | ||
Port 1234 | Port 1234 | ||
</ | </syntaxhighlight> | ||
== Adding a user to sudoers list == | |||
<code>#includedir /etc/sudoers.d</code> should be at the end of /etc/sudoers file. | <code>#includedir /etc/sudoers.d</code> should be at the end of /etc/sudoers file. | ||
Line 54: | Line 87: | ||
Run <code>$ chmod 0440 filename</code> afterwards. | Run <code>$ chmod 0440 filename</code> afterwards. | ||
== Enable color prompt == | |||
On Ubuntu distribution of GNU/Linux, you can uncomment force_color_prompt = yes line to use color prompts. The following is my personal favorite color configuration for the prompt. | On Ubuntu distribution of GNU/Linux, you can uncomment force_color_prompt = yes line to use color prompts. The following is my personal favorite color configuration for the prompt. | ||
< | <syntaxhighlight lang="bash"> | ||
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u\[\033[01;30m\]@\[\033[00;36m\]\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' | PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u\[\033[01;30m\]@\[\033[00;36m\]\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' | ||
</ | </syntaxhighlight> | ||
== Enable byobu == | |||
< | <syntaxhighlight lang="bash"> | ||
$ byobu-enable | $ byobu-enable | ||
</ | </syntaxhighlight> | ||
== Update .vimrc == | |||
< | <syntaxhighlight lang="vim"> | ||
syntax on | syntax on | ||
set noexpandtab | set noexpandtab | ||
Line 97: | Line 130: | ||
autocmd FileType php nnoremap <C-p> :call PhpDocSingle()<CR> | autocmd FileType php nnoremap <C-p> :call PhpDocSingle()<CR> | ||
autocmd FileType php vnoremap <C-p> :call PhpDocRange()<CR> | autocmd FileType php vnoremap <C-p> :call PhpDocRange()<CR> | ||
</ | </syntaxhighlight> | ||
=== awesome-vim === | |||
For a preset of VIM development environment, awesome-vim is okay:<syntaxhighlight lang="bash"> | |||
$ git clone --depth=1 https://github.com/amix/vimrc.git ~/.vim_runtime | |||
$ sh ~/.vim_runtime/install_awesome_vimrc.sh | |||
</syntaxhighlight># Run inside vim: -- this will let you click and drag panes to resize or jump between (learning vim more and being able to jump panes | |||
<nowiki>#</nowiki> makes this unecessary, but i'm not that good yet.) | |||
<nowiki>:</nowiki>set mouse=a | |||
<nowiki>#</nowiki> So now some sections on easy key commands/shortcuts | |||
<nowiki>##</nowiki> Splitting VIM screen Horizontally and Vertically | |||
To open a new VIM window next to the existing one, press <Ctrl>+<w> then press <v>. | |||
<nowiki>##</nowiki> Move panes around vim (left/right or top/bottom) | |||
Ctrl w + L - Move the current window to the "far right" | |||
Ctrl w + H - Move the current window to the "far left" | |||
Ctrl w + J - Move the current window to the "very bottom" | |||
Ctrl w + K - Move the current window to the "very top" | |||
<nowiki>##</nowiki> Copying everything into clipboard | |||
gg"*yG | |||
<nowiki>##</nowiki> Indenting all the code | |||
<nowiki>#</nowiki> Still need to look into a more serious formatter like: | |||
<nowiki>https://github.com/vim-autoformat/vim-autoformat</nowiki> | |||
gg=G | |||
<nowiki>#</nowiki> AwesomeVIM Leader Key Shortcut | |||
You'll see vim plugins mention <leader>, that <leader> for awesome view is "," so whenever you see leader hit that key. | |||
<nowiki>##</nowiki> phpunit | |||
=== Set up environment for web development | <nowiki>###</nowiki> Set the path of phpunit (most cases for me, vendor/bin/phpunit) | ||
let g:phpunit_bin = 'phpunit' | |||
<nowiki>###</nowiki> Shortcuts | |||
<leader>ta - Run all test cases | |||
<leader>ts - Switch between source & test file | |||
<leader>tf - Run current test case class | |||
<nowiki>#</nowiki> Folding | |||
`zo` to open folding | |||
`zc` to close folding | |||
<nowiki>#</nowiki> NerdTREE | |||
<leader>nn - Toggles NerdTREE | |||
While inside NerdTREE hit "m" to do a number of modifications from renaming, deleting or adding files. | |||
