Difference between revisions of "John's Linux page"

From ProgClub
Jump to: navigation, search
(33 intermediate revisions by the same user not shown)
Line 8: Line 8:
  
 
Quick jump to: [[#NetBeans|NetBeans]].
 
Quick jump to: [[#NetBeans|NetBeans]].
 +
 +
= References =
 +
 +
== Command-line ==
 +
 +
See [https://zaiste.net/posts/shell-commands-rust/ Shell Commands I Wish I Knew Earlier] for some interesting options.
  
 
= System =
 
= System =
 +
 +
== Reporting system specifications from the command-line ==
 +
 +
Try any of these:
 +
 +
# neofetch
 +
# inxi
 +
# hwinfo --short
 +
 +
You may need to install the relevant package.
  
 
== Determining which Debian/Ubuntu release your are running ==
 
== Determining which Debian/Ubuntu release your are running ==
Line 30: Line 46:
  
 
  $ uname -a
 
  $ uname -a
 +
 +
== Determining which Linux kernel you are running ==
 +
 +
$ uname -r
  
 
== Configuring system swappiness ==
 
== Configuring system swappiness ==
Line 46: Line 66:
  
 
  # lshw
 
  # lshw
 
And for CPUs:
 
 
# lscpu
 
  
 
And for PCI devices:
 
And for PCI devices:
Line 83: Line 99:
 
  Info:      Processes: 355 Uptime: 11 days Memory: 21198.3/32043.3MB Client: Shell (bash) inxi: 2.3.5
 
  Info:      Processes: 355 Uptime: 11 days Memory: 21198.3/32043.3MB Client: Shell (bash) inxi: 2.3.5
  
== Viewing syslog and other logs with KSystemLog ==
+
=== Motherboard info ===
 +
 
 +
# dmidecode -t 2
 +
 
 +
=== CPU info ===
 +
 
 +
# lscpu
 +
 
 +
or:
 +
 
 +
# cat /proc/cpuinfo
  
Run the 'KSystemLog' program under KDE for a handy log viewer GUI.
+
=== RAM info ===
  
= Power =
+
# dmidecode --type memory
  
== Reporting on PowerShield DEFENDER UPS status ==
+
=== PCI info ===
  
To see the status of the [https://powershield.com.au/powersheild_product/defender/ PowerShield DEFENDER] systems on John's LAN:
+
# lspci -v
  
$ upsc defender
+
=== Drive info ===
  
E.g.:
+
# cat /proc/partitions
  
jj5@orac:~$ upsc defender
+
and:
Init SSL without certificate database
 
battery.charge: 100
 
battery.voltage: 27.40
 
battery.voltage.high: 26.00
 
battery.voltage.low: 20.80
 
battery.voltage.nominal: 24.0
 
device.type: ups
 
driver.name: blazer_usb
 
driver.parameter.pollinterval: 2
 
driver.parameter.port: auto
 
driver.parameter.synchronous: no
 
driver.version: 2.7.4
 
driver.version.internal: 0.12
 
input.current.nominal: 5.0
 
input.frequency: 50.1
 
input.frequency.nominal: 50
 
input.voltage: 242.6
 
input.voltage.fault: 242.6
 
input.voltage.nominal: 240
 
output.voltage: 242.6
 
ups.beeper.status: disabled
 
ups.delay.shutdown: 30
 
ups.delay.start: 180
 
ups.load: 14
 
ups.productid: 5161
 
ups.status: OL
 
ups.type: offline / line interactive
 
ups.vendorid: 0665
 
  
== Run commands on PowerShield DEFENDER UPS batteries ==
+
# hdparm -I /dev/sda
  
You can run "instant commands" using the '''upscmd''' command.
+
and:
  
We use the 'beeper.toggle' instant command in our Salt Stack config to disable the beeper, see e.g.:
+
# smartctl --info /dev/sda
  
diligence:/srv/salt/conf/app/defender-1200.sls
+
You can check if a drive is SSD or not with:
  
To see "instant commands" supported by the PowerShield DEFENDER:
+
# cat /sys/block/sde/queue/rotational
  
  $ upscmd -l defender
+
  0=SSD
 +
1=HDD
  
E.g.:
+
== Viewing syslog and other logs with KSystemLog ==
  
jj5@orac:~$ upscmd -l defender
+
Run the 'KSystemLog' program under KDE for a handy log viewer GUI.
Instant commands supported on UPS [defender]:
 
 
beeper.toggle - Toggle the UPS beeper
 
load.off - Turn off the load immediately
 
load.on - Turn on the load immediately
 
shutdown.return - Turn off the load and return when power is back
 
shutdown.stayoff - Turn off the load and remain off
 
shutdown.stop - Stop a shutdown in progress
 
test.battery.start - Start a battery test
 
test.battery.start.deep - Start a deep battery test
 
test.battery.start.quick - Start a quick battery test
 
test.battery.stop - Stop the battery test
 
  
= Environment =
+
= CPU =
  
== Configuring vim as your editor ==
+
== Monitoring CPU clock speed ==
  
Sometimes all you need is:
+
Try something like this:
  
  $ export EDITOR=/usr/bin/vim
+
  $ watch 'grep MHz /proc/cpuinfo | awk "{ print \$4 }" | sort -n'
  
Which works for svn, for example. Add it to your ~/.profile file to have it set for all login sessions.
+
= Power =
  
Other times you need to run
+
== Reporting on PowerShield DEFENDER UPS status ==
  
# update-alternatives --config editor
+
Before running `upsc` ensure service is running:
  
And then select vim from the list. This is what you do to configure your visudo editor.
+
# upsdrvctl start
  
== Configuring your locale ==
+
To see the status of the [https://powershield.com.au/powersheild_product/defender/ PowerShield DEFENDER] systems on John's LAN:
  
  $ sudo /usr/sbin/locale-gen en_AU.UTF-8
+
  $ upsc defender
$ sudo /usr/sbin/update-locale LANG=en_AU.UTF-8
 
  
= User and group management =
+
E.g.:
  
== Adding a user ==
+
jj5@orac:~$ upsc defender
 +
Init SSL without certificate database
 +
battery.charge: 100
 +
battery.voltage: 27.40
 +
battery.voltage.high: 26.00
 +
battery.voltage.low: 20.80
 +
battery.voltage.nominal: 24.0
 +
device.type: ups
 +
driver.name: blazer_usb
 +
driver.parameter.pollinterval: 2
 +
driver.parameter.port: auto
 +
driver.parameter.synchronous: no
 +
driver.version: 2.7.4
 +
driver.version.internal: 0.12
 +
input.current.nominal: 5.0
 +
input.frequency: 50.1
 +
input.frequency.nominal: 50
 +
input.voltage: 242.6
 +
input.voltage.fault: 242.6
 +
input.voltage.nominal: 240
 +
output.voltage: 242.6
 +
ups.beeper.status: disabled
 +
ups.delay.shutdown: 30
 +
ups.delay.start: 180
 +
ups.load: 14
 +
ups.productid: 5161
 +
ups.status: OL
 +
ups.type: offline / line interactive
 +
ups.vendorid: 0665
  
To add a new user on a linux system:
+
== Run commands on PowerShield DEFENDER UPS batteries ==
  
# useradd username
+
You can run "instant commands" using the '''upscmd''' command.
# passwd username
 
  
To have the home directory created from '/etc/skel' use the 'adduser' script instead:
+
We use the 'beeper.toggle' instant command in our Salt Stack config to disable the beeper, see e.g.:
  
  # adduser username
+
  diligence:/srv/salt/conf/app/defender-1200.sls
  
== Adding a user to a group ==
+
To see "instant commands" supported by the PowerShield DEFENDER:
  
To add an existing user to an existing group:
+
$ upscmd -l defender
  
# gpasswd -a username group
+
E.g.:
  
e.g. to add user 'jj5' to the 'sudo' group:
+
jj5@orac:~$ upscmd -l defender
 +
Instant commands supported on UPS [defender]:
 +
 +
beeper.toggle - Toggle the UPS beeper
 +
load.off - Turn off the load immediately
 +
load.on - Turn on the load immediately
 +
shutdown.return - Turn off the load and return when power is back
 +
shutdown.stayoff - Turn off the load and remain off
 +
shutdown.stop - Stop a shutdown in progress
 +
test.battery.start - Start a battery test
 +
test.battery.start.deep - Start a deep battery test
 +
test.battery.start.quick - Start a quick battery test
 +
test.battery.stop - Stop the battery test
  
# gpasswd -a jj5 sudo
+
= Service management =
  
Alternatively you can use adduser, passing the username and group:
+
== Report running services ==
  
  # adduser username group
+
  # service --status-all
  
e.g. to add user 'sclaughl' to the 'staff' group:
+
= Environment =
  
# adduser sclaughl staff
+
== Configuring vim as your editor ==
  
== Disabling a user account ==
+
Sometimes all you need is:
  
You can disable a user account with:
+
$ export EDITOR=/usr/bin/vim
  
# passwd -l user
+
Which works for svn, for example. Add it to your ~/.profile file to have it set for all login sessions.
  
Note: that's a lower-case L, not a one.
+
Other times you need to run
  
== Enabling a disabled user account ==
+
# update-alternatives --config editor
  
To can re-enable a locked user account with:
+
And then select vim from the list. This is what you do to configure your visudo editor.
  
# passwd -u user
+
== Configuring your locale ==
  
== Finding which user you are logged in as ==
+
$ sudo /usr/sbin/locale-gen en_AU.UTF-8
 +
$ sudo /usr/sbin/update-locale LANG=en_AU.UTF-8
  
To determine which user you are running as enter the command:
+
= User and group management =
  
$ whoami
+
== Adding a user ==
  
== Finding which groups you are a member of ==
+
To add a new user on a linux system:
  
To find which groups you are a member of:
+
# useradd username
 +
# passwd username
  
$ groups
+
To have the home directory created from '/etc/skel' use the 'adduser' script instead:
  
or
+
# adduser username
  
$ groups username
+
== Adding a user to a group ==
  
Where 'username' is the username of the user you are querying, e.g.:
+
To add an existing user to an existing group:
  
  $ groups jj5
+
  # gpasswd -a username group
  
== Finding who else is logged in to the system ==
+
e.g. to add user 'jj5' to the 'sudo' group:
  
To see who else is logged in,
+
# gpasswd -a jj5 sudo
  
$ who
+
Alternatively you can use adduser, passing the username and group:
  
== Running a command as a particular user ==
+
# adduser username group
  
To run "svn update" as the user www-data:
+
e.g. to add user 'sclaughl' to the 'staff' group:
  
  $ sudo su -c "svn update" www-data
+
  # adduser sclaughl staff
  
== Reporting user and group info for the current user ==
+
== Disabling a user account ==
  
$ id
+
You can disable a user account with:
  
= Memory management =
+
# passwd -l user
  
== Checking available memory ==
+
Note: that's a lower-case L, not a one.
  
To report memory statistics in megabytes:
+
== Enabling a disabled user account ==
  
$ free -m
+
To can re-enable a locked user account with:
  
== Check for swap thrashing ==
+
# passwd -u user
  
Check your virtual memory status with vmstat:
+
== Finding which user you are logged in as ==
  
$ vmstat
+
To determine which user you are running as enter the command:
  
== Report memory type ==
+
$ whoami
  
Report on RAM DIMMs:
+
== Finding which groups you are a member of ==
  
# dmidecode --type 17
+
To find which groups you are a member of:
  
Report on RAM and CPU cache:
+
$ groups
  
# lshw -short -C memory
+
or
  
Or for more detail:
+
$ groups username
  
# lshw -C memory
+
Where 'username' is the username of the user you are querying, e.g.:
  
= Video/display management =
+
$ groups jj5
  
== Viewing EDID data for attached monitor ==
+
== Finding who else is logged in to the system ==
  
To view [https://en.wikipedia.org/wiki/Extended_Display_Identification_Data EDID] data for an attached monitor (requires the [https://packages.debian.org/stable/main/edid-decode edid-decode] package):
+
To see who else is logged in,
  
  $ cd /sys/class/drm
+
  $ who
$ ls
 
$ cd card0-HDMI-A-1
 
$ edid-decode edid
 
  
= Process management =
+
== Running a command as a particular user ==
  
== Using 'top' for dynamic resource usage reporting ==
+
To run "svn update" as the user www-data:
  
To run top:
+
$ sudo su -c "svn update" www-data
  
$ top
+
== Reporting user and group info for the current user ==
  
See [https://www.thegeekstuff.com/2010/01/15-practical-unix-linux-top-command-examples/ 15 Practical Linux Top Command Examples] for some hints on usage.
+
$ id
  
To see usage for a specific user run e.g.:
+
= Memory management =
  
$ top -u jj5
+
== Checking available memory ==
  
To see full command-line press 'c'.
+
To report memory statistics in megabytes:
  
When you're in 'top' you can:
+
$ free -m
  
* press '1' (one) to toggle CPU aggregation
+
== Check for swap thrashing ==
* press < and > to change the sort column
 
  
== Changing memory reporting in 'top' ==
+
Check your virtual memory status with vmstat:
  
To run top:
+
$ vmstat
  
$ top
+
== Report memory type ==
  
Press 'E' to switch between top memory units (KiB, MiB, GiB, etc.)
+
Report on RAM DIMMs:
  
Press 'e' to switch between bottom memory units (KiB, MiB, GiB, etc.)
+
# dmidecode --type 17
  
Press 'M' to sort by memory utilisation.
+
Report on RAM and CPU cache (including L1, L2, and L3):
  
Press 'm' to switch between various display modes.
+
# lshw -short -C memory
  
== Showing full command-line in 'top' ==
+
Or for more detail:
  
To see the full command-line for processes run with -c:
+
# lshw -C memory
  
$ top -c
+
= Video/display management =
  
== Listing all processes currently running which were started in your current shell session ==
+
== Viewing EDID data for attached monitor ==
  
$ ps -fl
+
To view [https://en.wikipedia.org/wiki/Extended_Display_Identification_Data EDID] data for an attached monitor (requires the [https://packages.debian.org/stable/main/edid-decode edid-decode] package):
  
== Killing specific processes ==
+
$ cd /sys/class/drm
 +
$ ls
 +
$ cd card0-HDMI-A-1
 +
$ edid-decode edid
  
# ps aux | grep -e "this\|that" | grep -v grep | tr -s " " | cut -d " " -f 2 | xargs kill -9
+
= Process management =
  
== Run a command for a specified time using timeout ==
+
== Using 'top' for dynamic resource usage reporting ==
  
$ timeout 3 ping jj5.net
+
To run top:
  
= Disk management =
+
$ top
  
== Creating a partition table ==
+
See [https://www.thegeekstuff.com/2010/01/15-practical-unix-linux-top-command-examples/ 15 Practical Linux Top Command Examples] for some hints on usage.
  
# parted /dev/xvdf
+
To see usage for a specific user run e.g.:
  
  mktable msdos
+
  $ top -u jj5
  
== Creating a partition ==
+
To see full command-line press 'c'.
  
# parted /dev/xvdf
+
When you're in 'top' you can:
  
u MiB
+
* press '1' (one) to toggle CPU aggregation
mkpart primary 1 100%
+
* press < and > to change the sort column
  
== Creating an ext4 file-system ==
+
== Changing memory reporting in 'top' ==
  
# mkfs.ext4 /dev/xvdf1
+
To run top:
  
== Listing disk drives ==
+
$ top
  
# fdisk -l
+
Press 'E' to switch between top memory units (KiB, MiB, GiB, etc.)
  
(That's an L for "list")
+
Press 'e' to switch between bottom memory units (KiB, MiB, GiB, etc.)
  
== Checking available disk space ==
+
Press 'M' to sort by memory utilisation.
  
$ df -h
+
Press 'm' to switch between various display modes.
  
== Getting disk information ==
+
== Showing full command-line in 'top' ==
  
# lsblk
+
To see the full command-line for processes run with -c:
  
And
+
$ top -c
  
# cat /proc/partitions
+
== Listing all processes currently running which were started in your current shell session ==
  
Or the Grand Daddy of them all:
+
$ ps -fl
  
# lshw -class disk
+
== Killing specific processes ==
  
(Requires the lshw package.)
+
# ps aux | grep -e "this\|that" | grep -v grep | tr -s " " | cut -d " " -f 2 | xargs kill -9
  
== Getting partition UUID and file-system type ==
+
== Run a command for a specified time using timeout ==
  
  # blkid
+
  $ timeout 3 ping jj5.net
  
== Checking for SSD vs magnetic disk ==
+
= Disk management =
  
# cat /sys/block/sda/queue/rotational
+
== Reporting ext4 file-systems mounted without noatime ==
  
Will be 0 for SSD and 1 for magnetic.
+
$ cat /proc/mounts | grep ext | grep -v noatime | sort
  
== Monitoring a ZFS server ==
+
== Creating a partition table ==
  
So some commands I run to keep an eye on my new ZFS servers:
+
# parted /dev/xvdf
  
  # top
+
  mktable msdos
# iotop
 
# nethogs
 
# watch free -h
 
# watch slabtop -o
 
# slabtop
 
# watch cat /proc/meminfo
 
# perf top
 
# watch "df -h | grep -v -e tmpfs -e udev -e by-uuid"
 
# watch zpool iostat -v
 
# zpool iostat -v 2
 
# watch 'zpool list; echo; zfs list'
 
# watch zfs get compressratio -o all
 
# watch cat /proc/spl/kstat/zfs/arcstats
 
  
If you have a scrub or resilvering in progress you can report on progress with:
+
== Creating a partition ==
  
  # watch zpool status -v
+
  # parted /dev/xvdf
  
You can poke about in internals, e.g.:
+
u MiB
 +
mkpart primary 1 100%
  
# cat /proc/spl/kstat/zfs/arcstats
+
== Creating an ext4 file-system ==
  
  root@orac:/sys/module/zfs/parameters# tail *
+
  # mkfs.ext4 /dev/xvdf1
  
You can report on property values with e.g.:
+
== Listing disk drives ==
  
  # zfs get all data
+
  # fdisk -l
  
If you want to get funky:
+
(That's an L for "list")
  
# cd /tmp
+
== Checking available disk space ==
# perf record -ag #(Ctrl+C after ~15 seconds)
 
# perf report --stdio
 
  
You can search for ZFS files like e.g. this:
+
$ df -h
  
root@orac:/# find / -name '*zfs*' -or -name '*zpool*'
+
== Getting disk information ==
  
You can report history of a zpool:
+
# lsblk
  
# zpool history $poolname
+
And
  
You can get a report on the dedup tables:
+
# cat /proc/partitions
  
# zpool status -D $poolname
+
Or the Grand Daddy of them all:
  
Or more detailed dedup table info:
+
# lshw -class disk
  
# zdb -DDD $poolname
+
(Requires the lshw package.)
  
Note in the output see [https://unix.stackexchange.com/a/405700 here] for details, basically:
+
== Getting partition UUID and file-system type ==
  
{|class="wikitable"
+
  # blkid
! Abbr  !! Description
 
|-
 
| LSIZE || logical size (in memory)
 
|-
 
| PSIZE  || physical size
 
|-
 
| DSIZE  || size on disk
 
|-
 
| refcnt || reference count
 
|}
 
  
== Measure data throughput ==
+
== Checking for SSD vs magnetic disk ==
  
Use the 'pv' command from the 'pv' package, e.g.:
+
# cat /sys/block/sda/queue/rotational
  
# cat /dev/sda | pv | cat > /dev/null
+
Will be 0 for SSD and 1 for magnetic.
  
Or for ZFS:
+
== Monitoring a ZFS server ==
  
# zfs send data/example | pv | cat > /dev/null
+
So some commands I run to keep an eye on my new ZFS servers:
  
== Using Smartctl, Smartd and Hddtemp on Debian ==
+
# top
 +
# iotop
 +
# nethogs
 +
# watch free -h
 +
# watch slabtop -o
 +
# slabtop
 +
# watch cat /proc/meminfo
 +
# perf top
 +
# watch "df -h | grep -v -e tmpfs -e udev -e by-uuid"
 +
# watch zpool iostat -v
 +
# zpool iostat -v 2
 +
# watch 'zpool list; echo; zfs list'
 +
# watch zfs get compressratio -o all
 +
# watch cat /proc/spl/kstat/zfs/arcstats
  
For notes on using smartctl see [https://www.lisenet.com/2014/using-smartctl-smartd-and-hddtemp-on-debian/ Using Smartctl, Smartd and Hddtemp on Debian].
+
If you have a scrub or resilvering in progress you can report on progress with:
  
== Report hard disk usage ==
+
# watch zpool status -v
  
So you might want to know how much data a process reads or writes to a hard disk. You can monitor process total disk utilisation with the 'iotop' command. Run 'iotop' and then press 'a' for --accumulated.
+
You can poke about in internals, e.g.:
  
== Report hard disk temperatures ==
+
# cat /proc/spl/kstat/zfs/arcstats
  
E.g.
+
root@orac:/sys/module/zfs/parameters# tail *
  
# hddtemp /dev/sd[a-e]
+
You can report on property values with e.g.:
  
== Burning an ISO image to USB on Mac ==
+
# zfs get all data
  
First insert your USB key and find the appropriate disk with:
+
If you want to get funky:
  
  # diskutil list
+
  # cd /tmp
 +
# perf record -ag #(Ctrl+C after ~15 seconds)
 +
# perf report --stdio
  
Then unmount it with:
+
You can search for ZFS files like e.g. this:
  
  # diskutil unmountDisk /dev/disk4
+
  root@orac:/# find / -name '*zfs*' -or -name '*zpool*'
  
Then copy ISO image with 'dd':
+
You can report history of a zpool:
  
  # dd if=ubuntu-18.04.1-desktop-amd64.iso of=/dev/disk4
+
  # zpool history $poolname
  
You can get dd to report progress by sending it the SIGINFO signal:
+
You can get a report on the dedup tables:
  
  # kill -s info 12345
+
  # zpool status -D $poolname
  
== Listing all ext4 file systems ==
+
Or more detailed dedup table info:
  
To see a list only of the mounted ext4 file systems:
+
# zdb -DDD $poolname
  
# df -t ext4
+
Note in the output see [https://unix.stackexchange.com/a/405700 here] for details, basically:
  
= Monitoring disk I/O =
+
{|class="wikitable"
 +
! Abbr  !! Description
 +
|-
 +
| LSIZE  || logical size (in memory)
 +
|-
 +
| PSIZE  || physical size
 +
|-
 +
| DSIZE  || size on disk
 +
|-
 +
| refcnt || reference count
 +
|}
  
There's an app for that! iotop.
+
== How to tell if zfs scrub is running ==
 +
 
 +
You can get the status from the "scan:" line from:
  
== Using iotop, top for disks ==
+
$ zpool status
  
# iotop -oPa
+
== Measure data throughput ==
  
== Monitor disk I/O for performance issues ==
+
Use the 'pv' command from the 'pv' package, e.g.:
  
  # watch iostat
+
  # cat /dev/sda | pv | cat > /dev/null
  
Or e.g.
+
Or for ZFS:
  
  # watch iostat -xd /dev/sd[abc]
+
  # zfs send data/example | pv | cat > /dev/null
  
Or use groupings like this command for 'tact':
+
== Using Smartctl, Smartd and Hddtemp on Debian ==
  
$ iostat -g system nvme0n1 -g fast sda sdb -g data sdc sdd -d 2
+
For notes on using smartctl see [https://www.lisenet.com/2014/using-smartctl-smartd-and-hddtemp-on-debian/ Using Smartctl, Smartd and Hddtemp on Debian].
  
