# error # adr@adr-desktop:~$ su-to-root -X -c zenmap (gksu:24352): Gtk-WARNING **: cannot open display: adr@adr-desktop:~$ echo $DISPLAY ... showing nothing ... adr@adr-desktop:~$ export DISPLAY=:0.0 -> add this in .bashrc adr@adr-desktop:~$ su-to-root -X -c zenmap ... now is working ... # vmware security problem; closing ports 443 and 902 opened by VMware Authentication Daemon # https://communities.vmware.com/thread/425526?start=0&tstart=0 # http://blog.martinshouse.com/2012/11/vmware-90-on-linux-closing-ports-443.html sudo service vmware-workstation-server status sudo nmap -T4 -A -v localhost 1. In /etc/init.d/vmware Comment out the line: vmware_exec 'VMware Authentication Daemon' vmware_start_authdlauncher Add the following line: echo 'Skipping: VMware Authentication Daemon' 2. In /etc/init.d/vmware-workstation-server After the line: ### END INIT INFO Add two new lines: echo Aborting launch of vmware-workstation-server exit 0 2. or (not tested) better use this to disable vmware-workstation-server autostart sudo service vmware-workstation-server stop sudo update-rc.d vmware-workstation-server disable sudo service vmware-workstation-server status sudo update-rc.d vmware-workstation-server defaults 2. VMware Workstation -> Edit -> Preferences -> Shared VMs uncheck "Enable virtaul machine sharing and remote access" # error at apache2 startup AH01574: module dav_module is already loaded, skipping # solution; edit /etc/apache2/mods-available/dav.load <IfModule !mod_dav.c> LoadModule dav_module /usr/lib/apache2/modules/mod_dav.so </IfModule> # error Fetched 759 kB in 8s (91.2 kB/s) W: Failed to fetch http://ro.archive.ubuntu.com/ubuntu/dists/vivid-updates/universe/binary-amd64/Packages Hash Sum mismatch W: Failed to fetch http://ro.archive.ubuntu.com/ubuntu/dists/vivid-updates/universe/binary-i386/Packages Hash Sum mismatch E: Some index files failed to download. They have been ignored, or old ones used instead. Error executing command, exiting # solution Check that everything is on in Synaptic Package Manager -> Settings -> Repositories. sudo rm /var/lib/apt/lists/* -vf sudo apt-get update # error Dash (from Unity) does not showing Applications. Message presented is "Sorry, there is nothing that matches your search". # solution # http://askubuntu.com/questions/501880/applications-dont-appear-in-the-dash-14-04 sudo apt-get install desktop-file-utils # list the files containing errors: desktop-file-validate ~/.local/share/applications/*.desktop | grep -i "desktop: error" | awk '{sub(/:$/,"",$1); print $1}' | uniq desktop-file-validate ~/.gnome/apps/*.desktop | grep -i "desktop: error" | awk '{sub(/:$/,"",$1); print $1}' | uniq desktop-file-validate /usr/share/applications/*.desktop | grep -i "desktop: error" | awk '{sub(/:$/,"",$1); print $1}' | uniq # in order to see the errors run: desktop-file-validate ~/.local/share/applications/*.desktop desktop-file-validate ~/.gnome/apps/*.desktop desktop-file-validate /usr/share/applications/*.desktop # move the error-desktop-files to a temporary location: mkdir -p ~/temp/error-desktop-files1 ~/temp/error-desktop-files2 ~/temp/error-desktop-files3 desktop-file-validate ~/.local/share/applications/*.desktop | grep -i "desktop: error" | awk '{sub(/:$/,"",$1); print $1}' | uniq | xargs sudo mv -t ~/temp/error-desktop-files1/ {} desktop-file-validate ~/.gnome/apps/*.desktop | grep -i "desktop: error" | awk '{sub(/:$/,"",$1); print $1}' | uniq | xargs sudo mv -t ~/temp/error-desktop-files2/ {} desktop-file-validate /usr/share/applications/*.desktop | grep -i "desktop: error" | awk '{sub(/:$/,"",$1); print $1}' | uniq | xargs sudo mv -t ~/temp/error-desktop-files3/ {} # At this point your problem is solved but some application still are missing (the ones for whom you moved the *.desktop files). # What's strange is that after moving back