Linux

• sources.list for i586 and amd64 modified by me (mix of unstable and experimental repository) and gpg keys - updated on 2011-10-15

  32 BIT: $ sudo wget --output-document=/etc/apt/sources.list http://www.torino19.org/mike/pool/apt/sources.list/i586/sources.list
  64 BIT: $ sudo wget --output-document=/etc/apt/sources.list http://www.torino19.org/mike/pool/apt/sources.list/amd64/sources.list

• “Dynamic MMap ran out of room” error → You should increase APT::Cache-Limit in your 70debconf file (/etc/apt/apt.conf.d/70debconf)
• Fix BADSIG errors:

  $ sudo -i
  # apt-get clean
  # mv /var/lib/apt/lists /var/lib/apt/lists.old
  # mkdir -p /var/lib/apt/lists/partial
  # apt-get clean ; apt-get update ; exit

• script to fix GPG keys errors
• Manual remove of a package (last resort!!)

1. The cleanest way to remove the package is:

   dpkg -P --force-all nagios-common

2. If the process fails:

   List the package contents and take a note of this list
   $ dpkg -L nagios-common
   
   go to the directory /var/lib/dpkg/info
   $ cd /var/lib/dpkg/info
   
   remove problematic scripts
   # rm YOURPACKAGE.*
   
   uninstall package
   # apt-get remove --purge YOURPACKAGE
   
   to finish up, remove all files you found previously with 'dpkg -L'

• Remove remaining configuration of all packages uninstalled

  • apt list | grep 'residual-config'

  • sudo aptitude purge ~c

• dlocate is a really useful software to find which installed package provide a file on your system
• cruft search for orphans files (not unpacked by dpkg)
• Repack a .deb changing dependencies, provided packages, ecc…
• dpkg-repack creates a .deb file out of a debian package that has already been installed
• Unattended upgrades - Automate security upgrades

• Skype 64bit for Debian

• Debian - Le prime cose da fare - My guide written for new Debian users (Available only in italian and really outdated)
• Guide di Debianizzati.org - A lot of guides for Debian (available only in italian)
• Debian encrypted root - (Available only in italian)
• Booting Loop-AES Encrypted Root from USB Stick - Extreme paranoia!
• “Open terminal here” in Nautilus:

  Install the nautilus-open-terminal package.
  Then you will need to log out and log in again, or simply restart nautilus:
      nautilus -q
      Alt-F2 -> nautilus

• Fix Debian annoying locales problems: 1, 2, 3, 4
• Configure PulseAudio: (NOTE: Wheezy is pulseaudio ready, this guide is Debian >=6.x only)
  1. INSTALL PULSEAUDIO

     # aptitude install pulseaudio pulseaudio-module-gconf

  2. ALSA COMPABILITY

     $ nano /etc/asound.conf
     (paste this inside:)
     pcm.pulse {
        type pulse
     }
     ctl.pulse {
        type pulse
     }
     pcm.!default {
        type pulse
     }
     ctl.!default {
        type pulse
     }

  3. SET PULSEAUDIO AS DEFAULT

     $ gconftool-2 -t string --set /system/gstreamer/0.10/default/audiosink pulsesink
     $ gconftool-2 -t string --set /system/gstreamer/0.10/default/audiosrc pulsesrc
     $ gconftool-2 -t string --set /system/gstreamer/0.10/default/musicaudiosink pulsesink
     
     Note that many other programs should be configured to use pulsaudio, for example mplayer:
     # nano /etc/mplayer/mplayer.conf
     search "ao=alsa" and replace it with "ao=pulse"

• To automatically mount NFS shares at boot time put in /etc/default/rcS

  ASYNCMOUNTNFS="no"

• Install Debian Buster using ZFS as RootFS. If you face problems with the rootfs not being found, you may want to increase the sleep time in initrd as described here.

• Interactive kernel map
• Linux's makefiles
• Convert vmlinuz to vmlinux
• Check what kernel options was used to compile it without have .config file

• Serial programming guides

Obviously you need a strong routing table to avoid lost packets, the trick is control arp requests and replies: In your sysctl.conf you should set these parameters:

net.ipv4.ip_forward=1 //this is an IPv4 router
net.ipv6.conf.all.forwarding=1 //this is an IPv6 router
net.ipv4.conf.all.arp_ignore=1 //we ignoring ARP packets to avoid routing problem with 2 interfaces in the same subnet, note that you can also specify the correct interface instead of "all")
net.ipv4.conf.all.arp_announce=2

An excellent reference page about this problem and these fixes.

This is very useful to check if a device outside our subnet is still alive without compromise the routing table.

