Archives
-
2023
-
September
-
Keyboard input remapping for Linux/Wayland
09/25/23
I have an usb keyboard with missing keys (|,< and >).
For X remapping was done by xmodmap
| is remapped to right AltGr + Y
< is remapped to right AltGr + ;
> is remapped to right AltGr + :
.Xmodmap
keycode 52 = y Y y Y bar U203A guillemotr
-
Keyboard input remapping for Linux/Wayland
-
September
-
2022
-
March
-
packet capture with ssh and tcpdump on a remote host and display with wireshark
03/31/22
#> mkfifo /tmp/shark
#> ssh USER@HOST 'sudo -S /usr/sbin/tcpdump -i eth0 -w - -p -n -s 0' > /tmp/shark
In an other session
#> sudo wireshark -k -i /tmp/shark
Then go back to first session and enter the ssh password.
Or in one line
#> ssh U
-
packet capture with ssh and tcpdump on a remote host and display with wireshark
-
March
-
2020
-
June
-
systemd-networkd - Play AP on plugin of your USB WIFI Stick
06/18/20
check wifi device name
~# ip addr | grep -A 5 wlan10: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
IP configuration of your Wifi Stick for systemd-networkd
/etc/systemd/network/hostapd.network
[Match]
Name=wlan0
[Network]
Addre -
forward http requests to an other host
06/02/20
iptables -t nat -A PREROUTING -p tcp -d THISIP --dport 80 -j DNAT --to-destination OTHERIP:80
iptables -t nat -A POSTROUTING -p tcp -d OTHERIP --dport 80 -j MASQUERADE
iptables -I FORWARD -p tcp -d OTHERIP --dport 80 -j ACCEPT
-
systemd-networkd - Play AP on plugin of your USB WIFI Stick
-
June
-
2019
-
November
-
Multiple em28xx USB devices not automatically detected by the module
11/18/19
I got multiple USB devices working with em28xx module.
Usually a module option gives the em28xx module the order of the devices if not automatically detected
(ex. options em28xx card=80,92,9,9).
But the order at boot is every time different (order for module option not usb
-
Multiple em28xx USB devices not automatically detected by the module
-
November
-
2018
-
October
-
portforward only key based chroot ssh access without a shell for the user under 64 Bit
10/03/18
/etc/ssh/sshd_config:...
Match user USER
PasswordAuthentication no
AllowTcpForwarding yes
X11Forwarding no
PermitTunnel no
GatewayPorts no
AllowAgentForwarding no
ChrootDirectory /home/USER
But if the client needs a login shell this failed.<
-
portforward only key based chroot ssh access without a shell for the user under 64 Bit
-
October
- 2017
-
2016
-
November
-
convert to mp4
11/15/16
ffmpeg -i input.mp4 -pix_fmt yuv420p -vcodec libx264 -acodec aac output.mp4
-
convert to mp4
-
November
-
2014
-
May
-
mtp mount Galaxy S3 with jmtpfs or simple-mtpfs
05/19/14
kio-mtp and mtp-detect stopped working :-(
But jmtpfs seams to work - i decided to mount on usb plug in with an udev rule
#> apt-get install jmtpfs
#> mkdir -p /media/mtp/etc/udev/rules.d/99-jmtpfs.rules
ACTION=="add", ENV{ID_MTP_DEVICE}=="1", RUN=
-
mtp mount Galaxy S3 with jmtpfs or simple-mtpfs
-
April
-
sound conversion
04/01/14
decode to wav
avconv -i input.m4a output.wav
for f in *.m4a; do avconv -i "$f" "${f/%m4a/wav}"; done
faad -o output.wav input.aac
sox -t raw -r 8000 -A -b 8 -c 1 file.alaw file.wav
sox -t raw -r 8000 -U -b 8 -c 1 file.mulaw test.wav
decode from wav
-
sound conversion
-
May
-
2013
-
June
-
android tvheadend compile
06/27/13
build standalone toolchain from Android NDK.
cd WORKINGDIR
wget http://dl.google.com/android/ndk/androi
tar -xjv android-ndk-r8e-linux-x86_64.tar.bz2
run this script ( make-standalone-toolchain.sh )
#!/bin/bash
export ANDROID_NDK=android-ndk-r8e
export -
android rk3066 kernel dvb module compile ( my dvbt stick is a af9015 )
06/26/13
Pull rk3066 kernel source from omegamoon
git clone git://github.com/omegamoon/rockchip-rk30xx-mk808
With the toolchain (4.6) from omegamoon on dvbt usb stick plugin i got with dmesg
af9015: command failed:166
af9015: command failed:1
af9015: command failed:39
af9015: co -
flash minix neo x5 only with adb
06/05/13
minix> click right bottom (clock), click settings, click settings on bottom
and choose com.rockchip.settings.
minix> enable Usb debugging
minix> select device and change usb connection (PC) to MTP.
minix> connect minix with USB Cable to PC.
ubuntu>
-
android tvheadend compile
-
March
-
Enable USB host API support
03/19/13
I wondered why
mUsbManager = (UsbManager) getSystemService(Context.USB_SERVICE);
mUsbManager.getDeviceList(); was empty on an 7" cmx rapax LE 070-0508 tablet.