= Monitoring a system =
+
== Report hard disk usage ==
  
== Simple ZFS monitoring ==
+
So you might want to know how much data a process reads or writes to a hard disk. You can monitor process total disk utilisation with the 'iotop' command. Run 'iotop' and then press 'a' for --accumulated.
  
# watch iostat
+
== Report hard disk temperatures ==
# iotop
 
# zpool iostat -v 5
 
# watch 'hddtemp /dev/sd[a-e]; echo; zpool list; echo; zfs list'
 
# nethogs
 
# top
 
  
= Monitoring temperature =
+
E.g.
  
See [https://askubuntu.com/a/854029 temperature without third-party apps] for:
+
# hddtemp /dev/sd[a-e]
  
$ cat /sys/class/thermal/thermal_zone*/temp
+
== Burning an ISO image to USB on Mac ==
  
and:
+
First insert your USB key and find the appropriate disk with:
  
  $ paste <(cat /sys/class/thermal/thermal_zone*/type) <(cat /sys/class/thermal/thermal_zone*/temp) | column -s $'\t' -t | sed 's/\(.\)..$/.\1°C/'
+
  # diskutil list
  
== Monitoring CPU temperature ==
+
Then unmount it with:
  
  $ watch sensors
+
  # diskutil unmountDisk /dev/disk4
  
== Monitoring HDD temperature ==
+
Then copy ISO image with 'dd':
  
For e.g. SATA drives sda to sdd:
+
# dd if=ubuntu-18.04.1-desktop-amd64.iso of=/dev/disk4
  
# watch hddtemp /dev/sd[a-d]
+
You can get dd to report progress by sending it the SIGINFO signal:
  
= ZFS =
+
# kill -s info 12345
  
== How can I determine the current size of the ARC in ZFS, and how does the ARC relate to free or cache memory? ==
+
== Listing all ext4 file systems ==
  
See [https://superuser.com/q/1137416 How can I determine the current size of the ARC in ZFS, and how does the ARC relate to free or cache memory?]
+
To see a list only of the mounted ext4 file systems:
  
  $ cat /proc/spl/kstat/zfs/arcstats
+
  # df -t ext4
  
Then:
+
== Report hierarchical file system mount points and mount options ==
  
  c is the target size of the ARC in bytes
+
  $ findmnt
c_max is the maximum size of the ARC in bytes
 
size is the current size of the ARC in bytes
 
  
= File management =
+
== Report the mount point for the current working directory ==
  
== Listing files by size ==
+
$ findmnt "$PWD"
  
Use capital S for Size:
+
= Monitoring disk I/O =
  
$ ls -S
+
There's an app for that! iotop.
  
== Listing only directories ==
+
== Using iotop, top for disks ==
  
  $ ls -l | egrep '^d'
+
  # iotop -oPa
  
== Listing only files ==
+
== Monitor disk I/O for performance issues ==
  
  $ ls -l | egrep -v '^d'
+
  # watch iostat
  
== Listing hidden files ==
+
Or e.g.
  
  $ ls -al .[!.]*
+
  # watch iostat -xd /dev/sd[abc]
  
== Creating a symbolic link ==
+
Or use groupings like this command for 'tact':
  
  $ ln -s /path/to/target link-name
+
  $ iostat -g system nvme0n1 -g fast sda sdb -g data sdc sdd -d 2
  
== Creating a hard-link ==
+
= Monitoring a system =
  
$ ln /path/to/target file-name
+
== Simple ZFS monitoring ==
  
== Changing the owner of a file ==
+
# watch iostat
 
+
# iotop
  $ chown user:group <files>
+
# zpool iostat -v 5
 +
# watch 'hddtemp /dev/sd[a-e]; echo; zpool list; echo; zfs list'
 +
# nethogs
 +
  # top
  
E.g.
+
= Monitoring temperature =
  
$ chown jj5:staff README
+
See [https://askubuntu.com/a/854029 temperature without third-party apps] for:
$ chown root:root *
 
  
To apply recursively into sub-directories use -R,
+
$ cat /sys/class/thermal/thermal_zone*/temp
  
$ chown -R root:root /etc/*
+
and:
  
== Changing file permissions ==
+
$ paste <(cat /sys/class/thermal/thermal_zone*/type) <(cat /sys/class/thermal/thermal_zone*/temp) | column -s $'\t' -t | sed 's/\(.\)..$/.\1°C/'
  
{|class="wikitable"
+
== Monitoring CPU temperature ==
|+ Object codes
 
! User !! Group !! Other
 
|-
 
| u    || g    || o
 
|}
 
  
{|class="wikitable"
+
$ watch sensors
|+ Permission codes
 
! Read !! Write !! Exectue
 
|-
 
| r    || w    || x
 
|-
 
| 4    || 2    || 1
 
|}
 
  
{|class="wikitable"
+
== Monitoring HDD temperature ==
|+ Numeric codes
 
! 0
 
| None
 
|-
 
! 1
 
| Execute
 
|-
 
! 2
 
| Write
 
|-
 
! 3
 
| Write, Execute
 
|-
 
! 4
 
| Read
 
|-
 
! 5
 
| Read, Execute
 
|-
 
! 6
 
| Read, Write
 
|-
 
! 7
 
| Read, Write, Execute
 
|}
 
  
See [http://catcode.com/teachmod/numeric2.html Numeric Mode in Action].
+
For e.g. SATA drives sda to sdd:
  
  $ chmod <user numeric code><group numeric code><other numeric code> <files>
+
  # watch hddtemp /dev/sd[a-d]
$ chmod <object codes>+|-<permission codes> <files>
 
  
E.g.
+
= ZFS =
  
$ chmod 600 my-private-file
+
== How can I determine the current size of the ARC in ZFS, and how does the ARC relate to free or cache memory? ==
$ chmod go-rwx my-private-file
 
$ chmod u+rw my-private-file
 
$ chmod +x my-script
 
  
== Updating config files ==
+
See [https://superuser.com/q/1137416 How can I determine the current size of the ARC in ZFS, and how does the ARC relate to free or cache memory?]
  
If you get given a new config file called new.conf and you want to integrate it with your old config file old.conf then:
+
$ cat /proc/spl/kstat/zfs/arcstats
  
$ cp old.conf updated.conf
+
Then:
$ merge -A updated.conf new.conf old.conf
 
  
Then go through and edit updated.conf resolving all the merge errors, picking and choosing what to update and what to keep. When you're done copy updated.conf to old.conf so it becomes the new config file.
+
c is the target size of the ARC in bytes
 +
c_max is the maximum size of the ARC in bytes
 +
size is the current size of the ARC in bytes
  
The merge program is a part of the RCS package. If you don't have it:
+
== Stopping a ZFS scrub in progress ==
  
  $ sudo apt-get install rcs
+
  # zpool scrub -s $pool
  
== Listing open files ==
+
e.g. for the 'data' pool:
  
Use lsof to list open files. E.g.:
+
# zpool scrub -s data
  
# lsof
+
= File management =
  
See man lsof for options.
+
== Listing files by size ==
  
== List permissions on a whole directory path ==
+
Use capital S for Size:
  
E.g.:
+
$ ls -S
  
$ namei -om /home/jj5/workspace
+
== Listing only directories ==
  
Outputs:
+
$ ls -l | egrep '^d'
  
f: /home/jj5/workspace/
+
== Listing only files ==
  drwxr-xr-x root root /
 
  drwxr-xr-x root root home
 
  drwxr-xr-x jj5  jj5  jj5
 
  drwxr-xr-x jj5  jj5  workspace
 
  
== Counting non-blank lines in a file ==
+
$ ls -l | egrep -v '^d'
  
E.g.:
+
== Listing hidden files ==
  
  $ cat foo.c | sed '/^\s*$/d' | wc -l
+
  $ ls -al .[!.]*
  
== Cloning one directory to another with rsync ==
+
== Creating a symbolic link ==
  
E.g.:
+
$ ln -s /path/to/target link-name
  
rsync --acls --xattrs --stats --human-readable --recursive --del --force --times --links --hard-links --executability --numeric-ids --owner --group --perms --sparse --compress-level=0 /data/source/ hostname:/data/target/
+
== Creating a hard-link ==
  
== Counting number of files in current directory and all subdirectories ==
+
$ ln /path/to/target file-name
  
$ ls -AlhR . | egrep '^-' | wc -l
+
== Changing the owner of a file ==
  
== Counting number of directories in current directory and all subdirectories ==
+
$ chown user:group <files>
  
$ ls -AlhR . | egrep '^d' | wc -l
+
E.g.
  
== Getting the status of a 'dd' process ==
+
$ chown jj5:staff README
 +
$ chown root:root *
  
First figure out the 'dd' process number, with e.g. 'top' or 'ps aux | grep dd'
+
To apply recursively into sub-directories use -R,
  
Then send the dd process the SIGINFO signal, which for dd process 40947 would be:
+
$ chown -R root:root /etc/*
  
# kill -s info 40947
+
== Changing file permissions ==
  
The dd process will report its status in the terminal its running in.
+
{|class="wikitable"
 +
|+ Object codes
 +
! User !! Group !! Other
 +
|-
 +
| u    || g    || o
 +
|}
  
== Transferring a large file via FAT32 file system ==
+
{|class="wikitable"
 +
|+ Permission codes
 +
! Read !! Write !! Exectue
 +
|-
 +
| r    || w    || x
 +
|-
 +
| 4    || 2    || 1
 +
|}
  
So the maximum file size supported by a FAT32 file system (commonly used on USB keys) is 4 GB per file. If you have a file larger than 4 GB you can split it into parts and then reassemble the parts once transferred:
+
{|class="wikitable"
 
+
|+ Numeric codes
$ split -b 4000m input.tgz input.tgz-parts-
+
! 0
 
+
| None
Then copy the small files and reassemble:
+
|-
 
+
! 1
$ cat input.tgz-parts-* > output.tgz
+
| Execute
 
+
|-
= NFS =
+
! 2
 +
| Write
 +
|-
 +
! 3
 +
| Write, Execute
 +
|-
 +
! 4
 +
| Read
 +
|-
 +
! 5
 +
| Read, Execute
 +
|-
 +
! 6
 +
| Read, Write
 +
|-
 +
! 7
 +
| Read, Write, Execute
 +
|}
  
== List NFS shares ==
+
See [http://catcode.com/teachmod/numeric2.html Numeric Mode in Action].
  
To e.g. show NFS shares on 'love':
+
$ chmod <user numeric code><group numeric code><other numeric code> <files>
 +
$ chmod <object codes>+|-<permission codes> <files>
  
$ showmount -e love
+
E.g.
  
= Compression =
+
$ chmod 600 my-private-file
 +
$ chmod go-rwx my-private-file
 +
$ chmod u+rw my-private-file
 +
$ chmod +x my-script
  
== How to use pigz with tar ==
+
== Updating config files ==
  
See [https://stackoverflow.com/a/39904353 here]:
+
If you get given a new config file called new.conf and you want to integrate it with your old config file old.conf then:
  
  $ tar cf - paths-to-archive | pigz --best -p 8 > archive.tgz
+
  $ cp old.conf updated.conf
 +
$ merge -A updated.conf new.conf old.conf
  
Note: don't use --best unless you're being stingy, running without it will be much faster.
+
Then go through and edit updated.conf resolving all the merge errors, picking and choosing what to update and what to keep. When you're done copy updated.conf to old.conf so it becomes the new config file.
  
== Best compression with tar ==
+
The merge program is a part of the RCS package. If you don't have it:
  
From [https://superuser.com/questions/514260/how-to-obtain-maximum-compression-with-tar-gz#544643 here]:
+
$ sudo apt-get install rcs
  
export GZIP=-9
+
== Listing open files ==
tar cvzf file.tar.gz /path/to/directory
 
  
or
+
Use lsof to list open files. E.g.:
  
  env GZIP=-9 tar cvzf file.tar.gz /path/to/directory
+
  # lsof
  
== Best parallel compression with pigz ==
+
See man lsof for options.
  
$ pigz --best
+
== List permissions on a whole directory path ==
  
== Best parallel compression with xz ==
+
E.g.:
  
  $ xz -9e -T 0
+
  $ namei -om /home/jj5/workspace
  
== Reporting compression ratios with xz ==
+
Outputs:
  
e.g.
+
  f: /home/jj5/workspace/
 
+
   drwxr-xr-x root root /
  root@love:/data/image/archive# xz -l *
+
   drwxr-xr-x root root home
Strms  Blocks   Compressed Uncompressed  Ratio  Check  Filename
+
   drwxr-xr-x jj5 jj5 jj5
    1      3    372.2 MiB    442.3 MiB  0.841  CRC64   1999.txz
+
   drwxr-xr-x jj5 jj5 workspace
    1      29  5,281.3 MiB  5,542.5 MiB  0.953  CRC64   2001.txz
 
    1      11 1,364.3 MiB 2,084.3 MiB  0.655  CRC64  2002.txz
 
    1      9    568.5 MiB  1,660.2 MiB  0.342  CRC64   2003.txz
 
    1    639    66.8 GiB    119.6 GiB  0.558  CRC64  2004.txz
 
    1    313    12.7 GiB    58.6 GiB  0.217  CRC64  2005.txz
 
    1    414    35.0 GiB    77.4 GiB  0.452  CRC64  2006.txz
 
    1    485    44.5 GiB    90.9 GiB  0.490  CRC64  2007.txz
 
    1  1,690    150.0 GiB    316.8 GiB  0.473  CRC64  2008.txz
 
    1      3    457.9 MiB    526.0 MiB  0.871  CRC64  2009.txz
 
    1    168    27.3 GiB    31.4 GiB  0.868  CRC64  2010.txz
 
    1      4    477.1 MiB    702.8 MiB  0.679  CRC64  2011.txz
 
-------------------------------------------------------------------------------
 
    12  3,768    344.6 GiB    705.5 GiB 0.488 CRC64  12 files
 
  
= Symbolic-link management =
+
== Counting non-blank lines in a file ==
  
== Data used by sym-linked files:
+
E.g.:
  
This will de-reference the sym-links in the current directory and tell you how much data the files pointed to by the sym-links are using:
+
$ cat foo.c | sed '/^\s*$/d' | wc -l
  
jj5@tact:/data/backup/unity/latest$ du -hD * | sort -h
+
== Cloning one directory to another with rsync ==
  
= File searching =
+
E.g.:
  
== Finding a file with a particular name ==
+
rsync --acls --xattrs --stats --human-readable --recursive --del --force --times --links --hard-links --executability --numeric-ids --owner --group --perms --sparse --compress-level=0 /data/source/ hostname:/data/target/
  
$ find -iname "*some-part-of-the-file-name*"
+
== Counting number of files in current directory and all subdirectories ==
  
Will start searching from the current directory, so maybe
+
$ ls -AlhR . | egrep '^-' | wc -l
  
$ cd /
+
== Counting number of directories in current directory and all subdirectories ==
  
first. For a case-sensitive search:
+
$ ls -AlhR . | egrep '^d' | wc -l
  
$ find -name "*eXaCT CaSE*"
+
== Getting the status of a 'dd' process ==
  
== Finding a file with particular content ==
+
First figure out the 'dd' process number, with e.g. 'top' or 'ps aux | grep dd'
  
To search in /etc/ for a file with particular content:
+
Then send the dd process the SIGINFO signal, which for dd process 40947 would be:
  
  $ grep -R "search-string" /etc/*
+
  # kill -s info 40947
  
To search the current directory for *.cs files containing the word "Up":
+
The dd process will report its status in the terminal its running in.
  
$ find . -name '*.cs' -exec grep --color=auto -H Up {} \;
+
== Transferring a large file via FAT32 file system ==
  
== Finding a list of files with particular content ==
+
So the maximum file size supported by a FAT32 file system (commonly used on USB keys) is 4 GB per file. If you have a file larger than 4 GB you can split it into parts and then reassemble the parts once transferred:
  
E.g. to find all the files with the word 'creativity':
+
$ split -b 4000m input.tgz input.tgz-parts-
  
$ grep -R creativity . | sed 's/:/ /' | awk '{ print $1 }' | sort | uniq
+
Then copy the small files and reassemble:
  
== Using the locate command to find files ==
+
$ cat input.tgz-parts-* > output.tgz
  
$ locate part-of-filename
+
== Find the difference between two directories ==
  
E.g.
+
$ diif -qr $DIR_A $DIR_B
  
$ locate texvc
+
== Merging two directories ==
  
== Updating locate command's database ==
+
$ cp -RT source/ destination/
  
# updatedb
+
Files from source will be merged into destination.
  
== Select a random line from a text file ==
+
= NFS =
  
$ shuf -n 1 input.txt
+
== List NFS shares ==
  
== Extra context for grep ==
+
To e.g. show NFS shares on 'love':
  
If you need to show extra lines before or after your grep results use -B NUM to set how many lines before the match and -A NUM for the number of lines after the match:
+
$ showmount -e love
  
$ grep -B 3 -A 1 ...
+
= Compression =
  
= Job control =
+
== How to use pigz with tar ==
  
== Stopping a running process ==
+
See [https://stackoverflow.com/a/39904353 here]:
  
Press Ctrl+Z to stop a running process.
+
$ tar cf - paths-to-archive | pigz --best -p 8 > archive.tgz
  
== Listing current jobs and their status ==
+
Note: don't use --best unless you're being stingy, running without it will be much faster.
  
$ jobs
+
Also from [https://stackoverflow.com/a/50586833 here]:
  
== Resuming a stopped job in the backgroud ==
+
Fast pack:
  
To resume a stopped process in the background
+
tar -I 'pigz --fast' -cf my.tar.gz whatver
  
$ bg %1
+
Best pack:
  
where '1' is the job number reported by bash when you pressed Ctrl+Z (or ran 'jobs').
+
tar -I 'pigz --best' -cf my.tar.gz whatver
  
== Resuming a stopped job in the foreground ==
+
Fast unpack:
  
To resume a stopped process in the foreground
+
tar -I pigz -xf my.tar.gz
  
$ fg %1
+
== Best compression with tar ==
  
where '1' is the job number reported by bash when you pressed Ctrl+Z (or ran 'jobs').
+
From [https://superuser.com/questions/514260/how-to-obtain-maximum-compression-with-tar-gz#544643 here]:
  
== Killing a stopped job ==
+
export GZIP=-9
 +
tar cvzf file.tar.gz /path/to/directory
  
To kill a job
+
or
  
  $ kill %1
+
  env GZIP=-9 tar cvzf file.tar.gz /path/to/directory
  
where '1' is the job number reported by bash when you pressed Ctrl+Z (or ran 'jobs').
+
== Best parallel compression with pigz ==
  
== Periodically run a program and watch its output ==
+
$ pigz --best
  
$ watch /your/command
+
== Best parallel compression with xz ==
  
= Debian/Ubuntu package management =
+
$ xz -9e -T 0
  
Also see [https://wiki.debian.org/WhereIsIt Where "is" it?] on the Debian Wiki.
+
== Reporting compression ratios with xz ==
  
== configuring debconf ==
+
e.g.
  
  # dpkg-reconfigure debconf
+
  root@love:/data/image/archive# xz -l *
 +
Strms  Blocks  Compressed Uncompressed  Ratio  Check  Filename
 +
    1      3    372.2 MiB    442.3 MiB  0.841  CRC64  1999.txz
 +
    1      29  5,281.3 MiB  5,542.5 MiB  0.953  CRC64  2001.txz
 +
    1      11  1,364.3 MiB  2,084.3 MiB  0.655  CRC64  2002.txz
 +
    1      9    568.5 MiB  1,660.2 MiB  0.342  CRC64  2003.txz
 +
    1    639    66.8 GiB    119.6 GiB  0.558  CRC64  2004.txz
 +
    1    313    12.7 GiB    58.6 GiB  0.217  CRC64  2005.txz
 +
    1    414    35.0 GiB    77.4 GiB  0.452  CRC64  2006.txz
 +
    1    485    44.5 GiB    90.9 GiB  0.490  CRC64  2007.txz
 +
    1  1,690    150.0 GiB    316.8 GiB  0.473  CRC64  2008.txz
 +
    1      3    457.9 MiB    526.0 MiB  0.871  CRC64  2009.txz
 +
    1    168    27.3 GiB    31.4 GiB  0.868  CRC64  2010.txz
 +
    1      4    477.1 MiB    702.8 MiB  0.679  CRC64  2011.txz
 +
-------------------------------------------------------------------------------
 +
    12  3,768    344.6 GiB    705.5 GiB  0.488  CRC64  12 files
  
Set priority to low to get asked detailed questions.
+
= Symbolic-link management =
  
== Showing list of installed packages ==
+
== Data used by sym-linked files:
  
  # dpkg --get-selections
+
This will de-reference the sym-links in the current directory and tell you how much data the files pointed to by the sym-links are using:
 +
 
 +
  jj5@tact:/data/backup/unity/latest$ du -hD * | sort -h
  
== Searching for installed package ==
+
= File searching =
  
# dpkg --get-selections | grep package-name
+
== Finding a file with a particular name ==
  
or
+
$ find -iname "*some-part-of-the-file-name*"
  
# aptitude search package-name
+
Will start searching from the current directory, so maybe
  
== Showing which files are installed as part of a package ==
+
$ cd /
  
# dpkg -L package-name
+
first. For a case-sensitive search:
  
== Installing a package ==
+
$ find -name "*eXaCT CaSE*"
  
# apt-get install package-name
+
== Finding a file with particular content ==
  
== Uninstalling a package ==
+
To search in /etc/ for a file with particular content:
  
  # apt-get remove package-name
+
  $ grep -R "search-string" /etc/*
  
== Showing system architecture ==
+
To search the current directory for *.cs files containing the word "Up":
  
  $ dpkg --print-architecture
+
  $ find . -name '*.cs' -exec grep --color=auto -H Up {} \;
  
== Showing which package a file belongs to ==
+
== Finding a list of files with particular content ==
  
$ which echo
+
E.g. to find all the files with the word 'creativity':
/bin/echo
+
 
  $ dpkg -S /bin/echo
+
  $ grep -R creativity . | sed 's/:/ /' | awk '{ print $1 }' | sort | uniq
coreutils: /bin/echo
 
$ dpkg -l | grep coreutils
 
ii  coreutils                        6.10-6                  The GNU core utilities
 
  
== Showing package information ==
+
== Using the locate command to find files ==
  
  $ apt-cache showpkg coreutils
+
  $ locate part-of-filename
  
Or for even more information:
+
E.g.
  