$ sudo arping -c 1 -S SOURCE_IP -T DESTINATION_IP MAC_ADDRESS_GW

SOURCE_IP is our ip address DESTINATION_IP is the ip address of device to be checked MAC_ADDRESS_GW is the mac address of a machine/router available on our subnet able to reach DESTINATION_IP

• Round-robin solution - English, Italian
• Per user routing - 1, 2

• fail2ban
• libapache2-mod-evasive
• libapache2-mod-security

sudo dnsmasq -i eth0 -d --dhcp-range=192.168.89.90,192.168.89.100

python -m SimpleHTTPServer 8000
python3 -m http.server 8080

python -m pyftpdlib -p 2121

• List of 16 top-like commands to monitor network/system/hdd/ecc…
• Change UUID of a NTFS partition
• 7 bash <del>hidden</del> not well known features - (Available only in Italian)
• fallocate - preallocate or deallocate space to a file (Immediately!)
• Scheduled shutdown/hibernate

  # shutdown -h +X     # X = minutes to wait before shutdown
  # shutdown -h 23:20     # 23:20 = hh.mm, system wait until system clock is 22.30 then shutdown
  
  # sleep X ; dbus-send --system --print-reply --dest="org.freedesktop.UPower" /org/freedesktop/UPower org.freedesktop.UPower.Suspend
  method return sender=:1.22 -> dest=:1.125 reply_serial=2     # X = minutes to wait before hibernate

• Mount JFFS2 image - NOTE: for different endianess you need to convert your image, for example to mount a mips image (big endian) on an x86 pc (little endian) before mount you must use jffs2dump in this way:

  jffs2dump -b -c -e dest_file.little src_file.big

• Unpacking Packages - How-to unpack tar, tgz, bz2 and many others packages
• Mode line generator - Enter your monitor/TV spec. and you get the correct modeline to use in your xorg.conf
• dd progress bar
• Use video ram as swap space - English, Italian
• Timed shutdown (and wakeup!)
• Autostart at login - Official specification (works with GNOME/KDE)
• Fix Picasa freezes after opening "Places" tab

• ssh remoteuser@remotehost -R forwardedsshport:localhost:localsshport -t "ssh -D dynamicproxyport localuser@localhost -p forwardedsshport"

This is based on 1, 2 and some stuffs found on the net. The following steps assumes that your using a Debian based distro with Gnome as DM.

1. Install libpam-usb package

   $ sudo apt-get install libpam-usb

2. Add support for SD cards readers with my patch in order to not waste an USB port :)
3. Plug-in your device and create a new token

   $ sudo pamusb-conf --add-user YOURUSER

4. Add pamusb-agent to your startup applications

   $ echo "[Desktop Entry]
   Name=pamusb-agent
   GenericName=PAM USB Auth
   Exec=/usr/bin/pamusb-agent
   Terminal=false
   Categories=Tools
   Type=Application
   StartupNotify=false
   X-GNOME-Autostart-enabled=true" > ~/.config/autostart/pamusb-agent.desktop

5. Change automated actions

   $ sudo vi /etc/pamusb.conf
   
   Look for the row containing <user id="YOURUSER"> and append before </user> the following lines
                           <agent event="lock">dbus-send --type=method_call --dest=org.gnome.ScreenSaver /org/gnome/ScreenSaver org.gnome.ScreenSaver.Lock</agent>
   			<agent event="unlock">dbus-send --session --dest=org.gnome.ScreenSaver --type=method_call --print-reply --reply-timeout=20000 /org/gnome/ScreenSaver org.gnome.ScreenSaver.SetActive boolean:false</agent>

6. Logout/login and see the magic happen :)

1. Edit your fstab specifying UUID, mountpoint and options (including “auto”)
2. Assuming that your device was currently in /dev/sdb list its udev informations:

   $ udevinfo -a -p $(udevinfo -q path -n /dev/sdb)
   # NOTE: Debian sid has renamed this utility to udevadm. The equivalent command is below:
   # udevadm info --name=/dev/sdb --attribute-walk

3. take a note of some “unique” (and persistent!) information about your drive, like:
   • BUS==“usb” - will match your bus excluding the others (sata, firewire, scsi, ecc)
   • SYSFS{product}==“TS128MJFLASHA” - match the model
   • KERNEL=“sd?1” - will only match locations like /dev/sda1, /dev/sdb1 and more importantly, it won't match nodes like /dev/sda, /dev/sdb, which can be fdisk'ed. Using this value you can automatically mount only some partitions of single drive.
4. Create a new udev rule

   sudo nano /etc/udev/rules.d/99-customautomount.rules

5. Fill the new rule with your drive information and mount command

   BUS=="usb", SYSFS{product}=="TS128MJFLASHA", KERNEL=="sd?1", run+="/bin/mount /mnt/Films"

