Some notes on born2beroot project at Codam.
This file contains general notes in no particular order.
See also checklist.md which roughly follows subject structure.
basic (up to 1280x1024) https://www.ronaldtoussaint.nl/2018/01/24/increasing-the-screen-resolution-of-linux-console-with-grub-in-virtualbox/
I tried to increase it further, but it didn't work. I added a custom resolution like this: https://docs.oracle.com/en/virtualization/virtualbox/6.0/admin/adv-display-config.html but than I had problem that my framebuffer was too small and I wasn't able to increase it even with fbset.
By default you have 6 terminals open, and you can switch between them with
alt + F1, alt + F2, ... alt + F6. With the default Mac host settings you'll need to press fn as well to make F1, F2, …, F6 work. And if there is a graphics interface on your linux you'll also need control.
Another way to change between terminals is chvt command, i. e. chvt 3 to change to tty3. When you execute chtv via ssh, the terminal is changed in the virtual machine window.
An article on terminals: http://www.linusakesson.net/programming/tty/index.php
One can pipe long output into less to be able to navigate it. For example lsblk -h | less. Type q to exit, type /pattern to find the pattern, type n to go to the next occurence, type N for previous occurence. Also, see man less.
But I reccoment ssh into your virtual machine from the host and use comfortable terminal with scroll and copy-paste.
export - set
env - print
unset - unset
update-alternatives --config editor (updates the editor system-wide)
su --login {username} or su - {username} changes user. Without --login/- will not change env variables properly.
The easiest way to achive the partition for mandatory part is to use guided partition during the debian install. But here is a nice article on LVM anyway: https://www.redhat.com/sysadmin/lvm-vs-partitioning
lsblk — command to see disk partition info.
lsblk --list -o NAME,TYPE | grep lvm shows logical volumes created by lvm.
Also, here is the source code for lsblk (link to the function that gets the type of the device). Basically, lsblk goes through folders in /sys/block and somehow retrieves info about devices. The type of a dm (see device mapper) device is determined by looking at /sys/block/dm-1/dm/uuid
sshd -T see settings
systemctl status sshd see status
/etc/ssh/sshd_config - set settings
ssh into virtualbox machine https://averagelinuxuser.com/ssh-into-virtualbox/
https://help.ubuntu.com/community/UFW
ufw status verbose shows ufw status
lsof - list all open files; lsof -i - files for Internet
Or, a better way from the subject - ss -tunlp (overlooked it at first).
Why isn't ping shown in netstat?
hostnamectl set-hostname {new hostname} + change /etc/hosts
Check via hostnamectl
groups shows groups of current user
groups {username} shows groups of {username}
id [{username}] shows groups with group ids, also shows which groups if primary for the user.
groupadd {groupname} create group
usermod -a -G {groupname(s)} {username} add user to a group. With -g makes the group primary for user. Without -a all non-listed groups will be erased (except for the primary?)
gpasswd -a {user} {group} add user to group.
gpasswd -d {user} {group} delete user from group.
useradd low level user creation
adduser hight level user creation
First, install libpam-pwquality.
Config is stored in /etc/security/pwquality.conf
The pwquality module is somehow automatically added to /etc/pam.d/common-password
pwscore checks passwords. Install with apt-get install libpwquality-tools. Accepts username as an argument to check for similarities.
passwd change password
chage set expiration data for exisiting users
/etc/login.defs - expiration data defaults
visudo - change sudo settings
ssh localhost -p 2022 'sudo -S echo "Hello"' way to check requiretty
Defaults env_reset,timestamp_timeout=0 ask for password every time
if secure_path is set, than sudo looks for executables there. My example executable lies in /usr/local/games which is in PATH but not in secure_path so sudo doesn't see it. If I want to run such an executable, I need sudo $(which MY_EXECUTABLE) ARGUMENTS.
You can look at the sudo session with sudoreplay -d /var/log/sudo -l and then replay a session with sudoreplay -d /var/log/sudo TSID.
sudo -k revoke credentials.
sudo apt-get install sysstat — better CPU monitoring than top.
mpstat 2 1 gives 1 data point about 2-second interval.
ifconfig is depricated, use ip and ss instead.
crontab -e edits cron for current user. https://crontab.guru/ - site that explains chron syntax.
Fancy ascii banners https://manytools.org/hacker-tools/ascii-banner/
Save if forgot to call vim with sudo: :w !sudo tee % link
Hold alt to select in iTerm for copying to clipboard of the host machine.
To enter a folder with a name starting with - use --, i. e. cd -- -2