  $ apt-cache show coreutils
+
  $ locate texvc
  
== List all installed packages with package version info ==
+
== Updating locate command's database ==
  
  dpkg-query -l
+
  # updatedb
  
== Reporting which version of a package is installed ==
+
== Select a random line from a text file ==
  
  $ dpkg -l | grep package-name
+
  $ shuf -n 1 input.txt
  
E.g.:
+
== Extra context for grep ==
  
root@hope:~/letsencrypt# dpkg -l | grep augeas
+
If you need to show extra lines before or after your grep results use -B NUM to set how many lines before the match and -A NUM for the number of lines after the match:
ii  augeas-lenses                  0.7.0-1ubuntu1                Set of lenses needed by libaugeas0 to parse
 
ii  libaugeas0                      0.7.0-1ubuntu1                The augeas configuration editing library and
 
  
== Comprehensive upgrade ==
+
$ grep -B 3 -A 1 ...
  
Try the following:
+
= Job control =
  
# apt-get update
+
== Stopping a running process ==
# apt-get dist-upgrade
+
 
# apt-get autoremove
+
Press Ctrl+Z to stop a running process.
  # apt-get remove $(deborphan)
+
 
# update-flashplugin-nonfree --install
+
== Listing current jobs and their status ==
 +
 
 +
  $ jobs
 +
 
 +
== Resuming a stopped job in the backgroud ==
  
== Searching all available packages ==
+
To resume a stopped process in the background
  
  $ apt-cache search . | sort -d | less
+
  $ bg %1
  
= Networking =
+
where '1' is the job number reported by bash when you pressed Ctrl+Z (or ran 'jobs').
  
== net-tools vs iproute2 ==
+
== Resuming a stopped job in the foreground ==
  
The older 'net-tools' package has been replaced with 'iproute2' e.g. in [https://www.debian.org/releases/stretch/amd64/release-notes/ch-information.en.html#iproute2 stretch].
+
To resume a stopped process in the foreground
  
{|class="wikitable"
+
  $ fg %1
! legacy net-tools commands
 
! iproute2 replacement commands
 
|-
 
| arp      || ip n (ip neighbor)
 
|-
 
| ifconfig || ip a (ip addr), ip link, ip -s (ip -stats)
 
|-
 
| iptunnel || ip tunnel
 
|-
 
| iwconfig || iw
 
|-
 
| nameif  || ip link, ifrename
 
|-
 
| netstat || ss, ip route (for netstat-r), ip -s link (for netstat -i), ip maddr (for netstat-g)
 
|-
 
| route    || ip r (ip route)
 
|}
 
  
== Restart networking ==
+
where '1' is the job number reported by bash when you pressed Ctrl+Z (or ran 'jobs').
  
For servers:
+
== Killing a stopped job ==
  
# service networking restart
+
To kill a job
  
For desktops:
+
$ kill %1
  
# service network-manager restart
+
where '1' is the job number reported by bash when you pressed Ctrl+Z (or ran 'jobs').
  
== Pinging with particular packet size ==
+
== Periodically run a program and watch its output ==
  
  $ ping -M do -s <packet size in bytes> <host>
+
  $ watch /your/command
  
E.g.
+
= Debian/Ubuntu package management =
  
$ ping -M do -s 1400 charity.progclub.org
+
Also see [https://wiki.debian.org/WhereIsIt Where "is" it?] on the Debian Wiki.
  
== Setting [http://en.wikipedia.org/wiki/Maximum_segment_size MSS] for a particular IP address on a particular interface ==
+
== configuring debconf ==
  
  # ip route add <host> dev <interface> advmss <packet size>
+
  # dpkg-reconfigure debconf
  
E.g.
+
Set priority to low to get asked detailed questions.
  
# ip route add 10.0.0.1 dev eth0 advmss 1400
+
== Showing list of installed packages ==
  
== Dropping configured MMS for a particular IP address ==
+
# dpkg --get-selections
  
# ip route flush <host>
+
== Searching for installed package ==
  
E.g.
+
# dpkg --get-selections | grep package-name
  
# ip route flush 10.0.0.1
+
or
  
== Listing open ports and socket information ==
+
# aptitude search package-name
  
Including which process is listening on which port.
+
== Showing which files are installed as part of a package ==
  
  # netstat -tulpn
+
  # dpkg -L package-name
  
Or use the 'ss' command:
+
== Installing a package ==
  
  # ss -s
+
  # apt-get install package-name
# ss -l
 
# ss -pl
 
# ss -o state established '( dport = :smtp or sport = :smtp )'
 
  
== Listing open IPv4 connections ==
+
== Uninstalling a package ==
  
  # lsof -Pnl +M -i4
+
  # apt-get remove package-name
  
You might need to install the lsof package:
+
== Showing system architecture ==
  
  # apt-get install lsof
+
  $ dpkg --print-architecture
  
== Query for DNS MX record ==
+
== Showing which package a file belongs to ==
  
  $ nslookup
+
  $ which echo
  > server 127.0.0.1
+
  /bin/echo
  > set q=mx
+
$ dpkg -S /bin/echo
  > mail.blackbrick.com
+
coreutils: /bin/echo
 +
  $ dpkg -l | grep coreutils
 +
  ii  coreutils                        6.10-6                  The GNU core utilities
  
== Query for DNS SOA record ==
+
== Showing package information ==
  
  $ dig @ns2.staticmagic.net -t SOA staticmagic.net
+
  $ apt-cache showpkg coreutils
  
== Using nmap to list open ports on remote host ==
+
Or for even more information:
  
To check the 1,000 most common ports:
+
$ apt-cache show coreutils
  
# nmap server.example.com
+
== List all installed packages with package version info ==
  
Or for a specific port range (e.g. 101 to 102):
+
dpkg-query -l
  
# nmap -p 101-102 server.example.com
+
== Reporting which version of a package is installed ==
  
Or for all ports (1 to 65,535):
+
$ dpkg -l | grep package-name
  
# nmap -p- server.example.com
+
E.g.:
  
== Network monitoring ==
+
root@hope:~/letsencrypt# dpkg -l | grep augeas
 +
ii  augeas-lenses                  0.7.0-1ubuntu1                Set of lenses needed by libaugeas0 to parse
 +
ii  libaugeas0                      0.7.0-1ubuntu1                The augeas configuration editing library and
  
See [http://www.binarytides.com/linux-commands-monitor-network/ here] for details. Basically:
+
== Comprehensive upgrade ==
  
# Overall bandwidth: nload, bmon, slurm, bwm-ng, cbm, speedometer, netload
+
Try the following:
# Overall bandwidth (batch style output): vnstat, ifstat, dstat, collectl
 
# Bandwidth per socket connection: iftop, iptraf, tcptrack, pktstat, netwatch, trafshow
 
# Bandwidth per process: nethogs
 
  
== nload ==
+
# apt-get update
 +
# apt-get dist-upgrade
 +
# apt-get autoremove
 +
# apt-get remove $(deborphan)
 +
# update-flashplugin-nonfree --install
  
You can watch network traffic in real-time with nload:
+
== Searching all available packages ==
  
  # nload -u M
+
  $ apt-cache search . | sort -d | less
  
== Reporting network (NIC) speed ==
+
== Reporting unattended upgrades status ==
  
From [https://askubuntu.com/questions/431911/how-can-i-verify-the-speed-of-my-nic-in-ubuntu#431912 here]:
+
See [https://askubuntu.com/questions/934807/unattended-upgrades-status#934863 here] for more info.
  
  # dmesg | grep eth0
+
  # tail -f /var/log/unattended-upgrades/unattended-upgrades.log
# mii-tool -v eth0
 
# ethtool eth0
 
  
Note: use ifconfig to get device name.
+
== Searching for Debian packages and versions ==
  
== Path MTU discovery ==
+
* [https://packages.debian.org/search?keywords=dnscrypt-proxy Debian package search]
  
To do a [https://en.wikipedia.org/wiki/Path_MTU_Discovery Path MTU Discovery], from the iputils-tracepath package:
+
= Networking =
  
# tracepath host.example.com
+
== Determining throughput between two hosts ==
  
== Listing available Ethernet devices ==
+
# apt install iperf3
  
To see a list of NICs available on the host:
+
On the server:
  
  $ cat /proc/net/dev
+
  # iperf3 -s
  
Also
+
On the client:
  
  $ ip link
+
  # iperf3 -c $SERVER_IP
  
== 59 Linux Networking commands and scripts ==
+
For more info see: [https://www.cyberciti.biz/faq/how-to-test-the-network-speedthroughput-between-two-linux-servers/ How to test the network speed/throughput between two Linux servers].
  
See [https://haydenjames.io/linux-networking-commands-scripts/ 59 Linux Networking commands and scripts].
+
== net-tools vs iproute2 ==
 +
 
 +
The older 'net-tools' package has been replaced with 'iproute2' e.g. in [https://www.debian.org/releases/stretch/amd64/release-notes/ch-information.en.html#iproute2 stretch].
  
== Links ==
+
{|class="wikitable"
 +
! legacy net-tools commands
 +
! iproute2 replacement commands
 +
|-
 +
| arp      || ip n (ip neighbor)
 +
|-
 +
| ifconfig || ip a (ip addr), ip link, ip -s (ip -stats)
 +
|-
 +
| iptunnel || ip tunnel
 +
|-
 +
| iwconfig || iw
 +
|-
 +
| nameif  || ip link, ifrename
 +
|-
 +
| netstat  || ss, ip route (for netstat-r), ip -s link (for netstat -i), ip maddr (for netstat-g)
 +
|-
 +
| route    || ip r (ip route)
 +
|}
  
* [http://www.cyberciti.biz/faq/linux-unix-open-ports/ HowTo: UNIX / Linux Open TCP / UDP Ports]
+
== Restart networking ==
  
= IPTables =
+
For servers:
  
== Applying firewall rules ==
+
# service networking restart
  
For configuration info see [http://articles.slicehost.com/2008/4/25/ubuntu-hardy-setup-page-1 this article].
+
For desktops:
  
$ sudo vim /etc/iptables.test.rules
+
  # service network-manager restart
$ sudo /sbin/iptables -F
 
$ sudo /sbin/iptables-restore < /etc/iptables.test.rules
 
$ sudo iptables -L
 
$ sudo -s
 
  # iptables-save > /etc/iptables.up.rules
 
# exit
 
  
= ufw =
+
== Pinging with particular packet size ==
  
== Denying hosts with ufw ==
+
$ ping -M do -s <packet size in bytes> <host>
  
See [[Admin_reference#Denying_hosts_with_UFW|denying hosts with ufw]].
+
E.g.
  
= Bind9 =
+
$ ping -M do -s 1400 charity.progclub.org
  
== Viewing Bind9 querylog ==
+
== Setting [http://en.wikipedia.org/wiki/Maximum_segment_size MSS] for a particular IP address on a particular interface ==
  
  $ sudo rndc querylog
+
  # ip route add <host> dev <interface> advmss <packet size>
$ tail -f /var/log/syslog
 
  
= IPSec =
+
E.g.
  
== Disabling IPSec ==
+
# ip route add 10.0.0.1 dev eth0 advmss 1400
  
# setkey -FP
+
== Dropping configured MMS for a particular IP address ==
  
= OpenSSL =
+
# ip route flush <host>
  
== Debugging IMAPS with OpenSSL ==
+
E.g.
  
  # openssl s_client -connect localhost:993
+
  # ip route flush 10.0.0.1
> a1 LOGIN username@host password
 
> a2 LOGOUT
 
  
== Debugging HTTPS with OpenSSL ==
+
== Listing open ports and socket information ==
  
$ openssl s_client -connect www.example.com:443
+
Including which process is listening on which port.
GET /example.html HTTP/1.1
 
host: www.example.com
 
  
== Links ==
+
# netstat -tulpn
  
* [http://www.madboa.com/geek/openssl/ OpenSSL Command-Line HOWTO]
+
Or use the 'ss' command:
  
= Pluggable Authentication Modules (PAM) =
+
# ss -s
 +
# ss -l
 +
# ss -pl
 +
# ss -o state established '( dport = :smtp or sport = :smtp )'
  
== Links ==
+
== Listing open IPv4 connections ==
  
* [http://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-pam.html 42.4. Pluggable Authentication Modules (PAM)]
+
# lsof -Pnl +M -i4
  
= SSH =
+
You might need to install the lsof package:
  
== Configuring SSH key login ==
+
# apt-get install lsof
  
On the client machine generate a key-pair (if necessary, check for existing ~/.ssh/id_rsa.pub):
+
== Query for DNS MX record ==
  
  $ ssh-keygen -t rsa
+
  $ nslookup
 +
> server 127.0.0.1
 +
> set q=mx
 +
> mail.blackbrick.com
  
Copy the public key from the client to the server:
+
== Query for DNS SOA record ==
  
  $ scp ~/.ssh/id_rsa.pub user@example.org:
+
  $ dig @ns2.staticmagic.net -t SOA staticmagic.net
  
Configure the authorized keys on the server:
+
== Using nmap to list open ports on remote host ==
 +
 
 +
To check the 1,000 most common ports:
  
  $ ssh user@example.org
+
  # nmap server.example.com
$ mkdir ~/.ssh
 
$ chmod go-w .ssh
 
$ cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
 
$ chmod 600 ~/.ssh/authorized_keys
 
$ rm ~/id_rsa.pub
 
  
== Tunneling over SSH ==
+
Or for a specific port range (e.g. 101 to 102):
  
For example, connecting a remote MySQL server to the localhost:
+
# nmap -p 101-102 server.example.com
  
$ ssh -L 3306:localhost:3306 jselliot@ssh.progsoc.org
+
Or for all ports (1 to 65,535):
  
If the machine you want to connect to is not the localhost of the machine you're ssh'ing to,
+
# nmap -p- server.example.com
  
  $ ssh -L 3306:muspell.progsoc.uts.edu.au:3306 ssh.progsoc.uts.edu.au
+
== Network monitoring ==
  
The -L stanza is localport:remotehost:remoteport where localport is a
+
See [http://www.binarytides.com/linux-commands-monitor-network/ here] for details. Basically:
port on your machine, forwarded to remoteport on remotehost.
 
  
== Tunneling over SSH with PuTTY ==
+
# Overall bandwidth: nload, bmon, slurm, bwm-ng, cbm, speedometer, netload
 +
# Overall bandwidth (batch style output): vnstat, ifstat, dstat, collectl
 +
# Bandwidth per socket connection: iftop, iptraf, tcptrack, pktstat, netwatch, trafshow
 +
# Bandwidth per process: nethogs
  
See [http://www.anchor.com.au/hosting/support/MySQL/Connecting_to_mysql_remotely Connecting to the MySQL database remotely (via an SSH Tunnel)]
+
== nload ==
  
* run putty.exe
+
You can watch network traffic in real-time with nload:
* Connection -> SSH -> Tunnels
 
** Port forwarding: source port to 3306
 
** destination: 127.0.0.1:3306
 
** check Local
 
** click Add
 
  
== Enabling verbose SSH logging ==
+
# nload -u M
  
To see what's going on with your ssh connections,
+
== Reporting network (NIC) speed ==
  
$ ssh -v user@host
+
From [https://askubuntu.com/questions/431911/how-can-i-verify-the-speed-of-my-nic-in-ubuntu#431912 here]:
  
Or
+
# dmesg | grep eth0
 +
# mii-tool -v eth0
 +
# ethtool eth0
  
$ ssh -vv user@host
+
Note: use ifconfig to get device name.
  
== Unlocking SSH key for session ==
+
== Path MTU discovery ==
  
jj5@orac:~/.config/autostart$ cat ssh-add.desktop
+
To do a [https://en.wikipedia.org/wiki/Path_MTU_Discovery Path MTU Discovery], from the iputils-tracepath package:
[Desktop Entry]
 
Type=Application
 
Name=ssh-add
 
Comment=Adds my private key to my session.
 
Exec=/usr/bin/konsole -e 'ssh-add /home/$USER/.ssh/id_rsa'
 
  
== Links ==
+
# tracepath host.example.com
  
* [http://blogs.perl.org/users/smylers/2011/08/ssh-productivity-tips.html SSH Can Do That? Productivity Tips for Working with Remote Servers]
+
== Listing available Ethernet devices ==
* [http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html PuTTY Download Page]
 
  
= Standard IO =
+
To see a list of NICs available on the host:
  
== cat EOF ==
+
$ cat /proc/net/dev
  
$ cat > output <<EOF
+
Also
> text
 
> EOF
 
  
  $ cat output
+
  $ ip link
text
 
  
= Script =
+
== 59 Linux Networking commands and scripts ==
  
== Creating a session log with script ==
+
See [https://haydenjames.io/linux-networking-commands-scripts/ 59 Linux Networking commands and scripts].
  
$ script -t 2> timing
+
== Links ==
  
The session log is in the file 'typescript' and the timing data is in 'timing'.
+
* [http://www.cyberciti.biz/faq/linux-unix-open-ports/ HowTo: UNIX / Linux Open TCP / UDP Ports]
  
== Replaying a scripted session ==
+
= IPTables =
  
$ scriptreplay timing
+
== Applying firewall rules ==
  
Uses the default file 'typescript' and the 'timing' file as specified.
+
For configuration info see [http://articles.slicehost.com/2008/4/25/ubuntu-hardy-setup-page-1 this article].
  
= Screen =
+
$ sudo vim /etc/iptables.test.rules
 +
$ sudo /sbin/iptables -F
 +
$ sudo /sbin/iptables-restore < /etc/iptables.test.rules
 +
$ sudo iptables -L
 +
$ sudo -s
 +
# iptables-save > /etc/iptables.up.rules
 +
# exit
  
== Creating a new screen or reconnecting to a detached screen ==
+
== Blocking an IP address with iptables ==
  
$ screen -R
+
To drop IP address 1.2.3.4:
  
== Detaching a screen ==
+
# iptables -A INPUT -s 1.2.3.4 -j DROP
  
$ screen -D
+
= ufw =
  
== Reconnecting to screen ==
+
== Denying hosts with ufw ==
  
$ screen -D
+
See [[Admin_reference#Denying_hosts_with_UFW|denying hosts with ufw]].
$ screen -R
 
  
I have a script in ~/bin/reconnect like so,
+
= Bind9 =
  
#!/bin/bash
+
== Viewing Bind9 querylog ==
screen -D
 
screen -R
 
  
This will detach your last screen, and reconnect it on the current terminal.
+
$ sudo rndc querylog
 +
$ tail -f /var/log/syslog
  
== Scrolling in screen ==
+
= IPSec =
  
See [https://www.saltycrane.com/blog/2008/01/how-to-scroll-in-gnu-screen/ How to scroll in GNU Screen]. Basically press Ctrl+A ESC then use Page Up and Page Down. Press ESC again to exit copy mode. As usual you can use Ctrl+[ in place of ESC.
+
== Disabling IPSec ==
  
= tmux =
+
# setkey -FP
  
== Live collaboration with tmux ==
+
= OpenSSL =
  
User A:
+
== Debugging IMAPS with OpenSSL ==
  
  tmux -S /tmp/collab
+
  # openssl s_client -connect localhost:993
  chmod 777 /tmp/collab
+
  > a1 LOGIN username@host password
 +
> a2 LOGOUT
  
User B:
+
== Debugging HTTPS with OpenSSL ==
  
  tmux -S /tmp/collab attach
+
  $ openssl s_client -connect www.example.com:443
 +
GET /example.html HTTP/1.1
 +
host: www.example.com
  
= Vim =
+
== Links ==
  
== First, why Vim? ==
+
* [http://www.madboa.com/geek/openssl/ OpenSSL Command-Line HOWTO]
  
Read [http://www.viemu.com/a-why-vi-vim.html Why, oh WHY, do those #?@! nutheads use vi?]
+
= Pluggable Authentication Modules (PAM) =
  
== Visual modes ==
+
== Links ==
  
Use 'v' for visual mode, 'V' for visual line mode and Ctrl+V for visual block mode.
+
* [http://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-pam.html 42.4. Pluggable Authentication Modules (PAM)]
  
== Configuring spaces instead of tabs ==
+
= SSH =
  
I use two spaces instead of tabs. To configure, edit your .vimrc file:
+
== Configuring SSH key login ==
  
$ vim ~/.vimrc
+
On the client machine generate a key-pair (if necessary, check for existing ~/.ssh/id_rsa.pub):
  
and include the following lines:
+
$ ssh-keygen -t rsa
  
set tabstop=2
+
Copy the public key from the client to the server:
set shiftwidth=2
 
set expandtab
 
  
== Configuring syntax highlighting ==
+
$ scp ~/.ssh/id_rsa.pub user@example.org:
  
See [http://www.cyberciti.biz/faq/turn-on-or-off-color-syntax-highlighting-in-vi-or-vim/ here].
+
Configure the authorized keys on the server:
  
Use:
+
$ ssh user@example.org
 +
$ mkdir ~/.ssh
 +
$ chmod go-w .ssh
 +
$ cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
 +
$ chmod 600 ~/.ssh/authorized_keys
 +
$ rm ~/id_rsa.pub
  
:syntax on
+
== Tunneling over SSH ==
  
to turn on syntax highlighting.
+
For example, connecting a remote MySQL server to the localhost:
  
Use:
+
$ ssh -L 3306:localhost:3306 jselliot@ssh.progsoc.org
  
:syntax off
+
If the machine you want to connect to is not the localhost of the machine you're ssh'ing to,
  
to turn off syntax highlighting.
+
  $ ssh -L 3306:muspell.progsoc.uts.edu.au:3306 ssh.progsoc.uts.edu.au
  
To always use syntax highlighting:
+
The -L stanza is localport:remotehost:remoteport where localport is a
 +
port on your machine, forwarded to remoteport on remotehost.
  