6. Restart udev
7. Enjoy automatically mount :)

1. Install Devil's Pie 2

   # apt-get install devilspie2

2. Create devilspie2 configuration folder

   $ mkdir ~/.config/devilspie2

3. Paste this devilspie2 script inside a new file

   $ nano ~/.config/devilspie2/terminal.lua
   if (get_application_name() == "Terminal") then
      set_window_opacity(0.85)
      set_window_size(1000, 650)
      center()
   end

4. Run devilspie2 at login

   $ nano ~/.config/autostart/devilspie2.desktop
   [Desktop Entry]
   Type=Application
   Exec=/usr/bin/devilspie2
   Hidden=false
   X-GNOME-Autostart-enabled=true
   Name[en_US]=devilspie2
   Name=devilspie2
   Comment[en_US]=devilspie2
   Comment=devilspie2

If you are a real hacker you can't imagine something better then Jurassic Park login!

• Make sure that your distro use PAM (almost any distro except Slackware use PAM as default), and you have mplayer installed

• See instructions on my GitHub

1. edit /etc/pam.d/common-auth

   insert this line immediately before the line with pam_deny.so module
   
   auth [default=ignore] pam_exec.so seteuid /usr/bin/didntsaythemagicword
   
   Now edit the two lines above (pam_unix and pam_winbind) and increase in every line success number by one, for example if you have success=2 change it to success=3. This is needed to skip our extra line when auth is successful.

2. Create a new script in /usr/bin/didntsaythemagicword

   #!/bin/sh
   
   # Check current TTY and if we are on fail login case or not
   if [ -z "$PAM_TTY" ] ; then
    PAM_TTY=`tty`
    NOTUSINGPAM=yes
   fi
   MYTTY=$PAM_TTY
   echo -n "access: PERMISSION DENIED." 1>$MYTTY
   
   # How many failed attempts in 5 minutes?
   LOG="/tmp/jurassikpark-${PAM_RHOST}-${PAM_RUSER}-${PAM_SERVICE}-`echo $MYTTY | sed s/\\\//_/g`-${PAM_USER}.log"
   if [ -e "$LOG" ] ; then
    if test $(find "$LOG" -mmin +5) ; then
     rm $LOG
    else
     . $LOG
    fi
   fi
   echo "COUNT_FAILS=`expr $COUNT_FAILS + 1`" > $LOG
   . $LOG
   if [ "$COUNT_FAILS" -le 2 ] && [ -z "$NOTUSINGPAM" ] ; then
    echo "" 1>$MYTTY
    exit 0
   fi
   
   # Hinibit cursor
   setterm -cursor off
   
   # Hinibit ctrl-c ctrl-z
   trap "" 2 20
   
   sleep 0.25
   sleep 0.25 ; echo -n "...and...." 1>$MYTTY
   sleep 0.25 ; echo "YOU DIDN'T SAY THE MAGIC WORD!" 1>$MYTTY
   sleep 0.25
   
   if [ -z "$NOTUSINGPAM" ] ; then
    mplayer -vo fbdev2 /usr/share/youdidntsaythemagicword.ogv 2>/dev/null 1>/dev/null &
   else
    mplayer -nogui -vo xv /usr/share/youdidntsaythemagicword.ogv 2>/dev/null 1>/dev/null &
   fi
   
   COUNT=0
   while [ $COUNT -le 560 ]
   do
    echo "YOU DIDN'T SAY THE MAGIC WORD!" 1>$MYTTY
    sleep 0.05
    COUNT=`expr $COUNT + 1`
   done
   
   setterm -cursor on
   
   exit 0

3. Make it executable

   # chmod +x /usr/bin/didntsaythemagicword

4. Download this video from youtube and place it in /usr/share/youdidntsaythemagicword.flv
5. Now every 3 login failed the video shows up! It works without xorg too!

1. Connect to server

   $ ssh user@ip_server -L 1900:ip_vm:1900

2. Then connect to your VM

   $ ssh user@ip_vm

3. Start the listener

   $ tar zc * | nc -l 1900

4. Open a new terminal and start the receiver

   nc localhost 1900 | tar zx

• tar cpf - . | pv | (cd /dst; tar xf -)

1. Mark your disk/partition as LVM

   # pvcreate /dev/sdX

2. Extend the VolumeGroup containing your logical volume

   # vgextend VolGroup00 /dev/sdX

3. Extend the logical volume

   # lvextend -l +100%FREE /dev/VolGroup00/LogVol02

4. Extend the filesystem

   # resize2fs /dev/VolGroup00/LogVol02