Also USB Device Info showed an empty Android page, but not an empty Linux page.
The solution was a comb
-
Enable USB host API support
-
February
-
extract an android apk package file and decompile it
02/18/13
Download APK-Multi-Tool-Linux
Extract AndroidManifest.xml, assets, res Folder and smali (disassembly from Java virtual machine) from an apk
$ cd APK-Multi-Tool-Linux
$ java -jar other/apktool.jar d pace-apk-here-for-modding/ANDROID.apk out
Extract jar from apk with dex2jar -
extract .img files from samsung images
02/18/13
Download Android-Kitchen
Download an image and extract it to ~/image.
compile sim2img
$ cd Android-Kitchen
$ scripts/compile_simg2imgextract ext4 image
$ tools/samsung_files/simg2img_files/simg2img ~/image/cache.img ext4_cache.imgloopmount ext4 image
$ mkdir -
Download apk from playstore with a google chrome extension
02/13/13
apk-downloader is a google chrome extension to easily download apk files from google play store.
start chrome with
#> chromium-browser --ignore-certificate-errors --allow-running-insecure-content -
Galaxy S3 flash with VD2 taken cache.img and hidden.img from ATO
02/13/13
According to samsung udate the Galaxy S3 firmware with the highest Changelist at the moment is csc (salescode) VD2 919627 build date 01.02.2013 (Germany Vodafone branded) and my csc image is ATO (Austria unbranded) 566833 build date 10.12.2012 (got this by OTA).
To have the newest firmwar -
ssh to android /system/bin/pm SEGV
02/11/13
pm segfaults if LD_LIBRARY_PATH is missing like on login with ssh
$ su -c "/system/bin/pm"
[1] Segmentation fault pm
$ su -c "LD_LIBRARY_PATH=/vendor/lib:/system/lib pm"
if pm is not found like this$ /system/bin/pm list packages
sh: /system/b
-
extract an android apk package file and decompile it
-
January
-
set permissions to open a file in our private home directory by an external app
01/16/13
try
{
openFileOutput(pdfFile.getName(), MODE_WORLD_READABLE | MODE_WORLD_WRITEABLE).close();
}
catch (Exception logOrIgnore) { } -
LogCat: ClipboardServiceEx Had failed to obtaining clipboardEx service.
01/16/13
Something went wrong with the clipboard of my Galaxy S3.
The solution was http://forum.xda-developers.com/showthr
su
mv /data/clipboard /data/oldclipboard
mkdir /data/clipboard
chmod 775 /data/clipboard
chown system.system /data/clipboard
reboot -
Ubuntu 12.10 upgrade / install eclipse and ADT
01/16/13
After upgrade from 12.04 to 12.10 eclips wont work anymore :-(
Only deleting ~/.eclipse and ¨/workspace and reinstalling ADT did not work i got:
An error occurred while collecting items to be installed
session context was:(profile=epp.package.jee,
phase=org.eclips
-
set permissions to open a file in our private home directory by an external app
-
June
-
2012
-
November
-
hostap with a wifi usb stick on demand
11/09/12
After plug in of a wifi usb stick linux act's as a hostap.
apt-get install isc-dhcp-server hostapd
changes in /etc/hostapd/hostapd.confinterface=wlan0
driver=nl80211
ssid=MYSSID
country_code=AT
ieee80211d=1
hw_mode=g
channel=11
beacon_int
-
hostap with a wifi usb stick on demand
-
October
-
transcode a mjpeg ip cam on demand with a cgi script using ffmpeg
10/09/12
To minimize bandwidth for video streaming i have to transcode mjpeg to h264.
To do this on demand ffserver is no option for me.
Therefore a small cgi script on the webserver with ffmpeg did the trick:
#!/bin/bash
echo -e "Content-type: video/avi\n"
-
port forward with iptables
10/04/12
iptables -I FORWARD -i INTERFACE -p tcp --dport PORT -j ACCEPT
iptables -A PREROUTING -t nat -i INTERFACE -p tcp --dport PORT -j DNAT --to-destination LOCAL_IP
-
transcode a mjpeg ip cam on demand with a cgi script using ffmpeg
-
August
-
apt-get behind a server port redirected with ssh to a proxy
08/28/12
There is an apt proxy (Apt-Cacher NG), a workstation, a server and a server behind that server.