$ vim ~/.vimrc
+
== Tunneling over SSH with PuTTY ==
  
and add:
+
See [http://www.anchor.com.au/hosting/support/MySQL/Connecting_to_mysql_remotely Connecting to the MySQL database remotely (via an SSH Tunnel)]
  
syntax on
+
* run putty.exe
 +
* Connection -> SSH -> Tunnels
 +
** Port forwarding: source port to 3306
 +
** destination: 127.0.0.1:3306
 +
** check Local
 +
** click Add
  
To get a list of supported colour schemes open vim and type:
+
== Enabling verbose SSH logging ==
  
:colorscheme[space][Ctrl+D]
+
To see what's going on with your ssh connections,
  
To always use a particular colorscheme edit ~/.vimrc and add (for example):
+
$ ssh -v user@host
  
colorscheme desert
+
Or
  
== Inserting a TAB character when expandtab is on ==
+
$ ssh -vv user@host
  
The problem here is that you have configured vim to insert spaces, but for a particular file (e.g. a Makefile) you need to insert a character.
+
== Unlocking SSH key for session ==
  
Press Ctrl+V TAB to insert a literal tab character.
+
jj5@orac:~/.config/autostart$ cat ssh-add.desktop
 +
[Desktop Entry]
 +
Type=Application
 +
Name=ssh-add
 +
Comment=Adds my private key to my session.
 +
Exec=/usr/bin/konsole -e 'ssh-add /home/$USER/.ssh/id_rsa'
  
Or you can disable tab expansion altogether with:
+
== Links ==
  
:set expandtab!
+
* [http://blogs.perl.org/users/smylers/2011/08/ssh-productivity-tips.html SSH Can Do That? Productivity Tips for Working with Remote Servers]
 +
* [http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html PuTTY Download Page]
  
== Changing 2 space indent to 4 space indent (e.g. for python files) ==
+
= Standard IO =
  
:%s/^\s*/&&/g
+
== cat EOF ==
  
For more information [https://www.progclub.org/blog/2013/08/10/vim-reformat-a-python-file-to-have-4-space-indentations/ see here].
+
$ cat > output <<EOF
 +
> text
 +
> EOF
  
== Recording and replaying a macro ==
+
$ cat output
 +
text
  
To record a macro press 'q' and then a number between 1 and 9. E.g. press "q1". The macro is now recording. When you've finished issuing your commands press 'q' again to finish recording. To replay a macro press '@' followed by the number of the macro. That is, if you pressed "q1" to record the macro, press "@1" to replay the macro. To replay the last macro again press "@@".
+
= Script =
  
== Deleting to end of line ==
+
== Creating a session log with script ==
  
  d$
+
  $ script -t 2> timing
  
== Deleting to beginning of line ==
+
The session log is in the file 'typescript' and the timing data is in 'timing'.
  
d^
+
== Replaying a scripted session ==
  
== Finding text ==
+
$ scriptreplay timing
  
To search forward for "text":
+
Uses the default file 'typescript' and the 'timing' file as specified.
  
/text
+
= Screen =
  
To search backward for "text":
+
== Creating a new screen or reconnecting to a detached screen ==
  
  ?text
+
  $ screen -R
  
To repeat the last search in a forward direction press 'n', or to search again backwards press 'N'.
+
== Detaching a screen ==
  
== Finding and replacing text ==
+
$ screen -D
  
To replace the first instance of "search" on the current line with "destroy":
+
== Reconnecting to screen ==
  
  :s/search/destroy/
+
  $ screen -D
 +
$ screen -R
  
To replace all instances of "search" on the current line with "destroy":
+
I have a script in ~/bin/reconnect like so,
  
  :s/search/destroy/g
+
  #!/bin/bash
 +
screen -D
 +
screen -R
  
To replace all instances of "search" on lines 13 to 37 with "destroy":
+
This will detach your last screen, and reconnect it on the current terminal.
  
:13,37 s/search/destroy/g
+
== Scrolling in screen ==
  
To replace all instances of "search" in the entire file with "destroy":
+
See [https://www.saltycrane.com/blog/2008/01/how-to-scroll-in-gnu-screen/ How to scroll in GNU Screen]. Basically press Ctrl+A ESC then use Page Up and Page Down. Press ESC again to exit copy mode. As usual you can use Ctrl+[ in place of ESC.
  
:%s/search/destroy/g
+
= tmux =
  
== Changing DOS/Windows line-endings (CRLF) to Unix line-endings ==
+
== Live collaboration with tmux ==
  
To set the line-ending to Unix line endings run the command:
+
User A:
  
  :setlocal ff=unix
+
  tmux -S /tmp/collab
 +
chmod 777 /tmp/collab
  
More information on managing file formats [http://vim.wikia.com/wiki/File_format available here].
+
User B:
  
== Disabling auto-indent etc. to paste from clipboard ==
+
tmux -S /tmp/collab attach
  
To disable smart indenting when you're going to paste in text:
+
= Vim =
  
:set paste
+
== First, why Vim? ==
  
To turn it off again:
+
Read [http://www.viemu.com/a-why-vi-vim.html Why, oh WHY, do those #?@! nutheads use vi?]
  
:set nopaste
+
== Visual modes ==
  
There's more info in this article: [http://vim.wikia.com/wiki/Toggle_auto-indenting_for_code_paste Toggle auto-indenting for code paste]
+
Use 'v' for visual mode, 'V' for visual line mode and Ctrl+V for visual block mode.
  
== Positioning windows ==
+
== Configuring spaces instead of tabs ==
  
Use -o for horizontal split, e.g.:
+
I use two spaces instead of tabs. To configure, edit your .vimrc file:
  
  vim -o a.txt b.txt
+
  $ vim ~/.vimrc
  
Use -O for vertical split, e.g.:
+
and include the following lines:
  
  vim -o a.txt b.txt
+
  set tabstop=2
 +
set shiftwidth=2
 +
set expandtab
  
Use ^W to navigate windows then use directional keys h, j, k, l, etc.
+
== Configuring syntax highlighting ==
  
Use ^W and &lt; or &gt; to resize windows.
+
See [http://www.cyberciti.biz/faq/turn-on-or-off-color-syntax-highlighting-in-vi-or-vim/ here].
  
== To indent a block of text in Vim ==
+
Use:
  
Use the > command. E.g. to indent five lines:
+
:syntax on
  
5 > >
+
to turn on syntax highlighting.
  
Press . (dot) to keep indenting.
+
Use:
  
Or inside a block (e.g. curly brace, HTML/XML element, etc.) you can put your cursor in the element on on the curly brace and then:
+
:syntax off
  
> %
+
to turn off syntax highlighting.
  
See [http://stackoverflow.com/questions/235839/indent-multiple-lines-quickly-in-vi#235841 here] for more.
+
To always use syntax highlighting:
  
== Open a file in a new window/tab ==
+
$ vim ~/.vimrc
  
To open a file on the left hand side:
+
and add:
  
  :vert new filename.ext
+
  syntax on
  
Note: ':vnew filename.ext' and ':vsp filename.ext' also work.
+
To get a list of supported colour schemes open vim and type:
  
To open a file at the top:
+
:colorscheme[space][Ctrl+D]
  
:new filename.ext
+
To always use a particular colorscheme edit ~/.vimrc and add (for example):
  
See [http://stackoverflow.com/questions/10760310/how-to-open-a-new-file-in-vim-in-a-new-window#10762678 here] for more.
+
colorscheme desert
  
== Explore files in Vim ==
+
== Inserting a TAB character when expandtab is on ==
  
Enter:
+
The problem here is that you have configured vim to insert spaces, but for a particular file (e.g. a Makefile) you need to insert a character.
  
:Explore
+
Press Ctrl+V TAB to insert a literal tab character.
  
== Switch between Vim tabs ==
+
Or you can disable tab expansion altogether with:
  
Use gt and gT.
+
:set expandtab!
  
== Switch between Vim windows ==
+
== Changing 2 space indent to 4 space indent (e.g. for python files) ==
  
To toggle between open windows use:
+
:%s/^\s*/&&/g
  
Ctrl+W W
+
For more information [https://www.progclub.org/blog/2013/08/10/vim-reformat-a-python-file-to-have-4-space-indentations/ see here].
  
To move in a direction use:
+
== Recording and replaying a macro ==
  
Ctrl+W h/j/k/l
+
To record a macro press 'q' and then a number between 1 and 9. E.g. press "q1". The macro is now recording. When you've finished issuing your commands press 'q' again to finish recording. To replay a macro press '@' followed by the number of the macro. That is, if you pressed "q1" to record the macro, press "@1" to replay the macro. To replay the last macro again press "@@".
  
See [http://superuser.com/questions/280500/how-does-one-switch-between-windows-on-vim#280501 here] for more.
+
== Deleting to end of line ==
  
== Insert block comment in Vim ==
+
d$
  
See [https://stackoverflow.com/a/253391/868138 here] for line-commenting.
+
== Deleting to beginning of line ==
  
So it's:
+
d^
 +
 
 +
== Finding text ==
 +
 
 +
To search forward for "text":
  
# Ctrl+V (Note: not Shift+V!)
+
/text
# Up/Down to select rows
 
# Shift+I
 
# Enter your text, e.g. '#' or '//'
 
# Ctrl+[ (or 'Esc')
 
  
== Navigate to matching tag ==
+
To search backward for "text":
  
To navigate to the matching beginning or end tag use '%'.
+
?text
  
You can also use e.g. '[{' to match the previous '{', or e.g. '])' to match the next ')'.
+
To repeat the last search in a forward direction press 'n', or to search again backwards press 'N'.
  
== Auto-format HTML tags ==
+
== Finding and replacing text ==
  
Stolen from [https://www.quora.com/How-do-you-auto-format-HTML-in-Vim here].
+
To replace the first instance of "search" on the current line with "destroy":
  
# first join all the lines - ggVGgJ
+
:s/search/destroy/
# Now break tags to new lines - :%s/>\s*</>\r</g
 
# Now set filetype - :set ft=html (you can do this before too)
 
# Now Indent - ggVG=
 
  
== Links ==
+
To replace all instances of "search" on the current line with "destroy":
  
* [http://www.vim.org/ Vim: the editor]
+
:s/search/destroy/g
* [http://yannesposito.com/Scratch/en/blog/Learn-Vim-Progressively/ Learn Vim Progressively]
 
* [http://michael.peopleofhonoronly.com/vim/ Vim cheat sheet for programmers]
 
* [http://stackoverflow.com/questions/4781070/how-to-insert-tab-character-when-expandtab-option-is-on-in-vim How to insert Tab character when expandtab option is ON in VIM]
 
* [https://www.linux.com/learn/tutorials/8255-vim-tips-the-basics-of-search-and-replace Vim tips: the basics of search and replace]
 
* [http://vim.wikia.com/wiki/File_format File format]
 
* [http://www.viemu.com/a_vi_vim_graphical_cheat_sheet_tutorial.html Graphical vi-vim Cheat Sheet and Tutorial]
 
* [http://www.angelwatt.com/coding/notes/vim-commands.html Vim Commands Cheat Sheet]
 
  
== Create PDF from text using Vim ==
+
To replace all instances of "search" on lines 13 to 37 with "destroy":
  
Generate PDF from input.txt with:
+
:13,37 s/search/destroy/g
  
$ vim input.txt -c "hardcopy > doc.ps | q" && ps2pdf doc.ps
+
To replace all instances of "search" in the entire file with "destroy":
  
Examine output with:
+
:%s/search/destroy/g
  
$ okular doc.pdf
+
== Changing DOS/Windows line-endings (CRLF) to Unix line-endings ==
  
= Write =
+
To set the line-ending to Unix line endings run the command:
  
== Talking to other users on the system ==
+
:setlocal ff=unix
  
'''write''' is a unix command for talking to other users on the system. To use '''write''':
+
More information on managing file formats [http://vim.wikia.com/wiki/File_format available here].
  
1. SSH to <username>@<hostname> and login with your username and password.
+
== Disabling auto-indent etc. to paste from clipboard ==
  
2. Issue the following command to find out who is logged onto the system:
+
To disable smart indenting when you're going to paste in text:
  
  $ who
+
  :set paste
  
3. Issue the following command to talk to a specific user:
+
To turn it off again:
  
  $ write <username>
+
  :set nopaste
  
4. Enter the message you'd like to send the user, followed by Ctrl+C to send. Press Ctrl+D to cancel.
+
There's more info in this article: [http://vim.wikia.com/wiki/Toggle_auto-indenting_for_code_paste Toggle auto-indenting for code paste]
  
= Date =
+
== Positioning windows ==
  
== Reporting the time on the server ==
+
Use -o for horizontal split, e.g.:
  
  $ date
+
  vim -o a.txt b.txt
  
== Reporting UTC time ==
+
Use -O for vertical split, e.g.:
  
  $ date --utc
+
  vim -o a.txt b.txt
  
== Getting the date in yyyy-MM-dd-hhmmss format ==
+
Use ^W to navigate windows then use directional keys h, j, k, l, etc.
  
$ date="`date +%F-%H%M%S`"
+
Use ^W and &lt; or &gt; to resize windows.
  
== Getting the year in four digits ==
+
== To indent a block of text in Vim ==
  
$ year="`date +%Y`"
+
Use the > command. E.g. to indent five lines:
  
== Getting the month in two digits ==
+
5 > >
  
$ month="`date +%m`"
+
Press . (dot) to keep indenting.
  
== Getting the day of the month in two digits ==
+
Or inside a block (e.g. curly brace, HTML/XML element, etc.) you can put your cursor in the element on on the curly brace and then:
  
  $ day="`date +%d`"
+
  > %
  
== Getting yesterday's date ==
+
See [http://stackoverflow.com/questions/235839/indent-multiple-lines-quickly-in-vi#235841 here] for more.
  
$ date --date='1 day ago' +%Y-%m-%d
+
== Open a file in a new window/tab ==
  
== Converting Unix time (seconds since epoch) ==
+
To open a file on the left hand side:
  
For timestamp '1501370200':
+
:vert new filename.ext
  
$ date -d @1501370200 +%F-%H%M%S
+
Note: ':vnew filename.ext' and ':vsp filename.ext' also work.
  
== Running timedatectl from systemd ==
+
To open a file at the top:
  
There's a new command bundled with systmed:
+
:new filename.ext
  
# timedatectl
+
See [http://stackoverflow.com/questions/10760310/how-to-open-a-new-file-in-vim-in-a-new-window#10762678 here] for more.
  
It reports on (and controls) how the system time is configured.
+
== Explore files in Vim ==
  
= MySQL =
+
Enter:
  
== Run mysql without authentication/authorisation ==
+
:Explore
  
# service mysql stop
+
== Switch between Vim tabs ==
# mysqld_safe --skip-grant-tables &
 
  
Then you can connect without a password, e.g.:
+
Use gt and gT.
  
# mysql -u root mysql
+
== Switch between Vim windows ==
  
To stop the unauthenticated service:
+
To toggle between open windows use:
  
  # mysqladmin shutdown
+
  Ctrl+W W
  
Then restart a normal service:
+
To move in a direction use:
  
  # service mysql start
+
  Ctrl+W h/j/k/l
  
== Logging all database queries ==
+
See [http://superuser.com/questions/280500/how-does-one-switch-between-windows-on-vim#280501 here] for more.
  
# vim /etc/mysql/my.cnf
+
== Insert block comment in Vim ==
  
In the [mysqld] section add:
+
See [https://stackoverflow.com/a/253391/868138 here] for line-commenting.
  
log=/tmp/mysql.log
+
So it's:
  
Then:
+
# Ctrl+V (Note: not Shift+V!)
 +
# Up/Down to select rows
 +
# Shift+I
 +
# Enter your text, e.g. '#' or '//'
 +
# Ctrl+[ (or 'Esc')
  
# service mysql restart
+
== Navigate to matching tag ==
  
Watch the log with:
+
To navigate to the matching beginning or end tag use '%'.
  
# tail -f /tmp/mysql.log
+
You can also use e.g. '[{' to match the previous '{', or e.g. '])' to match the next ')'.
  
== Dumping a MySQL database ==
+
== Auto-format HTML tags ==
  
You can dump the database into a file using:  
+
Stolen from [https://www.quora.com/How-do-you-auto-format-HTML-in-Vim here].
 
$ mysqldump -h hostname -u user --password=password databasename > filename
 
  
== Loading a MySQL database from a dump file ==
+
# first join all the lines - ggVGgJ
 +
# Now break tags to new lines - :%s/>\s*</>\r</g
 +
# Now set filetype - :set ft=html (you can do this before too)
 +
# Now Indent - ggVG=
  
You can create a database using:
+
== Links ==
  
$ echo create database databasename | mysql -h hostname -u user -p
+
* [http://www.vim.org/ Vim: the editor]
 
+
* [http://yannesposito.com/Scratch/en/blog/Learn-Vim-Progressively/ Learn Vim Progressively]
You can restore a database using:
+
* [http://michael.peopleofhonoronly.com/vim/ Vim cheat sheet for programmers]
+
* [http://stackoverflow.com/questions/4781070/how-to-insert-tab-character-when-expandtab-option-is-on-in-vim How to insert Tab character when expandtab option is ON in VIM]
$ mysql -h hostname -u user --password=password databasename < filename
+
* [https://www.linux.com/learn/tutorials/8255-vim-tips-the-basics-of-search-and-replace Vim tips: the basics of search and replace]
 +
* [http://vim.wikia.com/wiki/File_format File format]
 +
* [http://www.viemu.com/a_vi_vim_graphical_cheat_sheet_tutorial.html Graphical vi-vim Cheat Sheet and Tutorial]
 +
* [http://www.angelwatt.com/coding/notes/vim-commands.html Vim Commands Cheat Sheet]
  
== Creating a MySQL user ==
+
== Create PDF from text using Vim ==
  
# mysql -h localhost -u root --password=<password>
+
Generate PDF from input.txt with:
mysql> create user 'username'@'localhost' identified by '<password>';
 
  
== Granting all MySQL user permissions ==
+
$ vim input.txt -c "hardcopy > doc.ps | q" && ps2pdf doc.ps
  
# mysql -h localhost -u root --password=<password>
+
Examine output with:
mysql> grant all privileges on dbname.* to user@host;
 
  
== Select domain name from email address ==
+
$ okular doc.pdf
  
SELECT SUBSTR( email, INSTR( email, '@' ) + 1 )
+
= Write =
  
== Check if MySQL connection is encrypted with TLS/SSL ==
+
== Talking to other users on the system ==
  
Check the SSL version in use:
+
'''write''' is a unix command for talking to other users on the system. To use '''write''':
  
show status like 'Ssl_version';
+
1. SSH to <username>@<hostname> and login with your username and password.
  
Or check the cipher in use:
+
2. Issue the following command to find out who is logged onto the system:
  
  show status like 'Ssl_cipher';
+
  $ who
  
= Apache =
+
3. Issue the following command to talk to a specific user:
  
== Reporting loaded Apache modules ==
+
$ write <username>
  
# apache2ctl -M
+
4. Enter the message you'd like to send the user, followed by Ctrl+C to send. Press Ctrl+D to cancel.
  
== Maintaining .htaccess passwords ==
+
= Date =
  
To add or modify the password for a user:
+
== Reporting the time on the server ==
  
  $ htpasswd /etc/apache2/passwd username
+
  $ date
  
== Configuring PHP session timeout in .htaccess ==
+
== Reporting UTC time ==
  
For a session timeout of 9 hours:
+
$ date --utc
  
php_value session.cookie_lifetime 32400
+
== Getting the date in yyyy-MM-dd-hhmmss format ==
php_value session.gc_maxlifetime 32400
 
  
== Disabling PHP magic quotes in .htaccess ==
+
$ date="`date +%F-%H%M%S`"
  
php_flag magic_quotes_gpc Off
+
== Getting the year in four digits ==
  
== Requiring HTTP Auth in .htaccess ==
+
$ year="`date +%Y`"
  
AuthType Basic
+
== Getting the month in two digits ==
AuthName "Speak Friend And Enter"
 
AuthUserFile /home/jj5/.htpasswd
 
Require valid-user
 
  
== Restarting Apache ==
+
$ month="`date +%m`"
  
The hard way
+
== Getting the day of the month in two digits ==
  
  $ sudo /etc/init.d/apache2 restart
+
  $ day="`date +%d`"
  
The graceful way (avoids dropping active connections)
+
== Getting yesterday's date ==
  
  $ sudo apache2ctl graceful
+
  $ date --date='1 day ago' +%Y-%m-%d
  
== Allowing directory browsing ==
+
== Converting Unix time (seconds since epoch) ==
  
To show directory index pages, in the apache config file:
+
For timestamp '1501370200':
  
  <Directory /var/www/data>
+
  $ date -d @1501370200 +%F-%H%M%S
  Options Indexes
 
</Directory>
 
  
= C =
+
== Running timedatectl from systemd ==
  
== Locating memset function ==
+
There's a new command bundled with systmed:
  
The memset function is in &lt;string.h> as described in this article [http://www.java-samples.com/showtutorial.php?tutorialid=591 Using memset(), memcpy(), and memmove() in C]
+
# timedatectl
  
== Links ==
+
It reports on (and controls) how the system time is configured.
  
* [http://www.ibm.com/developerworks/linux/library/l-memory/ Inside memory management]
+
= MySQL (and MariaDB) =
  
= PHP =
+
== Run mysql without authentication/authorisation ==
  
== Including a file relative to the including file ==
+
# service mysql stop
 +
# mysqld_safe --skip-grant-tables &
  
require_once( dirname( __FILE__ ) . '/relative/path/to.php' );
+
Then you can connect without a password, e.g.:
  
== Enabling error reporting ==
+
# mysql -u root mysql
  
error_reporting( E_ALL | E_STRICT );
+
To stop the unauthenticated service:
ini_set( 'display_errors', 'On' );
 
  
== Setting an error handler ==
+
# mysqladmin shutdown
  
set_error_handler( "error_handler", E_ALL | E_STRICT );
+
Then restart a normal service:
  
  function error_handler( $error_code, $error_message, $error_file, $error_line, $error_context ) {
+
  # service mysql start
  // ...
 