the *.desktop files to where they originally were the problem still remains solved. # I suppose you have to first access the dash in order to show the applications before # moving them back to where they originally were, otherwise would be more than strange. # Enable *.sh executing on double-click for Xfce (thunar 1.6.6 minimal): # see then created: Settings -> Settings Editor -> thunar -> misc-exec-shell-scripts-by-default xfconf-query --channel thunar --property /misc-exec-shell-scripts-by-default --create --type bool --set true # video card info # see also http://ubuntuforums.org/showthread.php?t=2294502 # using chromium navigate to chrome://gpu/ lspci | grep VGA sudo lshw -C video # That's because your hardware is newer than Trusty's copy of the PCI ID database of names. # Run this (once, with internet connection on) to update to the most current database of # PCI/USB device names, and then run lspci again: sudo update-pciids sudo update-usbids # other video test export LIBGL_DEBUG=verbose glxgears -info # display info about a GLX extension and OpenGL renderer glxinfo # display information from VA API driver vainfo # Disable The User List Or Guest Session In Ubuntu 15.10 # see also http://sourcedigit.com/17187-disable-user-list-guest-session-ubuntu/ # when using lightdm login manager: gksu gedit /etc/lightdm/lightdm.conf [SeatDefaults] -> existing line allow-guest=false -> append this line sudo systemctl restart lightdm # show current login manager cat /etc/X11/default-display-manager # list available login managers update-alternatives --list x-window-manager # Enable password-less login # Use "Users and Groups" utility. # XFCE Whisker Menu (http://gottcode.org/xfce4-whiskermenu-plugin/) # search whisker in Synaptic for maybe other related useful packages sudo apt-get install xfce4-whiskermenu-plugin xfce4-goodies # then add the Whisker Menu in Panel 1 and remove the Application menu # XFCE + annoying security popups # https://www.freedesktop.org/software/polkit/docs/latest/polkit.8.html In /usr/share/polkit-1/actions/org.freedesktop.accounts.policy configure: <defaults> <allow_any>auth_self</allow_any> <allow_inactive>auth_self</allow_inactive> <allow_active>auth_self_keep</allow_active> </defaults> # or at XFCE Settings -> Session and Startup (Application Autostart TAB): # uncheck PolicyKit Authentication Agent but with this side effect e.g.: # when starting Synaptic you won't longer be prompted for password so you'll have to start it with gksudo synaptic # public key authentication not working (Permission denied (publickey)) # possible solution: sudo chown -Rv $USER: ~/.ssh sudo chmod -v 700 ~/.ssh sudo chmod -v 600 ~/.ssh/* # also remove any other user from the group named as the $USER (the base group) # ERROR1 VMWare says something like "vmware kernel module updater ..." and requires pressing Install button then nothing happens. # ERROR2 After some Ubuntu updates the vmware network adapters are gone. # SOLUTION sudo vmware-modconfig --console --install-all # problem: masked service # This will prevent the service from being started, automatically or manually, for as long as it is masked. sudo service transmission-daemon status ● transmission-daemon.service Loaded: masked (/dev/null) Active: inactive (dead) sudo service transmission-daemon start Failed to start transmission-daemon.service: Unit transmission-daemon.service is masked. sudo systemctl unmask transmission-daemon.service Removed symlink /etc/systemd/system/transmission-daemon.service. sudo service transmission-daemon status ● transmission-daemon.service - LSB: Start or stop the transmission-daemon. Loaded: loaded (/etc/init.d/transmission-daemon) Active: inactive (dead) Docs: man:systemd-sysv-generator(8) # show open ports: sudo nmap localhost # use zenmap gui: sudo zenmap # how to install vmware