workstation> ssh -R3142:proxy:3142 server
server> ssh -R3142:127.0.0.1:3142 server_behind
server_behind> cat /etc/apt/apt.conf.d/01proxy
Acquire::http { Proxy &quo -
Ubuntu Wake on Lan WOL
08/27/12
If ethtool ethX doesn't contain Wake-on: g then add pre-down /sbin/ethtool -s ethX wol g to /etc/network/interfaces
Add NETDOWN=no to /etc/default/halt
Test with /sbin/shutdown -P now and wakeonlan [-i BROADCASTADDR] MAC (apt-get install wakeonlan) -
Find duplicate filenames
08/26/12
find -type f -printf "%f\n" | sort | uniq -d
-
apt-get behind a server port redirected with ssh to a proxy
-
January
-
hdd performance tests
01/30/12
#> hdparm -tT /dev/sda
Timing buffered disk reads: 398 MB in 3.00 seconds = 132.45 MB/sec
write:
#> dd if=/dev/zero of=./tempfile bs=1M count=1024 conv=fdatasync,notrunc
1073741824 Bytes (1,1 GB) kopiert, 12,8038 s, 83,9 MB/s
read:
#>
-
hdd performance tests
-
November
-
2011
-
September
-
sftp and port forward only login
09/16/11
I need a ssh login for restricted portforward but without a shell for the user.
This got realized with /etc/ssh/sshd_config:...
Subsystem sftp internal-sftp
Match user USER
PasswordAuthentication yes
AllowAgentForwarding no
X11Forwarding no
Forc -
change xorg screen dimension on login with xrandr
09/07/11
* create modline setting with cvt for desired resolution
* add new modline with xrandr --newmode
* add mode to output with xrandr --addmode
* set output and dimension with xrandr --output and --mode
The needed steps are done in
/etc/X11/Xsession -
usb modem dialin
09/07/11
Server
needed packages: mgetty, pppd
start and stop mgetty on plugin of usbmodem (0572:1329 Conexant Systems (Rockwell), Inc.)
/etc/init/mgetty.conf# mgetty - dialin daemon
description "mgetty daemon"
start on tty-device-added KERN
-
sftp and port forward only login
-
July
-
route icmp to a different gateway
07/28/11
echo 100 icmp_route >> /etc/iproute2/rt_tables
ip rule add fwmark 1 table icmp_route
ip route add default via IP_OF_NOT_DEFAULT_GATEWAY dev eth0 table icmp_route
iptables -t mangle -A OUTPUT -d IP_TO_PING -p icmp -j MARK --set-mark 1
-
route icmp to a different gateway
-
March
-
USB: uss720 fixup refcount position
03/28/11
My testprog do a lot of bitbang - after hours i got following warning and my machine lockups:
WARNING: at /build/buildd/linux-2.6.38/lib/kref.c:34
After debugging uss720 driver i discovered that the completion callback was called before usb_submit_urb returns.
The callback -
fast reboot with kexec
03/04/11
sudo apt-get install kexec-tools
change LOAD_KEXEC to true in /etc/default/kexec
-
USB: uss720 fixup refcount position
-
January
-
record a video with ffmpeg from a webcam with audio
01/31/11
First activate and rise webcam audio input level with alsamixer.
ffmpeg -f video4linux2 -i /dev/video0 -pix_fmt yuv420p -s vga -r 8 -f alsa -ac 1 -ar 16000 -i hw:1,0 -vcodec mpeg4 -b 400k -acodec libmp3lame -ab 80k video.avi -
key remap on keyboard for console and X
01/13/11
I got a funny viennese dialect keyboard, but after start using it i missed a key '<,>,|' :-(
So i searched for a way to remap 'AltGr + y' to '|', 'AltGr + ,' to '<' and 'AltGr + .' to '>'
Console<
-
record a video with ffmpeg from a webcam with audio
-
September
-
2010
-
April
-
Audio only capture from a video/audio usb capture stick
04/27/10
#> apt-get install xawtv
I assume the usb stick become /dev/video0 and audio became card 1 (card 0 is an onboard audio device)
#> v4lctl -c /dev/video0 setattr input Composite1
#> v4lctl -c /dev/video0 setattr mute off
#> amixer -c 1 sset Line,0 50%,50% un
-
Audio only capture from a video/audio usb capture stick
-
February
-
initramfs script's to backup system's (also raid1) and restore from a usb stick
02/04/10
These are scripts to backup system's and build an image for an usb stick or kvm for testing:
rescue.tar.gz
The only thing to configure is the backup-script:
All your partition's must have an UUID.
With "uuidgen | xargs mkswap /dev/sda1 -U&qu
-
initramfs script's to backup system's (also raid1) and restore from a usb stick
-
April
-
2009
-
November
-
php script for sispmctl (power supply switching)
11/24/09
#> apt-get install sispmctl
Switch Socket on with sispmctl -o 1, off with sispmctl -f 1 and get status with sispmctl -m all
To have premission for a webserver to execute the command:
/etc/udev/rules.d/90-local.rules:ACTION=="add", SUBSYSTEM=="usb&qu -
bluetooth network with bluez4 and udev
11/21/09
Many things changed for bluez4. Now everything is made through dbus commands.
apt-get install bluetooth bluez (on server and client)
First check for bdaddr on server and client:
Server:> hcitool dev
Devices:
hci0 00:01:1A:63:49:33
C -
dnstunnel with iodine and bind9
11/10/09
Iodine server with public IP:
#> apt-get install iodine
For "good" connection i used a mtu of 256 through my provider DNS.