}
 
  
== Disable HTML content in var_dump ==
+
== Logging all database queries ==
  
  ini_set( 'html_errors', 'off' );
+
  # vim /etc/mysql/my.cnf
  
== Report PHP modules ==
+
In the [mysqld] section add:
  
  $ php -m
+
  log=/tmp/mysql.log
  
== PHP Security Best Practices For Sys Admins ==
+
Then:
  
See [https://www.cyberciti.biz/tips/php-security-best-practices-tutorial.html Linux 25 PHP Security Best Practices For Sys Admins].
+
# service mysql restart
  
= BASH scripting =
+
Watch the log with:
  
For a primer on bash scripting see [http://www.progsoc.org/tfm/tfm03/node37.html TFM: Erotic Fantasy: /bin/sh Programming].
+
# tail -f /tmp/mysql.log
  
== Telling a script to run in bash ==
+
Or:
  
The first line of the file should be:
+
SET GLOBAL log_output = 'FILE';
 +
SET GLOBAL general_log_file = 'my_logs.txt';
 +
SET GLOBAL general_log = 'ON';
  
#!/bin/bash
+
my_logs.txt will be in /var/lib/mysql
  
== Checking if a command-line argument was passed in ==
+
== Dumping a MySQL database ==
  
  if [ -n "$1" ]; then
+
You can dump the database into a file using:
  echo "Missing parameter 1.";
+
   
  exit 1;
+
  $ mysqldump -h hostname -u user --password=password databasename > filename
  fi
 
  
== Checking if a command-line argument was not passed in ==
+
== Loading a MySQL database from a dump file ==
  
if [ "$1" = "" ]; then
+
You can create a database using:
  echo "Missing parameter 1.";
 
  exit 1;
 
fi
 
  
Or:
+
$ echo create database databasename | mysql -h hostname -u user -p
  
  if [ -z "$1" ]; then
+
You can restore a database using:
  echo "Missing parameter 1.";
+
   
  exit 1;
+
  $ mysql -h hostname -u user --password=password databasename < filename
  fi
 
  
== Checking command exit status ==
+
== Creating a MySQL user ==
  
  cd /my/path
+
  # mysql -h localhost -u root --password=<password>
  if [ "$?" -ne "0" ]; then
+
  mysql> create user 'username'@'localhost' identified by '<password>';
  echo "Cannot change dir.";
 
  exit 1;
 
fi
 
  
== Checking if a file does/doesn't exist ==
+
== Granting all MySQL user permissions ==
  
Check if file exists:
+
# mysql -h localhost -u root --password=<password>
 +
mysql> grant all privileges on dbname.* to user@host;
  
if [ -f "/my/file" ]; then
+
== Select domain name from email address ==
  cat /my/file
 
fi
 
  
Check if file doesn't exist:
+
SELECT SUBSTR( email, INSTR( email, '@' ) + 1 )
  
if [ ! -f "/my/file" ]; then
+
== Check if MySQL connection is encrypted with TLS/SSL ==
  touch /my/file
 
fi
 
  
== Checking if a directory does/doesn't exist ==
+
Check the SSL version in use:
  
Check if directory exists:
+
show status like 'Ssl_version';
  
if [ -d "/my/dir" ]; then
+
Or check the cipher in use:
  rmdir /my/dir
 
fi
 
  
Check if directory doesn't exist:
+
show status like 'Ssl_cipher';
  
if [ ! -d "/my/dir" ]; then
+
== Report on server config ==
  mkdir /my/dir
 
fi
 
  
== Deleting old backups ==
+
See [https://dev.mysql.com/doc/refman/5.7/en/show.html SHOW Statements] for the full list, but check out:
  
To keep only the latest five backups:
+
SHOW VARIABLES
  
find . -maxdepth 1 -type f -printf '%T@ %p\0' | sort -r -z -n | awk 'BEGIN { RS="\0"; ORS="\0"; FS="" } NR > 5 { sub("^[0-9]*(.[0-9]*)? ", ""); print }' | xargs -0 rm -f
+
and
  
This script stolen from [http://stackoverflow.com/questions/25785/delete-all-but-the-most-recent-x-files-in-bash stackoverflow].
+
SHOW STATUS
  
Requires GNU find for -printf, GNU sort for -z, GNU awk for "\0" and GNU xargs for -0, but handles files with embedded newlines or spaces.
+
and
  
== Changing into the script's directory ==
+
SHOW PROCESSLIST
  
cd "`dirname $0`"
+
== Monitor MySQL activity ==
  
== Getting the absolute path of a relative path ==
+
$ watch "mysql -t -e 'show processlist'"
  
readlink -f ./some/path
+
= Apache =
  
== Creating a temp directory ==
+
== Reporting loaded Apache modules ==
  
  dir=`mktemp -d` && cd $dir
+
  # apache2ctl -M
  
== Reading secret input from stdin ==
+
== Maintaining .htaccess passwords ==
  
You can read a secret, such as a password, like this:
+
To add or modify the password for a user:
  
  echo -n "Enter passphrase: "
+
  $ htpasswd /etc/apache2/passwd username
stty -echo
 
read passphrase;
 
stty echo
 
echo ""
 
  
After running the above the secret will be in the $passphrase environment variable.
+
== Configuring PHP session timeout in .htaccess ==
  
== String replacements in bash ==
+
For a session timeout of 9 hours:
  
See the [http://www.tldp.org/LDP/abs/html/string-manipulation.html string manipulation] doco. Basically, to replace first occurrence:
+
php_value session.cookie_lifetime 32400
 +
php_value session.gc_maxlifetime 32400
  
result=${var/find/replace}
+
== Disabling PHP magic quotes in .htaccess ==
  
To replace all occurrences:
+
php_flag magic_quotes_gpc Off
  
result=${var//find/replace}
+
== Requiring HTTP Auth in .htaccess ==
  
A practical example, get an ISO date and turn it into a path:
+
AuthType Basic
 +
AuthName "Speak Friend And Enter"
 +
AuthUserFile /home/jj5/.htpasswd
 +
Require valid-user
  
date="$(date +%Y-%m-%d)"
+
== Restarting Apache ==
  work_dir=${date//-//}
+
 
 +
The hard way
 +
 
 +
  $ sudo /etc/init.d/apache2 restart
 +
 
 +
The graceful way (avoids dropping active connections)
  
== Sending a HEREDOC to a file ==
+
$ sudo apache2ctl graceful
  
cat << EOF > /tmp/yourfilehere
+
== Allowing directory browsing ==
These contents will be written to the file.
 
        This line is indented.
 
EOF
 
  
== Bash case/switch statement ==
+
To show directory index pages, in the apache config file:
  
See [http://tldp.org/LDP/Bash-Beginners-Guide/html/sect_07_03.html using case statements], e.g.:
+
<Directory /var/www/data>
 +
  Options Indexes
 +
</Directory>
  
case $space in
+
= C =
[1-6]*)
+
 
  Message="All is quiet."
+
== Locating memset function ==
  ;;
 
[7-8]*)
 
  Message="Start thinking about cleaning out some stuff.  There's a partition that is $space % full."
 
  ;;
 
9[1-8])
 
  Message="Better hurry with that new disk...  One partition is $space % full."
 
  ;;
 
99)
 
  Message="I'm drowning here!  There's a partition at $space %!"
 
  ;;
 
*)
 
  Message="I seem to be running with an nonexistent amount of disk space..."
 
  ;;
 
esac
 
  
== Using dotglob shopt to match dot-files ==
+
The memset function is in &lt;string.h> as described in this article [http://www.java-samples.com/showtutorial.php?tutorialid=591 Using memset(), memcpy(), and memmove() in C]
  
To enable dot-file matching in globs, set the dotglob shell option:
+
== Links ==
  
$ shopt -s dotglob
+
* [http://www.ibm.com/developerworks/linux/library/l-memory/ Inside memory management]
  
== Stopping a script from running if it previously exited due to error ==
+
= PHP =
  
persistentDataDir=/var/lib/something
+
== Including a file relative to the including file ==
alarm() {
 
  touch $persistentDataDir/alarm
 
}
 
trap alarm ERR
 
[ -f $persistentDataDir/alarm ] && exit 1
 
  
== Make sure only one instance of a script is running at a time ==
+
require_once( dirname( __FILE__ ) . '/relative/path/to.php' );
  
ephemeralDataDir=/var/run/something
+
== Enabling error reporting ==
unlock() {
 
  rmdir $ephemeralDataDir/lock
 
}
 
mkdir $ephemeralDataDir/lock || exit 1;
 
trap unlock EXIT
 
  
== BASH programming advice ==
+
error_reporting( E_ALL | E_STRICT );
 +
ini_set( 'display_errors', 'On' );
  
See [https://blog.yossarian.net/2020/01/23/Anybody-can-write-good-bash-with-a-little-effort Anybody can write good bash (with a little effort)].
+
== Setting an error handler ==
  
== Run a command using arguments that come from an array ==
+
set_error_handler( "error_handler", E_ALL | E_STRICT );
  
See [https://unix.stackexchange.com/a/412647/356289 here]:
+
function error_handler( $error_code, $error_message, $error_file, $error_line, $error_context ) {
 +
  // ...
 +
}
  
#!/bin/bash
+
== Disable HTML content in var_dump ==
tabs=("first tab" "second tab")
 
args=()
 
for t in "${tabs[@]}" ; do
 
  args+=(-t "$t")
 
done
 
app "${args[@]}"
 
  
== Display a CSV in columnar or tabular format ==
+
ini_set( 'html_errors', 'off' );
  
$ column -t -s , data.csv
+
== Report PHP modules ==
  
= Sed =
+
$ php -m
  
== Find and replace with sed ==
+
== PHP Security Best Practices For Sys Admins ==
  
To update the current file use '-i'. E.g.:
+
See [https://www.cyberciti.biz/tips/php-security-best-practices-tutorial.html Linux 25 PHP Security Best Practices For Sys Admins].
  
sed -i 's/search-text/replace-text/' file
+
= BASH scripting =
  
= Awk =
+
For a primer on bash scripting see [http://www.progsoc.org/tfm/tfm03/node37.html TFM: Erotic Fantasy: /bin/sh Programming].
  
== Listing IP addresses in an Apache web log ==
+
== Telling a script to run in bash ==
  
awk '/GET \/path\/for\/url/ { print $1 }' /var/log/apache2/access.log | sort | uniq
+
The first line of the file should be:
  
== Printing space-separated field ==
+
#!/bin/bash
  
echo 'no no yes no' | awk '{print $3}'
+
== Checking if a command-line argument was passed in ==
  
== Printing delimited field ==
+
if [ -n "$1" ]; then
 +
  echo "Missing parameter 1.";
 +
  exit 1;
 +
fi
  
echo 'no:no:yes:no' | awk -F ':' '{print $3}'
+
== Checking if a command-line argument was not passed in ==
  
= Subversion =
+
if [ "$1" = "" ]; then
 +
  echo "Missing parameter 1.";
 +
  exit 1;
 +
fi
  
== Setting svn:externals from the command-line ==
+
Or:
  
See [http://beerpla.net/2009/06/20/how-to-properly-set-svn-svnexternals-property-in-svn-command-line/ here].
+
if [ -z "$1" ]; then
 +
  echo "Missing parameter 1.";
 +
  exit 1;
 +
fi
  
To set an svn:externals from the command-line:
+
== Checking command exit status ==
  
  svn propset svn:externals 'rdfind-php https://www.progclub.org/svn/pcrepo/rdfind.php/branches/0.1' .
+
  cd /my/path
  svn ci -m 'Adding svn:externals for rdfind-php...'
+
  if [ "$?" -ne "0" ]; then
  svn up
+
  echo "Cannot change dir.";
 +
  exit 1;
 +
  fi
  
Or to use a file:
+
== Checking if a file does/doesn't exist ==
  
svn propset svn:externals -F svn.externals .
+
Check if file exists:
  
== Setting svn:ignore from the command line ==
+
if [ -f "/my/file" ]; then
 +
  cat /my/file
 +
fi
  
See [http://tedone.typepad.com/blog/2010/03/setting-svnignore-from-the-command-line.html here].
+
Check if file doesn't exist:
  
  $ svn propset svn:ignore [file|folder] [path]
+
  if [ ! -f "/my/file" ]; then
 +
  touch /my/file
 +
fi
  
Or use a file and apply recursively:
+
== Checking if a directory does/doesn't exist ==
  
$ svn propset svn:ignore -RF ./svn-ignore-list.txt .
+
Check if directory exists:
  
= Git =
+
if [ -d "/my/dir" ]; then
 +
  rmdir /my/dir
 +
fi
  
== Showing status of working copy ==
+
Check if directory doesn't exist:
  
  git status
+
  if [ ! -d "/my/dir" ]; then
 +
  mkdir /my/dir
 +
fi
  
== Showing repo history ==
+
== Deleting old backups ==
  
git log
+
To keep only the latest five backups:
  
== Showing remote repositories (including 'origin') ==
+
find . -maxdepth 1 -type f -printf '%T@ %p\0' | sort -r -z -n | awk 'BEGIN { RS="\0"; ORS="\0"; FS="" } NR > 5 { sub("^[0-9]*(.[0-9]*)? ", ""); print }' | xargs -0 rm -f
  
git remote -v
+
This script stolen from [http://stackoverflow.com/questions/25785/delete-all-but-the-most-recent-x-files-in-bash stackoverflow].
  
== Handy git aliases ==
+
Requires GNU find for -printf, GNU sort for -z, GNU awk for "\0" and GNU xargs for -0, but handles files with embedded newlines or spaces.
  
Save these to your ~/.gitconfig file.
+
== Changing into the script's directory ==
  
For a nicer view of history than standard 'git log' -- colourful, one-line-per commit, etc:
+
cd "`dirname $0`"
  
  graph = !git log --all --graph --color --abbrev-commit --pretty=oneline
+
== Getting the absolute path of a relative path ==
  
To show only the files that have changed, rather than the full line-by-line content:
+
readlink -f ./some/path
  
  dif  = !git diff --name-status
+
== Creating a temp directory ==
  
== Show git remote URL ==
+
dir=`mktemp -d` && cd $dir
  
git config --get remote.origin.url
+
== Reading secret input from stdin ==
  
= IRC =
+
You can read a secret, such as a password, like this:
  
== Instructing ChanServ to op an admin ==
+
echo -n "Enter passphrase: "
 
+
stty -echo
  /msg ChanServ op #channel user
+
read passphrase;
 +
stty echo
 +
  echo ""
  
E.g.
+
After running the above the secret will be in the $passphrase environment variable.
  
/msg ChanServ op #gnurc jj5
+
== String replacements in bash ==
  
Sub 'op' for 'deop' to remove op privilege.
+
See the [http://www.tldp.org/LDP/abs/html/string-manipulation.html string manipulation] doco. Basically, to replace first occurrence:
  
= C++ =
+
result=${var/find/replace}
  
== C++ books ==
+
To replace all occurrences:
  
=== Books I want ===
+
result=${var//find/replace}
  
* [http://smile.amazon.com/dp/1785283073 Boost.Asio C++ Network Programming 2ed]
+
A practical example, get an ISO date and turn it into a path:
* [http://smile.amazon.com/dp/1783986549 Boost.Asio C++ Network Programming Cookbook]
 
  
* [http://www.amazon.com/dp/020170353X Accelerated C++] by Andrew Koening
+
date="$(date +%Y-%m-%d)"
* [http://www.amazon.com/dp/0321334876 Effective C++] by Scott Meyers
+
work_dir=${date//-//}
* [http://www.amazon.com/dp/1491903996 Effective Modern C++] by Scott Meyers
 
* [http://www.amazon.com/dp/020163371X More Effective C++] by Scott Meyers
 
* [http://www.amazon.com/dp/0201749629 Effective STL] by Scott Meyers
 
* [http://www.amazon.com/dp/0201615622 Exceptional C++] by Herb Sutter
 
* [http://www.amazon.com/dp/020170434X More Exceptional C++] by Herb Sutter
 
* [http://www.amazon.com/dp/0201760428 Exceptional C++ Style] by Herb Sutter
 
* [http://www.amazon.com/dp/0321227255 C++ Template Metaprogramming] by David Abrahams
 
* [http://www.amazon.com/dp/059652269X 97 Things Every Software Architect Should Know] by Richard Monson-Haefel
 
* [http://www.amazon.com/dp/9491028022 Introduction to the Boost C++ Libraries; Volume II - Advanced Libraries] by Robert Demming
 
  
=== Books I own ===
+
== Sending a HEREDOC to a file ==
  
* [http://www.amazon.com/dp/0321563840 The C++ Programming Language 4ed] by Bjarne Stroustrup
+
cat << EOF > /tmp/yourfilehere
* [http://smile.amazon.com/dp/9491028022 Introduction to the Boost C++ Libraries; Volume II - Advanced Libraries]
+
These contents will be written to the file.
* [http://smile.amazon.com/dp/1849514887 Boost C++ Application Development Cookbook]
+
        This line is indented.
* [http://smile.amazon.com/dp/1782163263 Boost.Asio C++ Network Programming]
+
EOF
* [http://www.amazon.com/dp/0321113586 C++ Coding Standards] by Herb Sutter &#x2713;
 
* [http://www.amazon.com/dp/0201704315 Modern C++ Design] by Andrei Alexandrescu &#x2713;
 
* [http://www.amazon.com/dp/0596809484 97 Things Every Programmer Should Know] by Kevlin Henney &#x2713;
 
* [http://www.amazon.com/dp/0321133544 Beyond the C++ Standard Library] by Björn Karlsson &#x2713;
 
* [http://www.amazon.com/dp/9491028014 Introduction to the Boost C++ Libraries; Volume I - Foundations] by Robert Demming &#x2713;
 
* [http://www.amazon.com/dp/0123850037 API Design for C++] by Martin Reddy &#x2713;
 
* [http://www.amazon.com/dp/B00CB23URA Advanced C++ Metaprogramming] by Davide Di Gennaro &#x2713;
 
** Note: the next version of this book is: [http://www.amazon.com/dp/1484210115 Advanced Metaprogramming in Classic C++]
 
* [http://www.amazon.com/dp/1933988770 C++ Concurrency in Action: Practical Multithreading] by Anthony Williams &#x2713;
 
  
=== Books I'm not reading ===
+
== Bash case/switch statement ==
  
* [http://www.amazon.com/dp/0321563840 The C++ Programming Language 3ed] by Bjarne Stroustrup &#x2713;
+
See [http://tldp.org/LDP/Bash-Beginners-Guide/html/sect_07_03.html using case statements], e.g.:
** Note: 3ed is obsolete. Buy 4ed (above).
 
  
=== Books I've read ===
+
case $space in
 
+
[1-6]*)
* [http://www.amazon.com/dp/0596004966 C++ Pocket Reference] by Kyle Loudon &#x2713;
+
  Message="All is quiet."
 
+
  ;;
== C++ blogs/articles ==
+
[7-8]*)
 +
  Message="Start thinking about cleaning out some stuff.  There's a partition that is $space % full."
 +
  ;;
 +
9[1-8])
 +
  Message="Better hurry with that new disk... One partition is $space % full."
 +
  ;;
 +
99)
 +
  Message="I'm drowning here!  There's a partition at $space %!"
 +
  ;;
 +
*)
 +
  Message="I seem to be running with an nonexistent amount of disk space..."
 +
  ;;
 +
esac
  
* [http://blogs.msdn.com/b/hsutter/ Herb Sutter's MSDN blog]
+
== Using dotglob shopt to match dot-files ==
* [http://herbsutter.com/ Herb Sutter's personal blog]
 
* [http://herbsutter.com/gotw/ Herb Sutter's Guru of the Week (GotW)] updated from [http://gotw.ca/gotw/ gotw.ca]
 
  
== C++ performance tips ==
+
To enable dot-file matching in globs, set the dotglob shell option:
  
* ++c can be faster than c++.
+
$ shopt -s dotglob
* use const for everything that you possibly can.
 
* use 'inline' when you need to define a function in a header. Typically only do that if it's small and the increase in code size from inlining is worth the cost to avoid the cost of a function call. For anything except trivially small functions you'll probably need to profile to know if it's worth it.
 
* don't use registers.
 
* const [http://www.gotw.ca/gotw/081.htm rarely affects performance].
 
* debunking a number of [http://www.open-std.org/jtc1/sc22/wg21/docs/TR18015.pdf C++ myths that won't die].
 
* std::sort<> is typically faster than qsort() because it can avoid indirection at runtime.
 
* if you've got parallelisation going on, you may be able to just replace a std::for_each with a parallel equivalent.
 
* read about [http://stackoverflow.com/questions/579887/how-expensive-is-rtti performance cost of RTTI] (Run Time Type Information) and [http://stackoverflow.com/questions/4486609/when-can-compiling-c-without-rtti-cause-problems how to disable it]
 
* don't use dynamic_cast because it is slow (typeid is faster but still relies on RTTI)
 
* prefer unique_ptr to shared_ptr when possible. unique_ptr has less overhead.
 
* [http://sunsite.uakom.sk/sunworldonline/swol-02-1996/swol-02-perf.html Which is better, static or dynamic linking?]
 
* [http://stackoverflow.com/questions/2550281/floating-point-vs-integer-calculations-on-modern-hardware Integer vs Floating-Point performance]
 
  
= systemd =
+
== Stopping a script from running if it previously exited due to error ==
  
[https://en.wikipedia.org/wiki/Systemd systemd] is an init system used in most Linux distributions to bootstrap the user space and manage all processes subsequently.
+
persistentDataDir=/var/lib/something
 +
alarm() {
 +
  touch $persistentDataDir/alarm
 +
}
 +
trap alarm ERR
 +
[ -f $persistentDataDir/alarm ] && exit 1
  
== Following a service log ==
+
== Make sure only one instance of a script is running at a time ==
  
e.g. for bind9:
+
ephemeralDataDir=/var/run/something
 +
unlock() {
 +
  rmdir $ephemeralDataDir/lock
 +
}
 +
mkdir $ephemeralDataDir/lock || exit 1;
 +
trap unlock EXIT
  
# journalctl -f -u bind9
+
== BASH programming advice ==
  
or for everything:
+
See [https://blog.yossarian.net/2020/01/23/Anybody-can-write-good-bash-with-a-little-effort Anybody can write good bash (with a little effort)].
  
# journalctl -f
+
== Run a command using arguments that come from an array ==
  
== System status ==
+
See [https://unix.stackexchange.com/a/412647/356289 here]:
  
To see spawned services hierarchy:
+
#!/bin/bash
 +
tabs=("first tab" "second tab")
 +
args=()
 +
for t in "${tabs[@]}" ; do
 +
  args+=(-t "$t")
 +
done
 +
app "${args[@]}"
  
# systemctl status
+
== Display a CSV in columnar or tabular format ==
  
Or for a specific service e.g.:
+
$ column -t -s , data.csv
  
# systemctl status networking
+
== Maximum command line length ==
  
= SaltStack =
+
Technically this is an operating system limit, not a BASH limit.
  
== Running a command on specified minions ==
+
$ getconf ARG_MAX    # Get argument limit in bytes/chars
  
salt 'host' cmd.run 'update-locale'
+
= Sed =
  
== Running a command on all minions ==
+
== Find and replace with sed ==
  
salt '*' cmd.run 'update-locale'
+
To update the current file use '-i'. E.g.:
  
== Listing active jobs ==
+
sed -i 's/search-text/replace-text/' file
  
salt-run jobs.active
+
= Awk =
  
== Listing available grains ==
+
== Listing IP addresses in an Apache web log ==
  
  salt 'example' grains.items
+
  awk '/GET \/path\/for\/url/ { print $1 }' /var/log/apache2/access.log | sort | uniq
  
== Listing available pillar ==
+
== Printing space-separated field ==
  
  salt 'example' pillar.items
+
  echo 'no no yes no' | awk '{print $3}'
  
== Reporting a grain value ==
+
== Printing delimited field ==
  
e.g. for the 'mem_total' grain:
+
echo 'no:no:yes:no' | awk -F ':' '{print $3}'
  
salt '*' grains.item mem_total
+
= Subversion =
  
== Passing a variable into a Jinja template from a salt state (SLS) ==
+
== Setting svn:externals from the command-line ==
  
e.g.: to pass 'zabbix_deb_{pkg,url}' variables into the source.txt template:
+
See [http://beerpla.net/2009/06/20/how-to-properly-set-svn-svnexternals-property-in-svn-command-line/ here].
 +
 
 +
To set an svn:externals from the command-line:
  
  <nowiki>/srv/zabbix/release/{{ zabbix_deb_pkg }}.txt:</nowiki>
+
  svn propset svn:externals 'rdfind-php https://www.progclub.org/svn/pcrepo/rdfind.php/branches/0.1' .
  file.managed:
+
svn ci -m 'Adding svn:externals for rdfind-php...'
    - template: jinja
+
svn up
    - user: root
 
    - group: root
 
    - mode: 644
 
    - source: salt://file/srv/zabbix/release/source.txt
 
    - require:
 
      - file: /srv/zabbix/release
 
    - default:
 
      <nowiki>zabbix_deb_pkg: {{ zabbix_deb_pkg }}</nowiki>
 
      <nowiki>zabbix_deb_url: {{ zabbix_deb_url }}</nowiki>
 
  
= KDE =
+
Or to use a file:
  
== Running user login script (X11/XOrg/XWindows) ==
+
svn propset svn:externals -F svn.externals .
  