== Set up environment for web development == | |||
Install the LAMP stack | Install the LAMP stack | ||
< | <syntaxhighlight lang="bash"> | ||
$ sudo apt-get install tasksel | $ sudo apt-get install tasksel | ||
$ sudo tasksel install lamp-server | $ sudo tasksel install lamp-server | ||
</ | </syntaxhighlight> | ||
Install git and other PHP related extensions | Install git and other PHP related extensions | ||
< | <syntaxhighlight lang="bash"> | ||
$ sudo apt-get install git php5-mcrypt php5-xdebug php5-intl | $ sudo apt-get install git php5-mcrypt php5-xdebug php5-intl | ||
</ | </syntaxhighlight> | ||
=== .gitconfig === | |||
< | <syntaxhighlight lang="html5"> | ||
[core] | [core] | ||
editor = vim | editor = vim | ||
Line 143: | Line 244: | ||
[merge] | [merge] | ||
defaultToUpstream = true | defaultToUpstream = true | ||
</ | </syntaxhighlight> | ||
== Change default shell == | == Change default shell == | ||
< | <syntaxhighlight lang="bash"> | ||
$ chsh | $ chsh | ||
</ | </syntaxhighlight> | ||
== Edit passwd files == | == Edit passwd files == | ||
< | <syntaxhighlight lang="bash"> | ||
$ sudo vipw | $ sudo vipw | ||
</ | </syntaxhighlight> | ||
= | = RHEL-specific = | ||
[[RHEL]]-specific notes | |||
Optimize using Tuned. Optimize for general performance. | |||
<syntaxhighlight lang="bash"> | |||
# tuned-adm profile throughput-performance | |||
</syntaxhighlight> | |||
Optimize for KVM | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
# tuned-adm profile throughput-performance | |||
</syntaxhighlight> | </syntaxhighlight> | ||
= | = Debian/Ubuntu-specific = | ||
[[Ubuntu]]-specific notes | |||
== Security == | |||
* Install 'denyhosts' to help protect against brute force SSH attacks, auto-blocking multiple attempts. | |||
== Update the server == | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
$ | $ sudo apt update && sudo apt -y full-upgrade && sudo apt-get -y autoremove | ||
</syntaxhighlight> | </syntaxhighlight> | ||
= | == Reconfigure console font == | ||
<syntaxhighlight lang="bash"> | |||
< | $ dpkg-reconfigure console-setup | ||
$ | </syntaxhighlight> | ||
</ | |||
== Change the default editor == | |||
Used by visudo and other programs for invoking an editor. | |||
= | <syntaxhighlight lang="bash"> | ||
$ sudo update-alternatives --config editor | |||
</syntaxhighlight> | |||
== Change time zone == | |||
$ | <syntaxhighlight lang="bash"> | ||
$ dpkg-reconfigure tzdata | |||
</syntaxhighlight> | |||
== Kill other user terminal sessions == | |||
*Tested on: Ubuntu 14.04.5 Trusty | |||
Sometimes it is necessary to kill other remote sessions that have been '''zombified'''. | |||
* First determine your own shell | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
$ | $ tty | ||
</syntaxhighlight> | </syntaxhighlight> | ||
* Show all of your running processes | |||
<syntaxhighlight lang=" | <syntaxhighlight lang="console"> | ||
$ | $ ps -fu mhan | ||
UID PID PPID C STIME TTY TIME CMD | |||
mhan 21580 21469 0 19:02 ? 00:00:00 sshd: mhan@pts/2 | |||
mhan 21581 21580 0 19:02 pts/2 00:00:00 -bash | |||
mhan 21607 21581 0 19:02 pts/2 00:00:00 screen | |||
mhan 21608 21607 0 19:02 ? 00:00:00 SCREEN | |||
mhan 21609 21608 0 19:02 pts/3 00:00:00 /bin/bash | |||
mhan 21939 21609 0 19:06 pts/3 00:00:00 ps -fu mhan | |||
mhan 21580 21469 0 19:02 ? 00:00:00 sshd: mhan@pts/2 | |||
</syntaxhighlight> | </syntaxhighlight> | ||
* If I want to kill pts/2 then the PID to kill is 21580. | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
$ | $ kill -HUP 21580 | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Reference: https://kb.iu.edu/d/adqw (accessed on 10/5/2017) | |||
== Setting niceness (aka priority) on Linux processes == | == Setting niceness (aka priority) on Linux processes == | ||
Line 235: | Line 352: | ||