On local network no mtu change was necessary.
/etc/default/iodineSTART_IODINED="true"
IODINED_ARGS="-m 256
-
php script for sispmctl (power supply switching)
-
September
-
Automount and autounmount of usb sticks / discs
09/30/09
Each partition of plugged in usb stick's should be accessible with automount.
My mountpoints will be /media/usb/part0, /media/usb/part1, ...
Example:
The fist plugged stick has two partitions. The second only one.
/media/usb/part0 ... first stick par
-
Automount and autounmount of usb sticks / discs
-
August
-
chrooted sftp only
08/05/09
useradd -s /bin/false -m SFTPUSER
mkdir /home/SFTPUSER/.ssh
ssh-keygen -t rsa -b 2048 -N '' -f /home/SFTPUSER/.ssh/id_rsa
chown -R SFTPUSER:SFTPUSER /home/SFTPUSER/.ssh
chmod 600 /home/SFTPUSER/.ssh/id_rsa
/etc/ssh/sshd_config:
Subsystem sftp in
-
chrooted sftp only
-
July
-
ssd optimizations
07/18/09
* do partition alignment
Check if aligned at http://www.techpowerup.com/articles/other/157
Theodore Ts'o's blog post is somewhat misleading, as even that manufacturer's MLC SSDs have an erase block size of 512KiB (PDF), like OCZ's drives - not 128KiB. You -
secure rsync to only one directory
07/02/09
I want to rsync to a remote host to a given directory.
local-host:
ssh-keygen -t rsa keyfilename: ~/.ssh/rsync
ssh-copy-id -i .ssh/rsync rsyncuser@remote-host
rsync files with ssh:
rsync -vaHxr --delete \
-e "ssh -i ~/.ssh/rsync -c arcfour -o Comp
-
ssd optimizations
-
May
-
ffmpeg http Transfer-Encoding: chunked
05/22/09
Today i a made a patch for ffmpeg to be able to fetch a png file from a cgi script
ffmpeg -f image2 -vcodec png -i 'http://server/cgi-bin/graph.cgi'
This didn't work because ffmpeg/libavformat/http could't handle "Transfer-Encoding: chunked"
< -
How to recompile / rebuild a debian package
05/20/09
$ sudo apt-get install build-essential fakeroot dpkg-dev
$ mkdir build
$ cd build
$ sudo apt-get source foo
$ sudo apt-get build-dep foo
$ cd foo
$ dpkg-buildpackage -rfakeroot -b -us -uc -nc
-nc does not clean, usefull if you change something and rebuild
-
ffmpeg http Transfer-Encoding: chunked
-
April
-
run webalizer over existing (also compressed) logs
04/29/09
webalizer.conf:
LogFile /var/log/apache2/access.log.1
OutputDir /var/www/webalizer
Incremental yesTo have the right sorting order (oldest logs first) i use ls -tr.for i in $(ls -tr access.log*); do \
webalizer -c /etc/webalizer/webalizer.conf $i; \
done -
ip crossover: send packets on eth0 out and receive them via eth1
04/15/09
For testing my intellon driver on one pc i need to send packets on eth0 (intellon usb) out and receive them via eth1 (intellon ethernet).
The only solution i found was a not anymore supported module for netfilter from Rusty Russell.
I tried to fix the compiler errors/warnings a -
Intellon int51x1 PLC usb net driver for devolo dlan duo
04/15/09
Here is how i made the patch for inclusion:
git config --global user.name "Peter Holik"
git config --global user.email "peter AT holik.at"
check kernel out with git
git clone git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.gi
-
run webalizer over existing (also compressed) logs
-
March
-
Show installed packages sorted by disc usage
03/03/09
dpkg-query --show --showformat='${Installed-Size}\t${Package}\t${Status}\n' | grep -v deinstall | sort -nr | less
adapted from Martins Blog
Clear dpkg status file
dpkg-Status sorted:
grep Status /var/lib/dpkg/status|sort|uniq -c
purge rc pac
-
Show installed packages sorted by disc usage
-
November
-
2008
-
November
-
apt-get on many hosts with clusterssh
11/13/08
Clusterssh opens for each connection a xterm and sends a keystroke to each window.
You can also work in only one xterm.
#> apt-get install clusterssh
I use approxd for caching .deb's using port 9999. This port is not reachable by all my hosts,
therefore -
ubuntu 8.10 (intrepid ibex) troubles with an old Acer Travelmate 630
11/06/08
I could not run the ubuntu live installcd and also the alternate hang sometimes. After a successful install X freezes. I tried to boot with various boot options. Only with acpi=off my system seams to working but with fan running and no battery info. An older knoppix was running, so i decided to inst
-
apt-get on many hosts with clusterssh
-
October
-
script to rescue/backup a raid1 system and restore from a cd with initramfs
10/28/08
Searching for a rescue system that creates a bootable CD to restore my system i found mkcdrec. Because sometimes things (mkcdrec/debian/ubuntu) changes and i had to test and patch for new mkcdrec versions, so i droped it.