A way to run user login scripts which works for KDE Plasma (and apparently other [https://en.wikipedia.org/wiki/X.Org_Server X.Org Server X Window System] environments) is to create a *.desktop file in ~/.config/autostart/. For example I have a ~/.config/autostart/ssh-add.desktop file with the following contents to register my SSH key in the SSH Agent:
+
== Setting svn:ignore from the command line ==
  
[Desktop Entry]
+
See [http://tedone.typepad.com/blog/2010/03/setting-svnignore-from-the-command-line.html here].
Type=Application
 
Name=ssh-add
 
Comment=Adds my private key to my session.
 
Exec=/usr/bin/konsole -e 'ssh-add /home/$USER/.ssh/id_rsa'
 
  
== Standard KDE shortcut key bindings ==
+
$ svn propset svn:ignore [file|folder] [path]
  
{|class="wikitable"
+
Or use a file and apply recursively:
! Name          !! Shortcut !! Command
 
|-
 
| Insert comment || F1      || xdotool type "$(date +%Y-%m-%d ) $USER - "
 
|-
 
| Insert sydtime || F4      || xdotool type "$(date +%Y-%m-%d-%H%M%S)"
 
|-
 
| Konsole        || Meta+T  || konsole
 
|-
 
| Dolphin        || Meta+E  || dolphin
 
|-
 
| Kate          || Ctrl+Shift+F12 || kate
 
|-
 
| KCalc          || Ctrl+Shift+F11 || kcalc
 
|-
 
| Firefox        || Ctrl+Shift+F10 || firefox
 
|}
 
  
= VirtualBox =
+
$ svn propset svn:ignore -RF ./svn-ignore-list.txt .
  
== Mounting a VirtualBox VDI file ==
+
= Git =
  
Note: instead of doing this consider booting with a live CD.
+
== Showing status of working copy ==
  
See [https://askubuntu.com/questions/19430/mount-a-virtualbox-drive-image-vdi/50290#50290 here]:
+
git status
  
Install qemu if necessary:
+
== Showing repo history ==
  
  # apt install qemu
+
  git log
  
Then you'll need to load the network block device module:
+
== Showing remote repositories (including 'origin') ==
  
  # rmmod nbd
+
  git remote -v
# modprobe nbd max_part=16
+
 
 +
== Handy git aliases ==
 +
 
 +
Save these to your ~/.gitconfig file.
  
Attach the .vdi image to one of the nbd you just created:
+
For a nicer view of history than standard 'git log' -- colourful, one-line-per commit, etc:
  
# qemu-nbd -c /dev/nbd0 drive.vdi
+
  graph = !git log --all --graph --color --abbrev-commit --pretty=oneline
  
Now you will get a /dev/nbd0 block device, along with several /dev/nbd0p* partition device nodes.
+
To show only the files that have changed, rather than the full line-by-line content:
  
# mount /dev/nbd0p1 /mnt
+
  dif  = !git diff --name-status
  
Once you are done, unmount everything and disconnect the device:
+
== Show git remote URL ==
  
  # qemu-nbd -d /dev/nbd0
+
  git config --get remote.origin.url
  
= Elasticsearch =
+
= IRC =
  
== Report on health of your Elasticsearch cluster ==
+
== Instructing ChanServ to op an admin ==
  
  $ curl http://localhost:9200/_cluster/health?pretty
+
  /msg ChanServ op #channel user
  
= Zabbix =
+
E.g.
  
== Zabbix Agent on Mac OS X ==
+
/msg ChanServ op #gnurc jj5
  
Download and install agent.
+
Sub 'op' for 'deop' to remove op privilege.
  
Config file is here: /usr/local/etc/zabbix/zabbix_agentd.conf
+
= C++ =
  
Unload agent with:
+
== C++ books ==
  
  # launchctl unload /Library/LaunchDaemons/com.zabbix.zabbix_agentd.plist
+
=== Books I want ===
 +
 
 +
* [http://smile.amazon.com/dp/1785283073 Boost.Asio C++ Network Programming 2ed]
 +
* [http://smile.amazon.com/dp/1783986549 Boost.Asio C++ Network Programming Cookbook]
 +
 
 +
* [http://www.amazon.com/dp/020170353X Accelerated C++] by Andrew Koening
 +
* [http://www.amazon.com/dp/0321334876 Effective C++] by Scott Meyers
 +
* [http://www.amazon.com/dp/1491903996 Effective Modern C++] by Scott Meyers
 +
* [http://www.amazon.com/dp/020163371X More Effective C++] by Scott Meyers
 +
* [http://www.amazon.com/dp/0201749629 Effective STL] by Scott Meyers
 +
* [http://www.amazon.com/dp/0201615622 Exceptional C++] by Herb Sutter
 +
* [http://www.amazon.com/dp/020170434X More Exceptional C++] by Herb Sutter
 +
* [http://www.amazon.com/dp/0201760428 Exceptional C++ Style] by Herb Sutter
 +
* [http://www.amazon.com/dp/0321227255 C++ Template Metaprogramming] by David Abrahams
 +
* [http://www.amazon.com/dp/059652269X 97 Things Every Software Architect Should Know] by Richard Monson-Haefel
 +
* [http://www.amazon.com/dp/9491028022 Introduction to the Boost C++ Libraries; Volume II - Advanced Libraries] by Robert Demming
 +
 
 +
=== Books I own ===
 +
 
 +
* [http://www.amazon.com/dp/0321563840 The C++ Programming Language 4ed] by Bjarne Stroustrup
 +
* [http://smile.amazon.com/dp/9491028022 Introduction to the Boost C++ Libraries; Volume II - Advanced Libraries]
 +
* [http://smile.amazon.com/dp/1849514887 Boost C++ Application Development Cookbook]
 +
* [http://smile.amazon.com/dp/1782163263 Boost.Asio C++ Network Programming]
 +
* [http://www.amazon.com/dp/0321113586 C++ Coding Standards] by Herb Sutter &#x2713;
 +
* [http://www.amazon.com/dp/0201704315 Modern C++ Design] by Andrei Alexandrescu &#x2713;
 +
* [http://www.amazon.com/dp/0596809484 97 Things Every Programmer Should Know] by Kevlin Henney &#x2713;
 +
* [http://www.amazon.com/dp/0321133544 Beyond the C++ Standard Library] by Björn Karlsson &#x2713;
 +
* [http://www.amazon.com/dp/9491028014 Introduction to the Boost C++ Libraries; Volume I - Foundations] by Robert Demming &#x2713;
 +
* [http://www.amazon.com/dp/0123850037 API Design for C++] by Martin Reddy &#x2713;
 +
* [http://www.amazon.com/dp/B00CB23URA Advanced C++ Metaprogramming] by Davide Di Gennaro &#x2713;
 +
** Note: the next version of this book is: [http://www.amazon.com/dp/1484210115 Advanced Metaprogramming in Classic C++]
 +
* [http://www.amazon.com/dp/1933988770 C++ Concurrency in Action: Practical Multithreading] by Anthony Williams &#x2713;
 +
 
 +
=== Books I'm not reading ===
 +
 
 +
* [http://www.amazon.com/dp/0321563840 The C++ Programming Language 3ed] by Bjarne Stroustrup &#x2713;
 +
** Note: 3ed is obsolete. Buy 4ed (above).
 +
 
 +
=== Books I've read ===
 +
 
 +
* [http://www.amazon.com/dp/0596004966 C++ Pocket Reference] by Kyle Loudon &#x2713;
 +
 
 +
== C++ blogs/articles ==
 +
 
 +
* [http://blogs.msdn.com/b/hsutter/ Herb Sutter's MSDN blog]
 +
* [http://herbsutter.com/ Herb Sutter's personal blog]
 +
* [http://herbsutter.com/gotw/ Herb Sutter's Guru of the Week (GotW)] updated from [http://gotw.ca/gotw/ gotw.ca]
 +
 
 +
== C++ performance tips ==
 +
 
 +
* ++c can be faster than c++.
 +
* use const for everything that you possibly can.
 +
* use 'inline' when you need to define a function in a header. Typically only do that if it's small and the increase in code size from inlining is worth the cost to avoid the cost of a function call. For anything except trivially small functions you'll probably need to profile to know if it's worth it.
 +
* don't use registers.
 +
* const [http://www.gotw.ca/gotw/081.htm rarely affects performance].
 +
* debunking a number of [http://www.open-std.org/jtc1/sc22/wg21/docs/TR18015.pdf C++ myths that won't die].
 +
* std::sort<> is typically faster than qsort() because it can avoid indirection at runtime.
 +
* if you've got parallelisation going on, you may be able to just replace a std::for_each with a parallel equivalent.
 +
* read about [http://stackoverflow.com/questions/579887/how-expensive-is-rtti performance cost of RTTI] (Run Time Type Information) and [http://stackoverflow.com/questions/4486609/when-can-compiling-c-without-rtti-cause-problems how to disable it]
 +
* don't use dynamic_cast because it is slow (typeid is faster but still relies on RTTI)
 +
* prefer unique_ptr to shared_ptr when possible. unique_ptr has less overhead.
 +
* [http://sunsite.uakom.sk/sunworldonline/swol-02-1996/swol-02-perf.html Which is better, static or dynamic linking?]
 +
* [http://stackoverflow.com/questions/2550281/floating-point-vs-integer-calculations-on-modern-hardware Integer vs Floating-Point performance]
 +
 
 +
= systemd =
 +
 
 +
[https://en.wikipedia.org/wiki/Systemd systemd] is an init system used in most Linux distributions to bootstrap the user space and manage all processes subsequently.
 +
 
 +
== Following a service log ==
 +
 
 +
e.g. for bind9:
 +
 
 +
# journalctl -f -u bind9
 +
 
 +
or for everything:
 +
 
 +
# journalctl -f
 +
 
 +
== System status ==
 +
 
 +
To see spawned services hierarchy:
 +
 
 +
# systemctl status
 +
 
 +
Or for a specific service e.g.:
 +
 
 +
# systemctl status networking
 +
 
 +
= SaltStack =
 +
 
 +
== Running a command on specified minions ==
 +
 
 +
From the salt master:
 +
 
 +
salt 'host' cmd.run 'update-locale'
 +
 
 +
From the salt minion:
 +
 
 +
salt-call cmd.run 'update-locale'
 +
 
 +
== Running a command on all minions ==
 +
 
 +
salt '*' cmd.run 'update-locale'
 +
 
 +
== Running a specific state file ==
 +
 
 +
From the salt master:
 +
 
 +
salt $MINION_ID state.sls $STATE_FILE
 +
 
 +
From the salt minion:
 +
 
 +
salt-call state.sls $STATE_FILE
 +
 
 +
== Listing active jobs ==
 +
 
 +
salt-run jobs.active
 +
 
 +
== Listing available grains ==
 +
 
 +
salt 'example' grains.items
 +
 
 +
== Listing available pillar ==
 +
 
 +
salt 'example' pillar.items
 +
 
 +
== Reporting a grain value ==
 +
 
 +
e.g. for the 'mem_total' grain:
 +
 
 +
salt '*' grains.item mem_total
 +
 
 +
== Passing a variable into a Jinja template from a salt state (SLS) ==
 +
 
 +
e.g.: to pass 'zabbix_deb_{pkg,url}' variables into the source.txt template:
 +
 
 +
<nowiki>/srv/zabbix/release/{{ zabbix_deb_pkg }}.txt:</nowiki>
 +
  file.managed:
 +
    - template: jinja
 +
    - user: root
 +
    - group: root
 +
    - mode: 644
 +
    - source: salt://file/srv/zabbix/release/source.txt
 +
    - require:
 +
      - file: /srv/zabbix/release
 +
    - default:
 +
      <nowiki>zabbix_deb_pkg: {{ zabbix_deb_pkg }}</nowiki>
 +
      <nowiki>zabbix_deb_url: {{ zabbix_deb_url }}</nowiki>
 +
 
 +
= KDE =
 +
 
 +
== Running user login script (X11/XOrg/XWindows) ==
 +
 
 +
A way to run user login scripts which works for KDE Plasma (and apparently other [https://en.wikipedia.org/wiki/X.Org_Server X.Org Server X Window System] environments) is to create a *.desktop file in ~/.config/autostart/. For example I have a ~/.config/autostart/ssh-add.desktop file with the following contents to register my SSH key in the SSH Agent:
 +
 
 +
[Desktop Entry]
 +
Type=Application
 +
Name=ssh-add
 +
Comment=Adds my private key to my session.
 +
Exec=/usr/bin/konsole -e 'ssh-add /home/$USER/.ssh/id_rsa'
 +
 
 +
== Standard KDE shortcut key bindings ==
 +
 
 +
{|class="wikitable"
 +
! Name          !! Shortcut !! Command
 +
|-
 +
| Insert comment || F1      || xdotool type "$(date +%Y-%m-%d ) $USER - "
 +
|-
 +
| Insert sydtime || F4      || xdotool type "$(date +%Y-%m-%d-%H%M%S)"
 +
|-
 +
| Konsole        || Meta+T  || konsole
 +
|-
 +
| Dolphin        || Meta+E  || dolphin
 +
|-
 +
| Kate          || Ctrl+Shift+F12 || kate
 +
|-
 +
| KCalc          || Ctrl+Shift+F11 || kcalc
 +
|-
 +
| Firefox        || Ctrl+Shift+F10 || firefox
 +
|}
 +
 
 +
== Shutting down KDE/Plasma ==
 +
 
 +
# /etc/init.d/sddm stop
 +
 
 +
= VirtualBox =
 +
 
 +
== Mounting a VirtualBox VDI file ==
 +
 
 +
Note: instead of doing this consider booting with a live CD.
 +
 
 +
See [https://askubuntu.com/questions/19430/mount-a-virtualbox-drive-image-vdi/50290#50290 here]:
 +
 
 +
Install qemu if necessary:
 +
 
 +
# apt install qemu
 +
 
 +
Then you'll need to load the network block device module:
 +
 
 +
# rmmod nbd
 +
# modprobe nbd max_part=16
 +
 
 +
Attach the .vdi image to one of the nbd you just created:
 +
 
 +
# qemu-nbd -c /dev/nbd0 drive.vdi
 +
 
 +
Now you will get a /dev/nbd0 block device, along with several /dev/nbd0p* partition device nodes.
 +
 
 +
# mount /dev/nbd0p1 /mnt
 +
 
 +
Once you are done, unmount everything and disconnect the device:
 +
 
 +
# qemu-nbd -d /dev/nbd0
 +
 
 +
= Elasticsearch =
 +
 
 +
== Report on health of your Elasticsearch cluster ==
 +
 
 +
$ curl http://localhost:9200/_cluster/health?pretty
 +
 
 +
= Zabbix =
 +
 
 +
== Zabbix Agent on Mac OS X ==
 +
 
 +
Download and install agent.
 +
 
 +
Config file is here: /usr/local/etc/zabbix/zabbix_agentd.conf
 +
 
 +
Unload agent with:
 +
 
 +
  # launchctl unload /Library/LaunchDaemons/com.zabbix.zabbix_agentd.plist
 +
 
 +
Load agent with:
 +
 
 +
# launchctl load /Library/LaunchDaemons/com.zabbix.zabbix_agentd.plist
 +
 
 +
To add a 'pki' group:
 +
 
 +
# dseditgroup -o create pki
 +
 
 +
To monitor syslog on Mac OS X:
 +
 
 +
# tail -f /var/log/system.log
 +
 
 +
== Installing Zabbix Agent from source on Mac OS X ==
 +
 
 +
Download sources from https://www.zabbix.com/download_sources
 +
 
 +
$ brew update
 +
$ brew install openssl
 +
$ brew install pcre
 +
jj5@condor:~/Desktop/zabbix-4.4.7$ ./configure --enable-agent --with-openssl=/usr/local/opt/openssl/
 +
jj5@condor:~/Desktop/zabbix-4.4.7$ sudo make install
 +
 
 +
= NetBeans =
 +
 
 +
== NetBeans shortcut keys ==
 +
 
 +
{|class="wikitable sortable"
 +
! Keys        !! Action
 +
|-
 +
| Ctrl+W      || Close active window
 +
|-
 +
| Alt+Shift+K  || Open in Terminal
 +
|-
 +
| Ctrl+U U    || Convert selected text to uppercase
 +
|-
 +
| Ctrl+U L    || Convert selected text to lowercase
 +
|}
  
Load agent with:
+
= XML =
  
# launchctl load /Library/LaunchDaemons/com.zabbix.zabbix_agentd.plist
+
== How to pretty-print an XML file ==
  
To add a 'pki' group:
+
$ xmllint --format input.xml > output.xml
  
# dseditgroup -o create pki
+
= ApacheBench =
  
To monitor syslog on Mac OS X:
+
== Run a benchmark with ApacheBench ==
 
 
# tail -f /var/log/system.log
 
  
== Installing Zabbix Agent from source on Mac OS X ==
+
$ ab -n 1000 -c 100 https://www.example.com/
 
 
Download sources from https://www.zabbix.com/download_sources
 
 
 
$ brew update
 
$ brew install openssl
 
$ brew install pcre
 
jj5@condor:~/Desktop/zabbix-4.4.7$ ./configure --enable-agent --with-openssl=/usr/local/opt/openssl/
 
jj5@condor:~/Desktop/zabbix-4.4.7$ sudo make install
 
 
 
= NetBeans =
 
 
 
== NetBeans shortcut keys ==
 
 
 
{|class="wikitable sortable"
 
! Keys        !! Action
 
|-
 
| Ctrl+W      || Close active window
 
|-
 
| Alt+Shift+K  || Open in Terminal
 
|-
 
| Ctrl+U U    || Convert selected text to uppercase
 
|-
 
| Ctrl+U L    || Convert selected text to lowercase
 
|}
 

Revision as of 00:56, 6 January 2023

Hi there, I'm John. I just wanted a page where I could document various Linux things that I bump into. This is that page. Thank you ProgClub. :)

Note: I have some other disorganised notes on UNIX, which include a few tips for MacOS. I also have some tips for OS X.

Note: the info on this page is probably Ubuntu (and Debian as an outside chance) specific, because I use Ubuntu pretty much everywhere these days.

You might also be interested in John's hacks.

Quick jump to: NetBeans.

References

Command-line

See Shell Commands I Wish I Knew Earlier for some interesting options.

System

Reporting system specifications from the command-line

Try any of these:

# neofetch
# inxi
# hwinfo --short

You may need to install the relevant package.

Determining which Debian/Ubuntu release your are running

$ lsb_release -r

Or for more information:

$ lsb_release

Determining which Linux/Unix you are running

$ uname

Or,

$ uname -mrs

Or,

$ uname -a

Determining which Linux kernel you are running

$ uname -r

Configuring system swappiness

Swappiness is a number between 0 and 100 that regulates how much the system uses the swap file. I like setting this value to 0 to keep my apps as responsive as possible. Create a file /etc/sysctl.d/local.conf and add this line:

vm.swappiness = 0

If you want to set the value for the current session only:

echo 0 > /proc/sys/vm/swappiness

Hardware information

For information about the hardware attached to your system, check out:

# lshw

And for PCI devices:

# lspci

And for DMI info:

# dmidecode

Note that the dmidecode command (above) will give you information about your system's motherboard. For motherboard info look for 'System Information' and/or 'Base Board Information'.

Or the grand daddy of them all:

# hwinfo

There's also inxi, e.g.:

$ inxi -b

System:    Host: tact Kernel: 4.9.0-4-amd64 x86_64 (64 bit) Desktop: KDE Plasma 5.8.6
           Distro: Debian GNU/Linux 9 (stretch)
Machine:   Device: desktop Mobo: ASUSTeK model: STRIX Z270F GAMING v: Rev 1.xx
           UEFI [Legacy]: American Megatrends v: 0906 date: 03/22/2017
CPU:       Quad core Intel Core i7-7700K (-HT-MCP-) speed/max: 799/4600 MHz
Graphics:  Card: Intel Device 5912
           Display Server: X.Org 1.19.2 drivers: modesetting (unloaded: fbdev,vesa)
           Resolution: 1920x1080@60.00hz, 1920x1080@60.00hz
           GLX Renderer: Mesa DRI Intel Kabylake GT2 GLX Version: 3.0 Mesa 13.0.6
Network:   Card: Intel Ethernet Connection (2) I219-V driver: e1000e
Drives:    HDD Total Size: 13026.6GB (42.0% used)
RAID:      Devices: 1: /dev/md1 2: /dev/md0
Info:      Processes: 355 Uptime: 11 days Memory: 21198.3/32043.3MB Client: Shell (bash) inxi: 2.3.5

Motherboard info

# dmidecode -t 2

CPU info

# lscpu

or:

# cat /proc/cpuinfo

RAM info

# dmidecode --type memory

PCI info

# lspci -v

Drive info

# cat /proc/partitions

and:

# hdparm -I /dev/sda

and:

# smartctl --info /dev/sda

You can check if a drive is SSD or not with:

# cat /sys/block/sde/queue/rotational
0=SSD
1=HDD

Viewing syslog and other logs with KSystemLog

Run the 'KSystemLog' program under KDE for a handy log viewer GUI.

