Admin – dump.4network.org

Enable the serial console for custom Linux VM image on Azure

To enable the serial console for your custom Linux VM image, enable console access in the file /etc/inittab to run a terminal on ttyS0.

For example: S0:12345:respawn:/sbin/agetty -L 115200 console vt102.

You may also need to spawn a getty on ttyS0 and this can be done with systemctl start serial-getty@ttyS0.service.

more info here https://docs.microsoft.com/en-gb/azure/virtual-machines/troubleshooting/serial-console-linux?WT.mc_id=docs-azuredevtips-micrum

Proxy Firefox through SSH tunnel

Have you ever wanted to visit sites from a location that denied access to those sites? What you need is the ability to create a secure and encrypted ssh connection to tunnel your browser traffic through.
If you have access to a remote machine by ssh you can set up Firefox, or any other SOCKS v5 enabled application, to tunnel its connection through ssh.

Making ssh tunnel:

ssh -C2qTnN -D 8080 username@remote_machine.org

Configure Firefox for the proxy

Manual proxy configuration: SOCKS Host 127.0.0.1 Port 8080 check the box for "SOCKS v5"

Ubuntu – Docker unable login to Docker hub.

root@docker:~# docker login Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one. Username: username Password:Error saving credentials: error storing credentials - err: exit status 1, out: Failed to execute child process “dbus-launch” (No such file or directory)root@docker:~#

To solve above problem, remove golang-docker-credential-helpers package by this command:

apt-get remove --purge golang-docker-credential-helpers

How to configure a Linux service to start automatically after a crash.

Under the [Service] section of let’s say Postfix in the file /usr/lib/systemd/system/postfix.service add the following 2 lines:

Restart=always
RestarSec=5

Then you need to reload the daemon configurations to ensure systemd is aware of this change by doing:

systemctl daemon-reload
systemctl restart postfix.service

server:~ # ps aux | grep postfix
root     24446  0.0  0.0  34180  3216 ?        Ss   12:53   0:00 /usr/lib/postfix/bin//master -w
postfix  24447  0.0  0.1  35820  3996 ?        S    12:53   0:00 pickup -l -t fifo -u
postfix  24448  0.0  0.1  36204  5732 ?        S    12:53   0:00 qmgr -l -t fifo -u
root     24523  0.0  0.0   9288  1636 pts/0    S+   13:08   0:00 grep --color=auto postfix
server:~ # kill -9 24446
server:~ # ps aux | grep postfix
root     24549  0.0  0.0   9288  1636 pts/0    S+   13:08   0:00 grep --color=auto postfix
server:~ # ps aux | grep postfix
root     24644  0.0  0.0  34180  3216 ?        Ss   13:08   0:00 /usr/lib/postfix/bin//master -w
postfix  24645  0.0  0.1  35820  3992 ?        S    13:08   0:00 pickup -l -t fifo -u
postfix  24646  0.0  0.1  36204  5732 ?        S    13:08   0:00 qmgr -l -t fifo -u
root     24662  0.0  0.0   9288  1632 pts/0    S+   13:08   0:00 grep --color=auto postfix
server:~ #

Bash every 3rd

for i in {1..20..3}; do
echo “Welcome $i”
done

example:

snoopy@srv02:~# for i in {1..20..3}; do echo "Welcome $i"; done Welcome 1 Welcome 4 Welcome 7 Welcome 10 Welcome 13 Welcome 16 Welcome 19 snoopy@srv02:~#

Couldn’t execute ‘show events’: Cannot proceed because system tables used by Event Scheduler were found damaged at server start (1577)

Just run: mysql_upgrade -u root -p

Convert .pem into .key

root# openssl rsa -in privkey.pem -out private.key

.pem – Defined in RFCs 1421 through 1424, this is a container format that may include just the public certificate (such as with Apache installs, and CA certificate files /etc/ssl/certs), or may include an entire certificate chain including public key, private key, and root certificates. Confusingly, it may also encode a CSR (e.g. as used here) as the PKCS10 format can be translated into PEM. The name is from Privacy Enhanced Mail (PEM), a failed method for secure email but the container format it used lives on, and is a base64 translation of the x509 ASN.1 keys.

.key – This is a PEM formatted file containing just the private-key of a specific certificate and is merely a conventional name and not a standardized one. In Apache installs, this frequently resides in /etc/ssl/private. The rights on these files are very important, and some programs will refuse to load these certificates if they are set wrong.

Mounted disk does not contain SELinux labels.

After mounting the disk the listed below problem appears.

root# mount -v /dev/sdb1 /mnt/backup mount: /mnt/backup does not contain SELinux labels. You just mounted an file system that supports labels which does not contain labels, onto an SELinux box. It is likely that confined applications will generate AVC messages and not be allowed access to this file system. For more details see restorecon(8) and mount(8). mount: /dev/sdb1 mounted on /mnt/backup. root#

The SELinux warning is fixed by “restorecon -R /mnt/backup“.

Run cron job every other week.

Run cron job every other week, let’s say Friday at 10AM. Add this to your crontab:

0 10 * * 5 [ `expr \`date +\%s\` / 86400 \% 2` -eq 1 ] &&

Every second Friday is an odd number of days since Thursday, Jan 1, 1970 and every first Friday is an even number, plus there are 86400 seconds in a day.
If there is “-eq 1” this means it will not be executed this Friday only every other Friday, if there is “-eq 0” this means it will executed this Friday and every other Friday.

Disable IPv6 on Linux

To disable IPv6 on Linux, just type:

root# echo 1 > /proc/sys/net/ipv6/conf/eth0/disable_ipv6

To enable IPv6 on Linux, just type:

root# echo 0 > /proc/sys/net/ipv6/conf/eth0/disable_ipv6

In both cases, remember to replace your interface name.