Then i started to make a live CD with debian-live and make my insta -
block ssh brute force attacs / prevent synflooding
10/28/08
With iptables module recent you can limit the count of tcp connection attempts. In my case i allow only 3 ssh connection attempts per minute. This stops script kiddies doing ssh brute force attacs.
iptables -N synflood
iptables -A synflood -p tcp --dport ssh -m recent --set --name SSH
-
Wildcard certificate with virtual hosts and one IP
10/15/08
apache
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:443>
ServerName one.domain.at
SSLEngine on
SSLCertificateFile /etc/ssl/certs/domain.at.pem
SSLCertificateKeyFile /etc/ssl/private/domain.at.key
CustomL
-
script to rescue/backup a raid1 system and restore from a cd with initramfs
-
September
-
postfix with no local delivery
09/11/08
All mails for local accounts should be transfered to a central mailserver.
Sender email should look like USER@HOST.DOMAIN and all mails should be delivered to root@DOMAIN.
Usually /etc/aliases is used, but in my case local delivery is disasbled.
/etc/postfix/main.cf: -
script to rescue/backup a system and restore from a cd with initramfs
09/05/08
Searching for a rescue system that creates a bootable CD to restore my system i found mkcdrec. Because sometimes things (mkcdrec/debian/ubuntu) changes and i had to test and patch for new mkcdrec versions, so i droped it.
Then i started to make a live CD with debian-live and make my insta -
qemu
09/05/08
#> sudo apt-get install kqemu-source kqemu-common build-essential
#> sudo module-assistant prepare kqemu
#> sudo module-assistant auto-install kqemu
/etc/udev/rules.d/60-kqemu.rules:
KERNEL=="kqemu", NAME="%k", MODE="0660", GROUP=" -
fast sftp
09/05/08
sftp -o Ciphers=blowfish-cbc USER@HOST
-
postfix with no local delivery
-
August
-
Grub Error 2: Bad file or directory type
08/19/08
grub prior 0.97 only supports a inode size of 128 Bytes
To format a partition set inode size of 128 Bytes:
#> mkfs.ext3 -I 128 /dev/sda6 -
ugly rename hack
08/08/08
find -name 'Pic*' -exec sh -c 'mv $1 "$(echo $1 | sed s/\\./_/g | sed s/^_/\\./g | sed s/_-//g)"' {} {} \;
-
Grub Error 2: Bad file or directory type
-
July
-
hardy ubuntu-vm-builder with kvm and virtio
07/02/08
First get ubuntu-vm-builder from http://packages.ubuntu.com/intrepid/ubuntu-vm-builder
#> dpkg -i ubuntu-vm-builder_0.6_all.deb
I suggest to use approx for caching packages
#> sudo apt-get kvm libvirt-bin
#> sudo adduser `id -un` libvirtd (and rel
-
hardy ubuntu-vm-builder with kvm and virtio
-
June
-
Two usb video capture stick with em28xx driver
06/28/08
get http://mcentral.de/hg/~mrec/em28xx-new/ and untar
cd em28xx-new-*
make
find /lib/modules/$(uname -r) -name "em28xx*" -type f | xargs rm -rf
find /lib/modules/$(uname -r) -name "tvp5150.ko" -type f | \
xargs rm -rf
mkdir -p /lib/modules/$(uname -r -
io scheduler for databases (deadline)
06/17/08
As suggested by http://www.nextre.it/oracledocs/oraclemyths.html
i put elevator=deadline to grubs menu.lst. -
atomic ops in c with help of gcc
06/16/08
atomic.h[more]#ifndef _ATOMIC_H
#define _ATOMIC_H
/**
* Atomic type. http://golubenco.org/blog/category/gcc/
*/
typedef struct {
volatile int counter;
} atomic_t;
#define ATOMIC_INIT(i) { (i) }
/**
* Read atomic variable -
find PCs in a network
06/05/08
for i in $(seq 2 254); do ping -c 1 192.168.0.$i | grep -q rtt && echo "found 192.168.0.$i"; done -
kvm pxe boot
06/04/08
get a ISO bootable image without legacy floppy emulation (.iso) from etherboot
kvm.sh:#!/bin/sh
switch=br0
USERID=$(whoami)
iface=$(sudo tunctl -b -u $USERID)
sudo /usr/sbin/brctl addbr $switch
sudo /sbin/ifconfig $switch 192.168.99.1 up
-
Two usb video capture stick with em28xx driver
-
May
-
apparmor create a new profile
05/28/08
aa-genprof can not connect to internet, therefore i do it manually
/etc/apparmor.d/usr.bin.program:
#include <tunables/global>
/usr/sbin/program flags=(complain) {
#include <abstractions/base>
}
start program and use it
aa-logprof -f /var/
-
apparmor create a new profile
-
April
-
format a partition with check for badblocks
04/29/08
badblocks -swvo <output_file> /dev/PARTITION
mkfs.vfat -l <output_file> /dev/PARTITION
-
Upgrade to Hardy Kubuntu
04/25/08
* enable port tcp 80 forwarding on your firewall
because adept_manager connects directly to http://changelogs.ubuntu.com/
https://bugs.launchpad.net/ubuntu/+source/adept/+bug/153016/comments/13
* kdesu "adept_manager --dist-upgrade-devel"
if you use a -
isdn dialin syncppp
04/10/08
apt-get install isdnutils-base
because ippp0 sets a default route we change to ippp1:
mv /etc/isdn/device.ippp0 /etc/isdn/device.ippp1
mv /etc/isdn/ipppd.ippp0 /etc/isdn/ipppd.ippp1
/etc/isdn/device.ippp1 (remove '# REMOVE'):
LOCALMSN='XXXXX& -
Desktopsharing with vnc
04/09/08
sudo apt-get install vnc4-common vnc4
sudo vncpasswd /etc/vncpasswd
/etc/X11/xorg.conf:
Section "Module"
Load "vnc"
EndSection
Section "Screen"
Option "PasswordFile" "/et
-
format a partition with check for badblocks
-
March
-
Using a Flashdisk and take care about limited writes
03/25/08
For me it is sufficient to have data written every 20 Minutes.