As an example, let's say the process of interest is ''qemu-system-arm''. You have to find out what PID (Process ID) is first. | As an example, let's say the process of interest is ''qemu-system-arm''. You have to find out what PID (Process ID) is first. | ||
< | <syntaxhighlight lang="bash"> | ||
$ pidof qemu-system-arm | $ pidof qemu-system-arm | ||
3016 | 3016 | ||
</ | </syntaxhighlight> | ||
Then check what the current nice value of the process is: | Then check what the current nice value of the process is: | ||
< | <syntaxhighlight lang="bash"> | ||
$ ps -o pid,comm,nice -p 3016 | $ ps -o pid,comm,nice -p 3016 | ||
PID COMMAND NI | PID COMMAND NI | ||
3016 qemu-system-arm 0 | 3016 qemu-system-arm 0 | ||
</ | </syntaxhighlight> | ||
According to the output, the nice value of ''qemu-system-arm'' is 0. We want to '''decrease''' the nice value to dedicate more CPU time to it. However, you need sudo privilege in order to give a negative value for a nice value, even though you do not need such privilege for increasing the nice value to something above 0. Here we decrease it to -10. | According to the output, the nice value of ''qemu-system-arm'' is 0. We want to '''decrease''' the nice value to dedicate more CPU time to it. However, you need sudo privilege in order to give a negative value for a nice value, even though you do not need such privilege for increasing the nice value to something above 0. Here we decrease it to -10. | ||
< | <syntaxhighlight lang="bash"> | ||
$ sudo renice -10 -p 3016 | $ sudo renice -10 -p 3016 | ||
</ | </syntaxhighlight> | ||
To set a permanent priority on all processes for a specific user or a group you can update ''/etc/security/limits.conf'' file. | To set a permanent priority on all processes for a specific user or a group you can update ''/etc/security/limits.conf'' file. | ||
Line 261: | Line 378: | ||
<references/> | <references/> | ||
= | == Tips == | ||
* 'etckeeper' allows you to save changes you make to /etc/ in a bazaar repository. Useful to track and revert changes. https://help.ubuntu.com/11.10/serverguide/C/etckeeper.html | |||
= Basic = | |||
== Pull a random line from a log == | |||
<syntaxhighlight lang="console"> | |||
$ shuf -n 1 /etc/pihole/gravity.list | |||
</syntaxhighlight> | |||
== Viewing of the log in real time == | |||
<syntaxhighlight lang="bash"> | |||
$ tail -f /var/log/some.log | |||
</syntaxhighlight> | |||
[[Multitail]] | |||
== Change to previous folder == | |||
This changes the folder to the previous folder you were in. | |||
=== | <syntaxhighlight lang="bash"> | ||
$ cd - | |||
</syntaxhighlight> | |||
== Check disk space usage == | |||
You can check the file space usage with the command <span class="package">du</span>. | |||
<syntaxhighlight lang="bash"> | |||
$ du -h | |||
</syntaxhighlight> | |||
== Check disk space left == | |||
= | <span class="package">df</span> is for checking the amount of disk space used and available on file systems. | ||
== | <syntaxhighlight lang="bash"> | ||
$ df -h | |||
</syntaxhighlight> | |||
== Disable Ctrl-Q freeze == | |||
<syntaxhighlight lang="bash"> | |||
$ stty -ixon | |||
</syntaxhighlight> | |||
== Enable SSH public key authentication with an encrypted home folder == | |||
''Last tested on Ubuntu 16.04 LTS'' | |||
<syntaxhighlight lang="bash"> | |||
$ /sbin/umount.ecryptfs_private | |||
$ cd $HOME | |||
$ chmod 700 . | |||
$ mkdir -m 700 .ssh | |||
$ chmod 500 . | |||
$ echo $YOUR_REAL_PUBLIC_KEY > .ssh/authorized_keys | |||
$ /sbin/mount.ecryptfs_private | |||
</syntaxhighlight> | |||
== Remove some columns from an output == | |||
<syntaxhighlight lang="bash"> | |||
$ ls -l | awk '{print $3 " " $9}' | |||
</syntaxhighlight> | |||
== Make a backup without typing the full path twice == | |||
To make a backup without typing the full path twice with the suffix .orig | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
$ | $ cp /long/path/to/file/name{,.orig} | ||
</syntaxhighlight> | </syntaxhighlight> |