tools on linux: sudo apt-get install open-vm-tools # get hdd partition uuid sudo blkid /dev/sda2 # result e.g: /dev/sda2: LABEL="Windows7_OS" UUID="4250D1BE50D1B8BD" TYPE="ntfs" PARTUUID="33ca1039-02" Unity Tweak Tool - usefull tweaks: select Launcher -> "Show Desktop" icon select Search -> Search online sources select Panel -> Date & time Compiz Config Settings Manager (compizconfig-settings-manager) - settings: General Options -> Display Settings (for default monitor selection) Ubuntu Unity Plugin -> Launcher -> Minimize Single Window Applications (check in order to maximize/minimize window when clicking on it's launcher icon) After updating an Ubuntu server I occasionally see the message you may need to re-run your boot loader[grub] after updating the kernel: sudo update-grub # Remote desktop + XFCE + terminal auto complete commands # http://ubuntuforums.org/showthread.php?t=1771058&page=2 edit ~/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml find the line <property name="custom" type="empty"> <property name="<Super>Tab" type="string" value="switch_window_key"/> and change it to <property name="custom" type="empty"> <property name="<Super>Tab" type="empty"/> reboot or whatever and then tab will work properly! # download from https with public/private key and user/password # see also https://adrhc.go.ro/wordpress/how-to-create-a-certificate/ wget --no-hsts --no-check-certificate --user=uuu --password=ppp --certificate=xxx_pub.pem --private-key=xxx_key.pem https://svn-ubuntu/zzz/yyy.xml PS: make sure "certificate common name" match host name (e.g. svn-ubuntu); put it in /etc/hosts in order to match # clear HSTS data for chrome chrome://net-internals/#hsts # PROBLEM: # umount: /mnt/adrhc-davp: target is busy # SOLUTION: # list open files in /mnt/adrhc-davp: sudo lsof | grep /mnt/adrhc-davp # or identify processes using /mnt/adrhc-davp: fuser -u /mnt/adrhc-davp # convert m4a or m4b to mp3 # use soundconverter: sudo apt-get install soundconverter # nomodeset # http://askubuntu.com/questions/207175/what-does-nomodeset-do The newest kernels have moved the video mode setting into the kernel. So all the programming of the hardware specific clock rates and registers on the video card happen in the kernel rather than in the X driver when the X server starts.. This makes it possible to have high resolution nice looking splash (boot) screens and flicker free transitions from boot splash to login screen. Unfortunately, on some cards this doesnt work properly and you end up with a black screen. Adding the nomodeset parameter instructs the kernel to not load video drivers and use BIOS modes instead until X is loaded. # ssh with pre-configured port and user name # http://linux.die.net/man/5/ssh_config # create/edit ~/.ssh/config: Host gigi HostName www.gigi.com Port 22 User gigikent ServerAliveInterval 30 # now you can login with: ssh gigi Host gigi18375 HostName www.gigi.com Port 18375 User gigikent ServerAliveInterval 30 # now you can login with: ssh gigi18375 # RAM info sudo dmidecode -t memory # generate nive html reports on computer access for a custom period of time # see also /etc/cron.daily/epylog # see also /etc/epylog/modules.d/*.conf # see /etc/epylog/epylog.conf for configuration: # [file] # method = file # path = /var/www/html/epylog sudo epylog --last day # access samba share; put this in your File Manager tab: smb://ip # teamviewer setup: # https://www.linuxbabe.com/desktop-linux/install-teamviewer-ubuntu-16-04-xenial-xerus # Errors in /var/log/syslog: # Too many open files # TCP: request_sock_TCP: Possible SYN flooding on port 8080. Dropping request. Check SNMP counters. # http://serverfault.com/questions/294209/possible-syn-flooding-in-log-despite-low-number-of-syn-recv-connections netstat -tuna | wc -l watch --interval=1 'netstat -tuna | grep "SYN_RECV" | wc -l' # /etc/sysctl.conf: # http://www.dba-oracle.com/oracle10g_tuning/t_ios_kernel_parameters.htm net.ipv4.tcp_max_syn_backlog = 2048 less /etc/sysctl.conf sysctl -a # /etc/security/limits.conf: # -: changes both soft and hard limit username soft nofile 2048 username hard nofile 65536 username - memlock 524288 @groupname soft nofile 2048 @groupname hard nofile 65536 # shows all limits for current user: # http://ss64.com/bash/ulimit.html ulimit -a # xrdp ignores /etc/security/limits.conf # http://florent.clairambault.fr/xrdp-and-the-ulimits-nofile-issue # Edit /etc/pam.d/common-session* and add the following line: session required pam_limits.so # e.g. change memlock limit then login with current user: # won't work with only "ulimit -l 1024" sudo sh -c "ulimit -l 1024 && exec su $LOGNAME" # e.g. print limits set for the process with pid 1831: cat /proc/1831/limits # http://www.cyberciti.biz/tips/linux-procfs-file-descriptors.html # http://www.cyberciti.biz/faq/linux-increase-the-maximum-number-of-open-files/ # To count the number of open file handles of any sort, type the following command: lsof | wc -l # see also nginx setup: worker_rlimit_nofile, worker_connections, proxy_read_timeout # see also limits for sslh and sshttp: ps -e -o pid,comm,cmd | grep [s]shttp ps -e -o pid,comm,cmd | grep [s]slh # wget console output wget --no-check-certificate https://www.google.ro/ -qO- # nginx ssl configuration: # https://mozilla.github.io/server-side-tls/ssl-config-generator/ # https://github.com/mozilla/server-side-tls # ttps://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations # http://security.stackexchange.com/questions/54639/recommended-ssl-ciphers-for-security-compatibility-perfect-forward-secrecy # https://www.ssllabs.com/ssltest/analyze.html?d=adrhc.go.ro # ERROR: sudo apt-get install ttf-mscorefonts-installer # ttf-mscorefonts-installer: processing... # ttf-mscorefonts-installer: downloading http://downloads.sourceforge.net/corefonts/andale32.exe # Get:1 http://downloads.sourceforge.net/corefonts/andale32.exe [198 kB] # Fetched 198 kB in 1s (184 kB/s) # W: Can't drop privileges for downloading as file '/var/lib/update-notifier/package-data-downloads/partial/andale32.exe' couldn't # be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied) # ttf-mscorefonts-installer: downloading http://downloads.sourceforge.net/corefonts/arial32.exe # SOLUTION: # see https://ubuntuforums.org/showthread.php?t=2323229 apt-cache policy ttf-mscorefonts-installer ll /var/lib/update-notifier/package-data-downloads/partial sudo rm /var/lib/update-notifier/package-data-downloads/partial/* sudo apt-get --purge --reinstall install ttf-mscorefonts-installer # Adding CAcert root certificate to Debian/Ubuntu # https://www.brightbox.com/blog/2014/03/04/add-cacert-ubuntu-debian/ # see: curl-config --ca sudo mkdir /usr/local/share/ca-certificates/svn-ubuntu-2017 sudo cp -v svn-ubuntu.cer-chain.b64-ascii.crt /usr/local/share/ca-certificates/svn-ubuntu-2017/ sudo update-ca-certificates # or this way: sudo bash -c "echo -n | openssl s_client -showcerts -connect host-name-here:443 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> /etc/ssl/certs/ca-certificates.crt"
Frozen linux restart https://forum.likg.org.ua/linux-specific/magic-sysrq-key-t395.html http://www.exploringbinary.com/binary-converter/ cat /proc/sys/kernel/sysrq Ctrl + Alt + SysRq + key Under graphical environments (such as Gnome or KDE) 'Alt'+'PrintScrn/SysRq'+key combination generally only leads to a screenshot being dumped. To avoid this Print Screen feature the magic SysRq combination should include the Ctrl, becoming 'Ctrl'+'Alt'+'SysRq'+key. For the same purposes the AltGr key, if present, can be used in place of the Alt key. #54: Protect log files see http://www.tuxradar.com/content/linux-tips-every-geek-should-know