To enable this i use laptop-mode and set some values in /etc/sysctrl.conf:
vm.swappiness = 0
vm.laptop_mode = 1200
vm.dirty_writeback_centisecs = 120000
vm.dirty_expire_centisecs = 120000
vm.dirt -
Install minimal sid with cdebootstrap from ubuntu gutsy
03/22/08
To bootstrap debian sid on a second harddisk do following
* create partitions / filesystems
cfdisk /dev/hdc
mkfs.ext2 /dev/hdc1
mount -o rw,suid,dev /dev/hdc1 /mnt
mkswap -f /dev/hdc2
swapon /dev/hdc2
* bootstrap (with a deb proxy like appro -
digitemp with collectd
03/16/08
I used following schematic
Additionally i connected three twisted pair wires with a 100 Ohm resistor. At the end of each wire a schottky diode reverse biased across the DS18S20 sensor against spikes is used.
At the moment i have 5 DS18S20 temperature sensors (inside -
Linksys SPA-3102 call throu PSTN / Call Forward no answer (CFNA)
03/13/08
I will make calls from my phone to PSTN and with dial extension "#9" to my voip account.
This is done with following dialplan "(xx.<:@gw0>|<#9,:>xx.)"
If a call from PSTN is not answered within 20 sec the call should be redirected via voip (see C
-
Using a Flashdisk and take care about limited writes
-
February
-
copy partition
02/16/08
copy local
cp
cp -dpRx /OLD /NEW
tar
cd /OLD && \
tar -cp --atime-preserve --one-file-system --exclude=/lost+found -f - . \
| ( cd /NEW && tar -xpv --atime-preserve -f - )
rsync
rsync -avHx --delete /OLD /NEW
-
Grub boot Floppy Image (and bios update)
02/16/08
mkdir /boot/dos
cd /boot/dos
cp /usr/lib/syslinux/memdisk .
wget http://www.fdos.org/bootdisks/autogen/FDOEM.144.gz
gunzip FDOEM.144.gz
mkdir /mnt/temp
mount -o loop -t vfat FDOEM.144 /mnt/temp
copy new bios-image and flasher to /mnt/temp
umount /mnt/tem -
firefox crash / gimp no font - Pango-WARNING **: failed to create cairo scaled font, expect ugly output. the offending font is 'DejaVu Sans 9'
02/09/08
after upgrade from feisty to gutsy firefox and gimp wont work:
the solution is
dpkg-reconfigure libcairo2 libpango1.0-common
fc-cache -fs
update-pangox-aliases
http://www.mail-archive.com/debian-user
-
copy partition
-
January
-
bash network calculation
01/18/08
IP='130.10.10.10'
NETMASK='255.255.252.0'
l="${IP%.*}";r="${IP#*.}";n="${NETMASK%.*}";m="${NETMASK#*.}"
SUBNET=$((${IP%%.*}&${NETMASK%%.*})).\
$((${r%%.*}&${m%%.*})).\
$((${l##*.}&a -
xorg Xinerama / Dual Screen
01/08/08
The hard work with xinerama / dual screen was:
* set the monitor sync/refresh rate (it won't start without for an old crt not supporting ddc)
* set Option "NoAccel" "true" (screen distortions)
* touchpad only works with dual screen
-
bash network calculation
-
November
-
2007
-
December
-
xorg ati ES1000 with DRI
12/27/07
xorg ati/radeon video driver for ES1000 has DRI disabled :-(
As a workaraound i changed ChipID in xorg.conf to "0x515a"
suggested by http://ubuntuforums.org/showpost.php?p=
Section "Device"
Identifier "ATI Technologies Inc ES1000"
-
date with unix timestamp
12/05/07
date in unix timestamp: date +%s
convert unix timestamp to date: date --date "Jan 1, 1970 00:00:00 +0000 + $1 seconds"
set date with unix timestamp: date -s "Jan 1, 1970 00:00:00 +0000 + $1 seconds"
-
xorg ati ES1000 with DRI
-
November
-
secure rsync
11/25/07
I want to rsync on my local-host via ssh from a remote host without a ssh enabled root account but full access to the whole filesystem.