CPU

Monitoring CPU clock speed

Try something like this:

$ watch 'grep MHz /proc/cpuinfo | awk "{ print \$4 }" | sort -n'

Power

Reporting on PowerShield DEFENDER UPS status

Before running `upsc` ensure service is running:

# upsdrvctl start

To see the status of the PowerShield DEFENDER systems on John's LAN:

$ upsc defender

E.g.:

jj5@orac:~$ upsc defender
Init SSL without certificate database
battery.charge: 100
battery.voltage: 27.40
battery.voltage.high: 26.00
battery.voltage.low: 20.80
battery.voltage.nominal: 24.0
device.type: ups
driver.name: blazer_usb
driver.parameter.pollinterval: 2
driver.parameter.port: auto
driver.parameter.synchronous: no
driver.version: 2.7.4
driver.version.internal: 0.12
input.current.nominal: 5.0
input.frequency: 50.1
input.frequency.nominal: 50
input.voltage: 242.6
input.voltage.fault: 242.6
input.voltage.nominal: 240
output.voltage: 242.6
ups.beeper.status: disabled
ups.delay.shutdown: 30
ups.delay.start: 180
ups.load: 14
ups.productid: 5161
ups.status: OL
ups.type: offline / line interactive
ups.vendorid: 0665

Run commands on PowerShield DEFENDER UPS batteries

You can run "instant commands" using the upscmd command.

We use the 'beeper.toggle' instant command in our Salt Stack config to disable the beeper, see e.g.:

diligence:/srv/salt/conf/app/defender-1200.sls

To see "instant commands" supported by the PowerShield DEFENDER:

$ upscmd -l defender

E.g.:

jj5@orac:~$ upscmd -l defender
Instant commands supported on UPS [defender]:

beeper.toggle - Toggle the UPS beeper
load.off - Turn off the load immediately
load.on - Turn on the load immediately
shutdown.return - Turn off the load and return when power is back
shutdown.stayoff - Turn off the load and remain off
shutdown.stop - Stop a shutdown in progress
test.battery.start - Start a battery test
test.battery.start.deep - Start a deep battery test
test.battery.start.quick - Start a quick battery test
test.battery.stop - Stop the battery test

Service management

Report running services

# service --status-all

Environment

Configuring vim as your editor

Sometimes all you need is:

$ export EDITOR=/usr/bin/vim

Which works for svn, for example. Add it to your ~/.profile file to have it set for all login sessions.

Other times you need to run

# update-alternatives --config editor

And then select vim from the list. This is what you do to configure your visudo editor.

Configuring your locale

$ sudo /usr/sbin/locale-gen en_AU.UTF-8
$ sudo /usr/sbin/update-locale LANG=en_AU.UTF-8

User and group management

Adding a user

To add a new user on a linux system:

# useradd username
# passwd username

To have the home directory created from '/etc/skel' use the 'adduser' script instead:

# adduser username

Adding a user to a group

To add an existing user to an existing group:

# gpasswd -a username group

e.g. to add user 'jj5' to the 'sudo' group:

# gpasswd -a jj5 sudo

Alternatively you can use adduser, passing the username and group:

# adduser username group

e.g. to add user 'sclaughl' to the 'staff' group:

# adduser sclaughl staff

Disabling a user account

You can disable a user account with:

# passwd -l user

Note: that's a lower-case L, not a one.

Enabling a disabled user account

To can re-enable a locked user account with:

# passwd -u user

Finding which user you are logged in as

To determine which user you are running as enter the command:

$ whoami

Finding which groups you are a member of

To find which groups you are a member of:

$ groups

or

$ groups username

Where 'username' is the username of the user you are querying, e.g.:

$ groups jj5

Finding who else is logged in to the system

To see who else is logged in,

$ who

Running a command as a particular user

To run "svn update" as the user www-data:

$ sudo su -c "svn update" www-data

Reporting user and group info for the current user

$ id

Memory management

Checking available memory

To report memory statistics in megabytes:

$ free -m

Check for swap thrashing

Check your virtual memory status with vmstat:

$ vmstat

Report memory type

Report on RAM DIMMs:

# dmidecode --type 17

Report on RAM and CPU cache (including L1, L2, and L3):

# lshw -short -C memory

Or for more detail:

# lshw -C memory

Video/display management

Viewing EDID data for attached monitor

To view EDID data for an attached monitor (requires the edid-decode package):

$ cd /sys/class/drm
$ ls
$ cd card0-HDMI-A-1
$ edid-decode edid

Process management

Using 'top' for dynamic resource usage reporting

To run top:

$ top

See 15 Practical Linux Top Command Examples for some hints on usage.

To see usage for a specific user run e.g.:

$ top -u jj5

To see full command-line press 'c'.

When you're in 'top' you can:

  • press '1' (one) to toggle CPU aggregation
  • press < and > to change the sort column

Changing memory reporting in 'top'

To run top:

$ top

Press 'E' to switch between top memory units (KiB, MiB, GiB, etc.)

Press 'e' to switch between bottom memory units (KiB, MiB, GiB, etc.)

Press 'M' to sort by memory utilisation.

Press 'm' to switch between various display modes.

Showing full command-line in 'top'

To see the full command-line for processes run with -c:

$ top -c

Listing all processes currently running which were started in your current shell session

$ ps -fl

Killing specific processes

# ps aux | grep -e "this\|that" | grep -v grep | tr -s " " | cut -d " " -f 2 | xargs kill -9

Run a command for a specified time using timeout

$ timeout 3 ping jj5.net

Disk management

Reporting ext4 file-systems mounted without noatime

$ cat /proc/mounts | grep ext | grep -v noatime | sort

Creating a partition table

# parted /dev/xvdf
mktable msdos

Creating a partition

# parted /dev/xvdf
u MiB
mkpart primary 1 100%

Creating an ext4 file-system

# mkfs.ext4 /dev/xvdf1

Listing disk drives

# fdisk -l

(That's an L for "list")

Checking available disk space

$ df -h

Getting disk information

# lsblk

And

# cat /proc/partitions

Or the Grand Daddy of them all:

# lshw -class disk

(Requires the lshw package.)

Getting partition UUID and file-system type

# blkid

Checking for SSD vs magnetic disk

# cat /sys/block/sda/queue/rotational

Will be 0 for SSD and 1 for magnetic.

Monitoring a ZFS server

So some commands I run to keep an eye on my new ZFS servers:

# top
# iotop
# nethogs
# watch free -h
# watch slabtop -o
# slabtop
# watch cat /proc/meminfo
# perf top
# watch "df -h | grep -v -e tmpfs -e udev -e by-uuid"
# watch zpool iostat -v
# zpool iostat -v 2
# watch 'zpool list; echo; zfs list'
# watch zfs get compressratio -o all
# watch cat /proc/spl/kstat/zfs/arcstats

If you have a scrub or resilvering in progress you can report on progress with:

# watch zpool status -v

You can poke about in internals, e.g.:

# cat /proc/spl/kstat/zfs/arcstats
root@orac:/sys/module/zfs/parameters# tail *

You can report on property values with e.g.:

# zfs get all data

If you want to get funky:

# cd /tmp
# perf record -ag #(Ctrl+C after ~15 seconds)
# perf report --stdio

You can search for ZFS files like e.g. this:

root@orac:/# find / -name '*zfs*' -or -name '*zpool*'

You can report history of a zpool:

# zpool history $poolname

You can get a report on the dedup tables:

# zpool status -D $poolname

Or more detailed dedup table info:

# zdb -DDD $poolname

Note in the output see here for details, basically:

Abbr Description
LSIZE logical size (in memory)
PSIZE physical size
DSIZE size on disk
refcnt reference count

How to tell if zfs scrub is running

You can get the status from the "scan:" line from:

$ zpool status

Measure data throughput

Use the 'pv' command from the 'pv' package, e.g.:

# cat /dev/sda | pv | cat > /dev/null

Or for ZFS:

# zfs send data/example | pv | cat > /dev/null

Using Smartctl, Smartd and Hddtemp on Debian

For notes on using smartctl see Using Smartctl, Smartd and Hddtemp on Debian.

Report hard disk usage

So you might want to know how much data a process reads or writes to a hard disk. You can monitor process total disk utilisation with the 'iotop' command. Run 'iotop' and then press 'a' for --accumulated.

Report hard disk temperatures

E.g.

# hddtemp /dev/sd[a-e]

Burning an ISO image to USB on Mac

First insert your USB key and find the appropriate disk with:

# diskutil list

Then unmount it with:

# diskutil unmountDisk /dev/disk4

Then copy ISO image with 'dd':

# dd if=ubuntu-18.04.1-desktop-amd64.iso of=/dev/disk4

You can get dd to report progress by sending it the SIGINFO signal:

# kill -s info 12345

Listing all ext4 file systems

To see a list only of the mounted ext4 file systems:

# df -t ext4

Report hierarchical file system mount points and mount options

$ findmnt

Report the mount point for the current working directory

$ findmnt "$PWD"

Monitoring disk I/O

There's an app for that! iotop.

Using iotop, top for disks

# iotop -oPa

Monitor disk I/O for performance issues

# watch iostat

Or e.g.

# watch iostat -xd /dev/sd[abc]

Or use groupings like this command for 'tact':

$ iostat -g system nvme0n1 -g fast sda sdb -g data sdc sdd -d 2

Monitoring a system

Simple ZFS monitoring

# watch iostat
# iotop
# zpool iostat -v 5
# watch 'hddtemp /dev/sd[a-e]; echo; zpool list; echo; zfs list'
# nethogs
# top

Monitoring temperature

See temperature without third-party apps for:

$ cat /sys/class/thermal/thermal_zone*/temp

and:

$ paste <(cat /sys/class/thermal/thermal_zone*/type) <(cat /sys/class/thermal/thermal_zone*/temp) | column -s $'\t' -t | sed 's/\(.\)..$/.\1°C/'

Monitoring CPU temperature

$ watch sensors

Monitoring HDD temperature

For e.g. SATA drives sda to sdd:

# watch hddtemp /dev/sd[a-d]

ZFS

How can I determine the current size of the ARC in ZFS, and how does the ARC relate to free or cache memory?

See How can I determine the current size of the ARC in ZFS, and how does the ARC relate to free or cache memory?

$ cat /proc/spl/kstat/zfs/arcstats

Then:

c is the target size of the ARC in bytes
c_max is the maximum size of the ARC in bytes
size is the current size of the ARC in bytes

Stopping a ZFS scrub in progress

# zpool scrub -s $pool

e.g. for the 'data' pool:

# zpool scrub -s data

File management

Listing files by size

Use capital S for Size:

$ ls -S

Listing only directories

$ ls -l | egrep '^d'

Listing only files

$ ls -l | egrep -v '^d'

Listing hidden files

$ ls -al .[!.]*

Creating a symbolic link

$ ln -s /path/to/target link-name

Creating a hard-link

$ ln /path/to/target file-name

Changing the owner of a file

$ chown user:group <files>

E.g.

$ chown jj5:staff README
$ chown root:root *

To apply recursively into sub-directories use -R,

$ chown -R root:root /etc/*

Changing file permissions

Object codes
User Group Other
u g o
Permission codes
Read Write Exectue
r w x
4 2 1
Numeric codes
0 None
1 Execute
2 Write
3 Write, Execute
4 Read
5 Read, Execute
6 Read, Write
7 Read, Write, Execute

See Numeric Mode in Action.

$ chmod <user numeric code><group numeric code><other numeric code> <files>
$ chmod <object codes>+|-<permission codes> <files>

E.g.

$ chmod 600 my-private-file
$ chmod go-rwx my-private-file
$ chmod u+rw my-private-file
$ chmod +x my-script

Updating config files

If you get given a new config file called new.conf and you want to integrate it with your old config file old.conf then:

$ cp old.conf updated.conf
$ merge -A updated.conf new.conf old.conf

Then go through and edit updated.conf resolving all the merge errors, picking and choosing what to update and what to keep. When you're done copy updated.conf to old.conf so it becomes the new config file.

The merge program is a part of the RCS package. If you don't have it:

$ sudo apt-get install rcs

Listing open files

Use lsof to list open files. E.g.:

# lsof

See man lsof for options.

List permissions on a whole directory path

E.g.:

$ namei -om /home/jj5/workspace

Outputs:

f: /home/jj5/workspace/
 drwxr-xr-x root root /
 drwxr-xr-x root root home
 drwxr-xr-x jj5  jj5  jj5
 drwxr-xr-x jj5  jj5  workspace

Counting non-blank lines in a file

E.g.:

$ cat foo.c | sed '/^\s*$/d' | wc -l

Cloning one directory to another with rsync

E.g.:

rsync --acls --xattrs --stats --human-readable --recursive --del --force --times --links --hard-links --executability --numeric-ids --owner --group --perms --sparse --compress-level=0 /data/source/ hostname:/data/target/

Counting number of files in current directory and all subdirectories

$ ls -AlhR . | egrep '^-' | wc -l

Counting number of directories in current directory and all subdirectories

$ ls -AlhR . | egrep '^d' | wc -l

Getting the status of a 'dd' process

First figure out the 'dd' process number, with e.g. 'top' or 'ps aux | grep dd'

Then send the dd process the SIGINFO signal, which for dd process 40947 would be:

# kill -s info 40947

The dd process will report its status in the terminal its running in.

Transferring a large file via FAT32 file system

So the maximum file size supported by a FAT32 file system (commonly used on USB keys) is 4 GB per file. If you have a file larger than 4 GB you can split it into parts and then reassemble the parts once transferred:

$ split -b 4000m input.tgz input.tgz-parts-

Then copy the small files and reassemble:

$ cat input.tgz-parts-* > output.tgz

Find the difference between two directories

$ diif -qr $DIR_A $DIR_B

Merging two directories

$ cp -RT source/ destination/

Files from source will be merged into destination.

NFS

List NFS shares

To e.g. show NFS shares on 'love':

$ showmount -e love

Compression

How to use pigz with tar

See here:

$ tar cf - paths-to-archive | pigz --best -p 8 > archive.tgz

Note: don't use --best unless you're being stingy, running without it will be much faster.

Also from here:

Fast pack:

tar -I 'pigz --fast' -cf my.tar.gz whatver

Best pack:

tar -I 'pigz --best' -cf my.tar.gz whatver

Fast unpack:

tar -I pigz -xf my.tar.gz

Best compression with tar

From here:

export GZIP=-9
tar cvzf file.tar.gz /path/to/directory

or

env GZIP=-9 tar cvzf file.tar.gz /path/to/directory

Best parallel compression with pigz

$ pigz --best

Best parallel compression with xz

$ xz -9e -T 0

Reporting compression ratios with xz

e.g.

root@love:/data/image/archive# xz -l *
Strms  Blocks   Compressed Uncompressed  Ratio  Check   Filename
    1       3    372.2 MiB    442.3 MiB  0.841  CRC64   1999.txz
    1      29  5,281.3 MiB  5,542.5 MiB  0.953  CRC64   2001.txz
    1      11  1,364.3 MiB  2,084.3 MiB  0.655  CRC64   2002.txz
    1       9    568.5 MiB  1,660.2 MiB  0.342  CRC64   2003.txz
    1     639     66.8 GiB    119.6 GiB  0.558  CRC64   2004.txz
    1     313     12.7 GiB     58.6 GiB  0.217  CRC64   2005.txz
    1     414     35.0 GiB     77.4 GiB  0.452  CRC64   2006.txz
    1     485     44.5 GiB     90.9 GiB  0.490  CRC64   2007.txz
    1   1,690    150.0 GiB    316.8 GiB  0.473  CRC64   2008.txz
    1       3    457.9 MiB    526.0 MiB  0.871  CRC64   2009.txz
    1     168     27.3 GiB     31.4 GiB  0.868  CRC64   2010.txz
    1       4    477.1 MiB    702.8 MiB  0.679  CRC64   2011.txz
-------------------------------------------------------------------------------
   12   3,768    344.6 GiB    705.5 GiB  0.488  CRC64   12 files

Symbolic-link management

== Data used by sym-linked files:

This will de-reference the sym-links in the current directory and tell you how much data the files pointed to by the sym-links are using:

jj5@tact:/data/backup/unity/latest$ du -hD * | sort -h

File searching

Finding a file with a particular name

$ find -iname "*some-part-of-the-file-name*"

Will start searching from the current directory, so maybe

$ cd /

first. For a case-sensitive search:

$ find -name "*eXaCT CaSE*"

Finding a file with particular content

To search in /etc/ for a file with particular content:

$ grep -R "search-string" /etc/*

To search the current directory for *.cs files containing the word "Up":

$ find . -name '*.cs' -exec grep --color=auto -H Up {} \;

Finding a list of files with particular content

E.g. to find all the files with the word 'creativity':

$ grep -R creativity . | sed 's/:/ /' | awk '{ print $1 }' | sort | uniq

Using the locate command to find files

$ locate part-of-filename

E.g.

$ locate texvc

Updating locate command's database

# updatedb

Select a random line from a text file

$ shuf -n 1 input.txt

Extra context for grep

If you need to show extra lines before or after your grep results use -B NUM to set how many lines before the match and -A NUM for the number of lines after the match:

$ grep -B 3 -A 1 ...

Job control

Stopping a running process

Press Ctrl+Z to stop a running process.

Listing current jobs and their status

$ jobs

Resuming a stopped job in the backgroud

To resume a stopped process in the background

$ bg %1

where '1' is the job number reported by bash when you pressed Ctrl+Z (or ran 'jobs').

Resuming a stopped job in the foreground

To resume a stopped process in the foreground

$ fg %1

where '1' is the job number reported by bash when you pressed Ctrl+Z (or ran 'jobs').

Killing a stopped job

To kill a job

$ kill %1

where '1' is the job number reported by bash when you pressed Ctrl+Z (or ran 'jobs').

Periodically run a program and watch its output

$ watch /your/command

Debian/Ubuntu package management

Also see Where "is" it? on the Debian Wiki.

configuring debconf

# dpkg-reconfigure debconf 

Set priority to low to get asked detailed questions.

Showing list of installed packages

# dpkg --get-selections

Searching for installed package

# dpkg --get-selections | grep package-name

or

# aptitude search package-name

Showing which files are installed as part of a package

# dpkg -L package-name

Installing a package

# apt-get install package-name

Uninstalling a package

# apt-get remove package-name

Showing system architecture

$ dpkg --print-architecture

Showing which package a file belongs to

$ which echo
/bin/echo
$ dpkg -S /bin/echo
coreutils: /bin/echo
$ dpkg -l | grep coreutils
ii  coreutils                         6.10-6                   The GNU core utilities

Showing package information

$ apt-cache showpkg coreutils

Or for even more information:

$ apt-cache show coreutils

List all installed packages with package version info

dpkg-query -l

Reporting which version of a package is installed

$ dpkg -l | grep package-name

E.g.:

root@hope:~/letsencrypt# dpkg -l | grep augeas
ii  augeas-lenses                   0.7.0-1ubuntu1                 Set of lenses needed by libaugeas0 to parse 
ii  libaugeas0                      0.7.0-1ubuntu1                 The augeas configuration editing library and

Comprehensive upgrade

Try the following:

# apt-get update
# apt-get dist-upgrade
# apt-get autoremove
# apt-get remove $(deborphan)
# update-flashplugin-nonfree --install

Searching all available packages

$ apt-cache search . | sort -d | less

Reporting unattended upgrades status

See here for more info.

# tail -f /var/log/unattended-upgrades/unattended-upgrades.log

Searching for Debian packages and versions

Networking

Determining throughput between two hosts

# apt install iperf3

On the server:

# iperf3 -s

On the client:

# iperf3 -c $SERVER_IP

For more info see: How to test the network speed/throughput between two Linux servers.

net-tools vs iproute2

The older 'net-tools' package has been replaced with 'iproute2' e.g. in stretch.

legacy net-tools commands iproute2 replacement commands
arp ip n (ip neighbor)
ifconfig ip a (ip addr), ip link, ip -s (ip -stats)
iptunnel ip tunnel
iwconfig iw
nameif ip link, ifrename
netstat ss, ip route (for netstat-r), ip -s link (for netstat -i), ip maddr (for netstat-g)
route ip r (ip route)

Restart networking

For servers:

# service networking restart

For desktops:

# service network-manager restart

Pinging with particular packet size

$ ping -M do -s <packet size in bytes> <host>

E.g.

$ ping -M do -s 1400 charity.progclub.org

Setting MSS for a particular IP address on a particular interface

# ip route add <host> dev <interface> advmss <packet size>

E.g.

# ip route add 10.0.0.1 dev eth0 advmss 1400

Dropping configured MMS for a particular IP address

# ip route flush <host>

E.g.

# ip route flush 10.0.0.1

Listing open ports and socket information

Including which process is listening on which port.

# netstat -tulpn

Or use the 'ss' command:

# ss -s
# ss -l
# ss -pl
# ss -o state established '( dport = :smtp or sport = :smtp )'

Listing open IPv4 connections

# lsof -Pnl +M -i4

You might need to install the lsof package:

# apt-get install lsof

Query for DNS MX record

$ nslookup
> server 127.0.0.1
> set q=mx
> mail.blackbrick.com

Query for DNS SOA record

$ dig @ns2.staticmagic.net -t SOA staticmagic.net

Using nmap to list open ports on remote host

To check the 1,000 most common ports:

# nmap server.example.com

Or for a specific port range (e.g. 101 to 102):

# nmap -p 101-102 server.example.com

Or for all ports (1 to 65,535):

# nmap -p- server.example.com

Network monitoring

See here for details. Basically:

  1. Overall bandwidth: nload, bmon, slurm, bwm-ng, cbm, speedometer, netload
  2. Overall bandwidth (batch style output): vnstat, ifstat, dstat, collectl
  3. Bandwidth per socket connection: iftop, iptraf, tcptrack, pktstat, netwatch, trafshow
  4. Bandwidth per process: nethogs

nload

You can watch network traffic in real-time with nload:

# nload -u M

Reporting network (NIC) speed

From here:

# dmesg | grep eth0
# mii-tool -v eth0
# ethtool eth0

Note: use ifconfig to get device name.

Path MTU discovery

To do a Path MTU Discovery, from the iputils-tracepath package:

# tracepath host.example.com

Listing available Ethernet devices

To see a list of NICs available on the host:

$ cat /proc/net/dev

Also

$ ip link

59 Linux Networking commands and scripts

See 59 Linux Networking commands and scripts.

Links

IPTables

Applying firewall rules

For configuration info see this article.

$ sudo vim /etc/iptables.test.rules
$ sudo /sbin/iptables -F
$ sudo /sbin/iptables-restore < /etc/iptables.test.rules
$ sudo iptables -L
$ sudo -s
# iptables-save > /etc/iptables.up.rules
# exit

Blocking an IP address with iptables

To drop IP address 1.2.3.4:

# iptables -A INPUT -s 1.2.3.4 -j DROP

ufw

Denying hosts with ufw

See denying hosts with ufw.