local-host:
ssh-keygen -t rsacopy ~/.ssh/id_dsa.pub to remote-host:/home/rsyncuser/.ssh/authorized_keys
rsync files with ssh:
rsync -
squirrelmail "Deutsch"
11/21/07
apt-get install squirrelmail-locales squirrelmail-decode ispell wngerman
ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf.d/squirrelmail.conf
chgrp -R www-data /usr/share/squirrelmail/
added "de_DE ISO-8859-1" to /var/lib/locales/supported.d/local
-
Postfix and Spamassassin
11/21/07
apt-get install spamassassin spamc re2c make gcc libc6-dev
I want to run spamassassin as non root user.
groupadd -g 3000 spamd
useradd -u 3000 -g spamd -s /bin/false -d /var/lib/spamassassin spamd
mkdir /var/lib/spamassassin
chown spamd:spamd /var/lib/spamassassin/etc/ -
cyrus postfix pop-before-smtp
11/21/07
apt-get install pop-before-smtp
uncomment $pat for cyrus in /etc/pop-before-smtp/pop-before-smtp.conf
/etc/postfix/main.cf:
smtpd_recipient_restrictions = permit_mynetworks,
reject_non_fqdn_recipient,
check_client_access hash:/var/lib/pop-before-s -
cyrus offline transfer mailboxes to a new server
11/20/07
On old cyrus server:
export mailboxes.db:
su - cyrus -c 'ctl_mboxlist -d > cyrus_mboxlist.txt
export seen databases:
su - cyrus -c 'for seenfile in `find /var/lib/imap/user -name \*.seen`; do \
/usr/lib/cyrus/bin/cvt_cyrusdb $seenfile skiplist ${seenfile -
cyrus convert user authentication from ldap to sasldb
11/20/07
apt-get install sasl2-bin libsasl2-modules cyrus-imapd-2.2 cyrus-pop3 cyrus-admin-2.2 cyrus-clients-2.2
/etc/default/saslauthd:
MECHANISMS="ldap"
OPTIONS="-O /etc/saslauthd.conf"/etc/saslauthd.conf:
ldap_servers: ldap://127.0.0.1/
ldap_search_base: -
quick base64 encode/decode
11/14/07
perl -MMIME::Base64 -e 'print encode_base64("string");'
perl -MMIME::Base64 -e 'print decode_base64("c3RyaW5n");' -
Secure DDNS with bind9 for ADSL
11/13/07
dnssec-keygen -a RSAMD5 -b 1024 -n HOST -k -r /dev/urandom home.domain.org
put content of XXX.key into your zonefile
move xxx.key and xxx.private to your client with sftp
/etc/ppp/ip-up.d/ip_update:
#!/bin/sh
TTL=60
SERVER='NAMESERVER'< -
Secure DNS with bind9 master/slave
11/13/07
* chrooted
* chaos, internal and external zone
* TSIG updates/zonetransfers for master/slave
apt-get install bind9
/etc/init.d/bind9 stop
/etc/default/bind9: OPTIONS="-u bind -t /var/lib/named"
mkdir -p /var/lib/named/etc
mkdir /var/lib/named/ -
routing for a multihomed network
11/08/07
Linux connected via two networkcards to two different providers.
You coud use source based routing or if you prefere to route some ports only to on provider
here is my solution. Usefull for a private VOIP-Provider having two links and uses one link for RTP and the other for SIP.
-
secure rsync
-
October
-
ftdi dongleid FT232/245R
10/18/07
I used the library from FTDI (libftchipid - is only in binary and linked against old libc) to get the dongleid.
I had to "sudo chmod 666 /proc/bus/usb/001/021".
There is an opensource library (libftdi) from intra2net that lacks support of reading the dongleid.
-
usbmonitor libusb usbsniff
10/18/07
Linux Kernel:
modprobe usbmon
mount -t debugfs none_debugs /sys/kernel/debug
cat /sys/kernel/debug/usbmon/<x>t (x=Gerätenummer 1,2,3,...)