Bind9

Viewing Bind9 querylog

$ sudo rndc querylog
$ tail -f /var/log/syslog

IPSec

Disabling IPSec

# setkey -FP

OpenSSL

Debugging IMAPS with OpenSSL

# openssl s_client -connect localhost:993
> a1 LOGIN username@host password
> a2 LOGOUT

Debugging HTTPS with OpenSSL

$ openssl s_client -connect www.example.com:443
GET /example.html HTTP/1.1
host: www.example.com

Links

Pluggable Authentication Modules (PAM)

Links

SSH

Configuring SSH key login

On the client machine generate a key-pair (if necessary, check for existing ~/.ssh/id_rsa.pub):

$ ssh-keygen -t rsa

Copy the public key from the client to the server:

$ scp ~/.ssh/id_rsa.pub user@example.org:

Configure the authorized keys on the server:

$ ssh user@example.org
$ mkdir ~/.ssh
$ chmod go-w .ssh
$ cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
$ chmod 600 ~/.ssh/authorized_keys
$ rm ~/id_rsa.pub

Tunneling over SSH

For example, connecting a remote MySQL server to the localhost:

$ ssh -L 3306:localhost:3306 jselliot@ssh.progsoc.org

If the machine you want to connect to is not the localhost of the machine you're ssh'ing to,

 $ ssh -L 3306:muspell.progsoc.uts.edu.au:3306 ssh.progsoc.uts.edu.au

The -L stanza is localport:remotehost:remoteport where localport is a port on your machine, forwarded to remoteport on remotehost.

Tunneling over SSH with PuTTY

See Connecting to the MySQL database remotely (via an SSH Tunnel)

  • run putty.exe
  • Connection -> SSH -> Tunnels
    • Port forwarding: source port to 3306
    • destination: 127.0.0.1:3306
    • check Local
    • click Add

Enabling verbose SSH logging

To see what's going on with your ssh connections,

$ ssh -v user@host

Or

$ ssh -vv user@host

Unlocking SSH key for session

jj5@orac:~/.config/autostart$ cat ssh-add.desktop 
[Desktop Entry]
Type=Application
Name=ssh-add
Comment=Adds my private key to my session.
Exec=/usr/bin/konsole -e 'ssh-add /home/$USER/.ssh/id_rsa'

Links

Standard IO

cat EOF

$ cat > output <<EOF
> text
> EOF
$ cat output
text

Script

Creating a session log with script

$ script -t 2> timing

The session log is in the file 'typescript' and the timing data is in 'timing'.

Replaying a scripted session

$ scriptreplay timing

Uses the default file 'typescript' and the 'timing' file as specified.

Screen

Creating a new screen or reconnecting to a detached screen

$ screen -R

Detaching a screen

$ screen -D

Reconnecting to screen

$ screen -D
$ screen -R

I have a script in ~/bin/reconnect like so,

#!/bin/bash
screen -D
screen -R

This will detach your last screen, and reconnect it on the current terminal.

Scrolling in screen

See How to scroll in GNU Screen. Basically press Ctrl+A ESC then use Page Up and Page Down. Press ESC again to exit copy mode. As usual you can use Ctrl+[ in place of ESC.

tmux

Live collaboration with tmux

User A:

tmux -S /tmp/collab
chmod 777 /tmp/collab

User B:

tmux -S /tmp/collab attach

Vim

First, why Vim?

Read Why, oh WHY, do those #?@! nutheads use vi?

Visual modes

Use 'v' for visual mode, 'V' for visual line mode and Ctrl+V for visual block mode.

Configuring spaces instead of tabs

I use two spaces instead of tabs. To configure, edit your .vimrc file:

$ vim ~/.vimrc

and include the following lines:

set tabstop=2
set shiftwidth=2
set expandtab

Configuring syntax highlighting

See here.

Use:

:syntax on

to turn on syntax highlighting.

Use:

:syntax off

to turn off syntax highlighting.

To always use syntax highlighting:

$ vim ~/.vimrc

and add:

syntax on

To get a list of supported colour schemes open vim and type:

:colorscheme[space][Ctrl+D]

To always use a particular colorscheme edit ~/.vimrc and add (for example):

colorscheme desert

Inserting a TAB character when expandtab is on

The problem here is that you have configured vim to insert spaces, but for a particular file (e.g. a Makefile) you need to insert a character.

Press Ctrl+V TAB to insert a literal tab character.

Or you can disable tab expansion altogether with:

:set expandtab!

Changing 2 space indent to 4 space indent (e.g. for python files)

:%s/^\s*/&&/g

For more information see here.

Recording and replaying a macro

To record a macro press 'q' and then a number between 1 and 9. E.g. press "q1". The macro is now recording. When you've finished issuing your commands press 'q' again to finish recording. To replay a macro press '@' followed by the number of the macro. That is, if you pressed "q1" to record the macro, press "@1" to replay the macro. To replay the last macro again press "@@".

Deleting to end of line

d$

Deleting to beginning of line

d^

Finding text

To search forward for "text":

/text

To search backward for "text":

?text

To repeat the last search in a forward direction press 'n', or to search again backwards press 'N'.

Finding and replacing text

To replace the first instance of "search" on the current line with "destroy":

:s/search/destroy/

To replace all instances of "search" on the current line with "destroy":

:s/search/destroy/g

To replace all instances of "search" on lines 13 to 37 with "destroy":

:13,37 s/search/destroy/g

To replace all instances of "search" in the entire file with "destroy":

:%s/search/destroy/g

Changing DOS/Windows line-endings (CRLF) to Unix line-endings

To set the line-ending to Unix line endings run the command:

:setlocal ff=unix

More information on managing file formats available here.

Disabling auto-indent etc. to paste from clipboard

To disable smart indenting when you're going to paste in text:

:set paste

To turn it off again:

:set nopaste

There's more info in this article: Toggle auto-indenting for code paste

Positioning windows

Use -o for horizontal split, e.g.:

vim -o a.txt b.txt

Use -O for vertical split, e.g.:

vim -o a.txt b.txt

Use ^W to navigate windows then use directional keys h, j, k, l, etc.

Use ^W and < or > to resize windows.

To indent a block of text in Vim

Use the > command. E.g. to indent five lines:

5 > >

Press . (dot) to keep indenting.

Or inside a block (e.g. curly brace, HTML/XML element, etc.) you can put your cursor in the element on on the curly brace and then:

> %

See here for more.

Open a file in a new window/tab

To open a file on the left hand side:

:vert new filename.ext

Note: ':vnew filename.ext' and ':vsp filename.ext' also work.

To open a file at the top:

:new filename.ext

See here for more.

Explore files in Vim

Enter:

:Explore

Switch between Vim tabs

Use gt and gT.

Switch between Vim windows

To toggle between open windows use:

Ctrl+W W

To move in a direction use:

Ctrl+W h/j/k/l

See here for more.

Insert block comment in Vim

See here for line-commenting.

So it's:

  1. Ctrl+V (Note: not Shift+V!)
  2. Up/Down to select rows
  3. Shift+I
  4. Enter your text, e.g. '#' or '//'
  5. Ctrl+[ (or 'Esc')

Navigate to matching tag

To navigate to the matching beginning or end tag use '%'.

You can also use e.g. '[{' to match the previous '{', or e.g. '])' to match the next ')'.

Auto-format HTML tags

Stolen from here.

  1. first join all the lines - ggVGgJ
  2. Now break tags to new lines - :%s/>\s*</>\r</g
  3. Now set filetype - :set ft=html (you can do this before too)
  4. Now Indent - ggVG=

Links

Create PDF from text using Vim

Generate PDF from input.txt with:

$ vim input.txt -c "hardcopy > doc.ps | q" && ps2pdf doc.ps

Examine output with:

$ okular doc.pdf

Write

Talking to other users on the system

write is a unix command for talking to other users on the system. To use write:

1. SSH to <username>@<hostname> and login with your username and password.

2. Issue the following command to find out who is logged onto the system:

$ who

3. Issue the following command to talk to a specific user:

$ write <username>

4. Enter the message you'd like to send the user, followed by Ctrl+C to send. Press Ctrl+D to cancel.

Date

Reporting the time on the server

$ date

Reporting UTC time

$ date --utc

Getting the date in yyyy-MM-dd-hhmmss format

$ date="`date +%F-%H%M%S`"

Getting the year in four digits

$ year="`date +%Y`"

Getting the month in two digits

$ month="`date +%m`"

Getting the day of the month in two digits

$ day="`date +%d`"

Getting yesterday's date

$ date --date='1 day ago' +%Y-%m-%d

Converting Unix time (seconds since epoch)

For timestamp '1501370200':

$ date -d @1501370200 +%F-%H%M%S

Running timedatectl from systemd

There's a new command bundled with systmed:

# timedatectl

It reports on (and controls) how the system time is configured.

MySQL (and MariaDB)

Run mysql without authentication/authorisation

# service mysql stop
# mysqld_safe --skip-grant-tables &

Then you can connect without a password, e.g.:

# mysql -u root mysql

To stop the unauthenticated service:

# mysqladmin shutdown

Then restart a normal service:

# service mysql start

Logging all database queries

# vim /etc/mysql/my.cnf

In the [mysqld] section add:

log=/tmp/mysql.log

Then:

# service mysql restart

Watch the log with:

# tail -f /tmp/mysql.log

Or:

SET GLOBAL log_output = 'FILE';
SET GLOBAL general_log_file = 'my_logs.txt';
SET GLOBAL general_log = 'ON';

my_logs.txt will be in /var/lib/mysql

Dumping a MySQL database

You can dump the database into a file using:

$ mysqldump -h hostname -u user --password=password databasename > filename

Loading a MySQL database from a dump file

You can create a database using:

$ echo create database databasename | mysql -h hostname -u user -p

You can restore a database using:

$ mysql -h hostname -u user --password=password databasename < filename

Creating a MySQL user

# mysql -h localhost -u root --password=<password>
mysql> create user 'username'@'localhost' identified by '<password>';

Granting all MySQL user permissions

# mysql -h localhost -u root --password=<password>
mysql> grant all privileges on dbname.* to user@host;

Select domain name from email address

SELECT SUBSTR( email, INSTR( email, '@' ) + 1 )

Check if MySQL connection is encrypted with TLS/SSL

Check the SSL version in use:

show status like 'Ssl_version';

Or check the cipher in use:

show status like 'Ssl_cipher';

Report on server config

See SHOW Statements for the full list, but check out:

SHOW VARIABLES

and

SHOW STATUS

and

SHOW PROCESSLIST

Monitor MySQL activity

$ watch "mysql -t -e 'show processlist'"

Apache

Reporting loaded Apache modules

# apache2ctl -M

Maintaining .htaccess passwords

To add or modify the password for a user:

$ htpasswd /etc/apache2/passwd username

Configuring PHP session timeout in .htaccess

For a session timeout of 9 hours:

php_value session.cookie_lifetime 32400
php_value session.gc_maxlifetime 32400

Disabling PHP magic quotes in .htaccess

php_flag magic_quotes_gpc Off

Requiring HTTP Auth in .htaccess

AuthType Basic
AuthName "Speak Friend And Enter"
AuthUserFile /home/jj5/.htpasswd
Require valid-user

Restarting Apache

The hard way

$ sudo /etc/init.d/apache2 restart

The graceful way (avoids dropping active connections)

$ sudo apache2ctl graceful

Allowing directory browsing

To show directory index pages, in the apache config file:

<Directory /var/www/data>
  Options Indexes
</Directory>

C

Locating memset function

The memset function is in <string.h> as described in this article Using memset(), memcpy(), and memmove() in C

Links

PHP

Including a file relative to the including file

require_once( dirname( __FILE__ ) . '/relative/path/to.php' );

Enabling error reporting

error_reporting( E_ALL | E_STRICT );
ini_set( 'display_errors', 'On' );

Setting an error handler

set_error_handler( "error_handler", E_ALL | E_STRICT );
function error_handler( $error_code, $error_message, $error_file, $error_line, $error_context ) {
  // ...
}

Disable HTML content in var_dump

ini_set( 'html_errors', 'off' );

Report PHP modules

$ php -m

PHP Security Best Practices For Sys Admins

See Linux 25 PHP Security Best Practices For Sys Admins.

BASH scripting

For a primer on bash scripting see TFM: Erotic Fantasy: /bin/sh Programming.

Telling a script to run in bash

The first line of the file should be:

#!/bin/bash

Checking if a command-line argument was passed in

if [ -n "$1" ]; then
  echo "Missing parameter 1.";
  exit 1;
fi

Checking if a command-line argument was not passed in

if [ "$1" = "" ]; then
  echo "Missing parameter 1.";
  exit 1;
fi

Or:

if [ -z "$1" ]; then
  echo "Missing parameter 1.";
  exit 1;
fi

Checking command exit status

cd /my/path
if [ "$?" -ne "0" ]; then
  echo "Cannot change dir.";
  exit 1;
fi

Checking if a file does/doesn't exist

Check if file exists:

if [ -f "/my/file" ]; then
  cat /my/file
fi

Check if file doesn't exist:

if [ ! -f "/my/file" ]; then
  touch /my/file
fi

Checking if a directory does/doesn't exist

Check if directory exists:

if [ -d "/my/dir" ]; then
  rmdir /my/dir
fi

Check if directory doesn't exist:

if [ ! -d "/my/dir" ]; then
  mkdir /my/dir
fi

Deleting old backups

To keep only the latest five backups:

find . -maxdepth 1 -type f -printf '%T@ %p\0' | sort -r -z -n | awk 'BEGIN { RS="\0"; ORS="\0"; FS="" } NR > 5 { sub("^[0-9]*(.[0-9]*)? ", ""); print }' | xargs -0 rm -f

This script stolen from stackoverflow.

Requires GNU find for -printf, GNU sort for -z, GNU awk for "\0" and GNU xargs for -0, but handles files with embedded newlines or spaces.

Changing into the script's directory

cd "`dirname $0`"

Getting the absolute path of a relative path

readlink -f ./some/path

Creating a temp directory

dir=`mktemp -d` && cd $dir

Reading secret input from stdin

You can read a secret, such as a password, like this:

echo -n "Enter passphrase: "
stty -echo
read passphrase;
stty echo
echo ""

After running the above the secret will be in the $passphrase environment variable.

String replacements in bash

See the string manipulation doco. Basically, to replace first occurrence:

result=${var/find/replace}

To replace all occurrences:

result=${var//find/replace}

A practical example, get an ISO date and turn it into a path:

date="$(date +%Y-%m-%d)"
work_dir=${date//-//}

Sending a HEREDOC to a file

cat << EOF > /tmp/yourfilehere
These contents will be written to the file.
        This line is indented.
EOF

Bash case/switch statement

See using case statements, e.g.:

case $space in
[1-6]*)
  Message="All is quiet."
  ;;
[7-8]*)
  Message="Start thinking about cleaning out some stuff.  There's a partition that is $space % full."
  ;;
9[1-8])
  Message="Better hurry with that new disk...  One partition is $space % full."
  ;;
99)
  Message="I'm drowning here!  There's a partition at $space %!"
  ;;
*)
  Message="I seem to be running with an nonexistent amount of disk space..."
  ;;
esac

Using dotglob shopt to match dot-files

To enable dot-file matching in globs, set the dotglob shell option:

$ shopt -s dotglob

Stopping a script from running if it previously exited due to error

persistentDataDir=/var/lib/something
alarm() {
  touch $persistentDataDir/alarm
}
trap alarm ERR
[ -f $persistentDataDir/alarm ] && exit 1

Make sure only one instance of a script is running at a time

ephemeralDataDir=/var/run/something
unlock() {
  rmdir $ephemeralDataDir/lock
}
mkdir $ephemeralDataDir/lock || exit 1;
trap unlock EXIT

BASH programming advice

See Anybody can write good bash (with a little effort).

Run a command using arguments that come from an array

See here:

#!/bin/bash
tabs=("first tab" "second tab")
args=()
for t in "${tabs[@]}" ; do 
  args+=(-t "$t")
done
app "${args[@]}"

Display a CSV in columnar or tabular format

$ column -t -s , data.csv

Maximum command line length

Technically this is an operating system limit, not a BASH limit.

$ getconf ARG_MAX    # Get argument limit in bytes/chars

Sed

Find and replace with sed

To update the current file use '-i'. E.g.:

sed -i 's/search-text/replace-text/' file

Awk

Listing IP addresses in an Apache web log

awk '/GET \/path\/for\/url/ { print $1 }' /var/log/apache2/access.log | sort | uniq

Printing space-separated field

echo 'no no yes no' | awk '{print $3}'

Printing delimited field

echo 'no:no:yes:no' | awk -F ':' '{print $3}'

Subversion

Setting svn:externals from the command-line

See here.

To set an svn:externals from the command-line:

svn propset svn:externals 'rdfind-php https://www.progclub.org/svn/pcrepo/rdfind.php/branches/0.1' .
svn ci -m 'Adding svn:externals for rdfind-php...'
svn up

Or to use a file:

svn propset svn:externals -F svn.externals .

Setting svn:ignore from the command line

See here.

$ svn propset svn:ignore [file|folder] [path]

Or use a file and apply recursively:

$ svn propset svn:ignore -RF ./svn-ignore-list.txt .

Git

Showing status of working copy

git status

Showing repo history

git log

Showing remote repositories (including 'origin')

git remote -v

Handy git aliases

Save these to your ~/.gitconfig file.

For a nicer view of history than standard 'git log' -- colourful, one-line-per commit, etc:

 graph = !git log --all --graph --color --abbrev-commit --pretty=oneline

To show only the files that have changed, rather than the full line-by-line content:

 dif   = !git diff --name-status

Show git remote URL

git config --get remote.origin.url

IRC

Instructing ChanServ to op an admin

/msg ChanServ op #channel user

E.g.

/msg ChanServ op #gnurc jj5

Sub 'op' for 'deop' to remove op privilege.

C++

C++ books

Books I want

Books I own

Books I'm not reading

Books I've read

C++ blogs/articles

C++ performance tips

  • ++c can be faster than c++.
  • use const for everything that you possibly can.
  • use 'inline' when you need to define a function in a header. Typically only do that if it's small and the increase in code size from inlining is worth the cost to avoid the cost of a function call. For anything except trivially small functions you'll probably need to profile to know if it's worth it.
  • don't use registers.
  • const rarely affects performance.
  • debunking a number of C++ myths that won't die.
  • std::sort<> is typically faster than qsort() because it can avoid indirection at runtime.
  • if you've got parallelisation going on, you may be able to just replace a std::for_each with a parallel equivalent.
  • read about performance cost of RTTI (Run Time Type Information) and how to disable it
  • don't use dynamic_cast because it is slow (typeid is faster but still relies on RTTI)
  • prefer unique_ptr to shared_ptr when possible. unique_ptr has less overhead.
  • Which is better, static or dynamic linking?
  • Integer vs Floating-Point performance

systemd

systemd is an init system used in most Linux distributions to bootstrap the user space and manage all processes subsequently.

Following a service log

e.g. for bind9:

# journalctl -f -u bind9

or for everything:

# journalctl -f

System status

To see spawned services hierarchy:

# systemctl status

Or for a specific service e.g.:

# systemctl status networking

SaltStack

Running a command on specified minions

From the salt master:

salt 'host' cmd.run 'update-locale'

From the salt minion:

salt-call cmd.run 'update-locale'

Running a command on all minions

salt '*' cmd.run 'update-locale'

Running a specific state file

From the salt master:

salt $MINION_ID state.sls $STATE_FILE

From the salt minion:

salt-call state.sls $STATE_FILE

Listing active jobs

salt-run jobs.active

Listing available grains

salt 'example' grains.items

Listing available pillar

salt 'example' pillar.items

Reporting a grain value

e.g. for the 'mem_total' grain:

salt '*' grains.item mem_total

Passing a variable into a Jinja template from a salt state (SLS)

e.g.: to pass 'zabbix_deb_{pkg,url}' variables into the source.txt template:

/srv/zabbix/release/{{ zabbix_deb_pkg }}.txt:
  file.managed:
    - template: jinja
    - user: root
    - group: root
    - mode: 644
    - source: salt://file/srv/zabbix/release/source.txt
    - require:
      - file: /srv/zabbix/release
    - default:
      zabbix_deb_pkg: {{ zabbix_deb_pkg }}
      zabbix_deb_url: {{ zabbix_deb_url }}

KDE

Running user login script (X11/XOrg/XWindows)

A way to run user login scripts which works for KDE Plasma (and apparently other X.Org Server X Window System environments) is to create a *.desktop file in ~/.config/autostart/. For example I have a ~/.config/autostart/ssh-add.desktop file with the following contents to register my SSH key in the SSH Agent:

[Desktop Entry]
Type=Application
Name=ssh-add
Comment=Adds my private key to my session.
Exec=/usr/bin/konsole -e 'ssh-add /home/$USER/.ssh/id_rsa'

Standard KDE shortcut key bindings

Name Shortcut Command
Insert comment F1 xdotool type "$(date +%Y-%m-%d ) $USER - "
Insert sydtime F4 xdotool type "$(date +%Y-%m-%d-%H%M%S)"
Konsole Meta+T konsole
Dolphin Meta+E dolphin
Kate Ctrl+Shift+F12 kate
KCalc Ctrl+Shift+F11 kcalc
Firefox Ctrl+Shift+F10 firefox

Shutting down KDE/Plasma

# /etc/init.d/sddm stop

VirtualBox

Mounting a VirtualBox VDI file

Note: instead of doing this consider booting with a live CD.

See here:

Install qemu if necessary:

# apt install qemu

Then you'll need to load the network block device module:

# rmmod nbd
# modprobe nbd max_part=16

Attach the .vdi image to one of the nbd you just created:

# qemu-nbd -c /dev/nbd0 drive.vdi

Now you will get a /dev/nbd0 block device, along with several /dev/nbd0p* partition device nodes.

# mount /dev/nbd0p1 /mnt

Once you are done, unmount everything and disconnect the device:

# qemu-nbd -d /dev/nbd0

Elasticsearch

Report on health of your Elasticsearch cluster

$ curl http://localhost:9200/_cluster/health?pretty

Zabbix

Zabbix Agent on Mac OS X

Download and install agent.

Config file is here: /usr/local/etc/zabbix/zabbix_agentd.conf

Unload agent with:

# launchctl unload /Library/LaunchDaemons/com.zabbix.zabbix_agentd.plist

Load agent with:

# launchctl load /Library/LaunchDaemons/com.zabbix.zabbix_agentd.plist

To add a 'pki' group:

# dseditgroup -o create pki

To monitor syslog on Mac OS X:

# tail -f /var/log/system.log

Installing Zabbix Agent from source on Mac OS X

Download sources from https://www.zabbix.com/download_sources

$ brew update
$ brew install openssl
$ brew install pcre
jj5@condor:~/Desktop/zabbix-4.4.7$ ./configure --enable-agent --with-openssl=/usr/local/opt/openssl/
jj5@condor:~/Desktop/zabbix-4.4.7$ sudo make install

NetBeans

NetBeans shortcut keys

Keys Action
Ctrl+W Close active window
Alt+Shift+K Open in Terminal
Ctrl+U U Convert selected text to uppercase
Ctrl+U L Convert selected text to lowercase

XML

How to pretty-print an XML file

$ xmllint --format input.xml > output.xml

ApacheBench

Run a benchmark with ApacheBench

$ ab -n 1000 -c 100 https://www.example.com/