libusb with radare/libusbsniff:
LD_PRELOAD=/usr/lib/libusbsniff.so ./my-usb-program
-
ftdi dongleid FT232/245R
-
September
-
whiptail
09/05/07
this one-liner has following benefits:
* restart if pressing ESC (while ! ... ; do true; done)
* store result in a variable not a file (whiptail ... 3>&1 1>&2 2>&3)
while ! choosen=$(whiptail --nocancel --noitem --radiolist "Please choose" \<
-
whiptail
-
August
-
Internetaccess via Huawei E220 UMTS/GPRS Modem
08/27/07
Kernel < 2.6.20 needs a udev rule:
http://www.kanoistika.sk/bobovsky/archi
/etc/udev/rules.d/82-huawei220.rules
ACTION=="add", SUBSYSTEM=="usb_device", \
ATTRS{idVendor}=="12d1", ATTRS{idProduct}=="1003", -
udev - usb add / remove
08/13/07
Because udev didn't know anything of idVendor or idProduct if you remove a device i use ENV{PRODUCT} to match for my unplugged device:
ACTION=="add", KERNEL=="event*", SUBSYSTEM=="input", \
SYSFS{idVendor}=="1234", SYSFS{idProduct}
-
Internetaccess via Huawei E220 UMTS/GPRS Modem
-
July
-
Permissions
07/31/07
File Permissions
yes*: These files gave a "rm: remove write-protected file 'filename'?" error. Saying "yes" removes these files. Also performing a "rm -rf" file removes the file without any warning. The ability to remove a file is controlled at t
-
Permissions
-
June
-
Monitoring filesystem activity under Linux with block_dump
06/28/07
sudo sysctl vm.block_dump=1
or
echo 1 > /proc/sys/vm/block_dump
tail -f /var/log/kern.log -
ntfs read/write with feisty
06/24/07
apt-get install ntfs-g3
/etc/group
+fuse:x:100:users
vol_id /dev/sda1
/etc/fstab
UUID=5EFC7B02FC7AD42D /media/usbhdd ntfs-3g rw,users,uid=1000,guid=1000,umask=007,locale=de_AT.utf8,force 0 0user can mount but not unmount
https://bugs.launchpad.n -
blocking ads with squid
06/22/07
/etc/squid/squid.conf
+acl ads dstdom_regex -i "/etc/squid.adservers"
+http_access deny ads
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
update-squid-adservers.sh:
#!/bin/sh
### short script that downloads a list of ad servers f -
Internetaccess via modem
06/21/07
apt-get install ppp
edit /etc/ppp/pap-secrets
/etc/network/interfaces
auto modem
iface modem inet ppp
provider modem
/etc/ppp/peers/modem
ttyS0
38400
connect "/usr/sbin/chat -v -f /etc/ppp/peers/modem.chat"
disconn -
Internetaccess via ISDN
06/21/07
apt-get install isdnutils-base
isdnconfig - choose 1, ippp1 to prevent default gateway to ippp0
/etc/isdn/device.ippp1:
edit all lines marked with XXX_:
LOCALIP=
REMOTEIP=AAA.BBB.CCC.DDD
LOCALMSN=''
REMOTEMSN=XXXXX
LEADINGZERO -
scponly
06/21/07
apt-get install scponly
gunzip /usr/share/doc/scponly/setup_chroot/setup_chroot.sh.gz
chmod 755 /usr/share/doc/scponly/setup_chroot/setup_chroot.sh
cd /usr/share/doc/scponly/setup_chroot/
./setup_chroot.sh /home/USERNAME USERNAME RELATIVE_WRITEABLE_DIR
cp /dev/nu -
ssh - chroot
06/21/07
chroot a user logging in via ssh
apt-get install libpam-chroot
less /usr/share/doc/libpam-chroot/examples/README.example
/usr/share/doc/libpam-chroot/examples/setup-chrootdir-shell.sh
/etc/security/chroot.conf:
+USERNAME /var/chroot/sshd/home/USERNA -
mirror my website
06/21/07
chmod 700 /etc/cron.daily/websitesync
#!/bin/sh
wget -q --mirror --no-host-directories --cut-dirs=1 --directory-prefix=/var/www \
--user=USERNAME --password=XXXXX ftp://www.holik.at/htdocs
I mirror to my homeserver/var/www and to prevent wget to add
director -
serial (ttyS) over TCP
06/21/07
First computer where to redirect serial via TCP:
stty -F /dev/ttyS0 raw 9600 -echo
nc 192.168.0.1 1111 >/dev/ttyS0 </dev/ttyS0
Second computer receiving needs 2 serial's
stty -F /dev/ttyS0 raw 9600 -echo
stty -F /dev/ttyS1 raw 9600 -echo
nc -l -p -
Internetaccess via adsl
06/20/07
apt-get install pptp-linux
i got a usb networkcard - to name it adsl i use udev and made /etc/udev/rules.d/local.rules
SUBSYSTEMS=="usb", KERNEL=="eth*", ATTRS{idVendor}=="050d", \
ATTRS{idProduct}==&qu -
dnsmasq
06/20/07
dnsmasq with more than one interface
[more]
* Howto define a CNAME with dnsmasq ?
# Configuration file for dnsmasq.
#
# Format is one option per line, legal options are the same
# as the long options legal on the command line. See
# "/u -
raid1 with ubuntu feisty
06/20/07
What i want from a raid1:
notiy if a disk fails
This is done by mdadm
boot degraded with only one disk
boot degraded does not work with ubuntu, because mdadm does not start a degraded raid :-(
my workaround is to add a bootmenue entry in grub
tit
-
Monitoring filesystem activity under Linux with block_dump
-
December