David's Wiki

Linux: Difference between revisions

← Older edit
 
(53 intermediate revisions by the same user not shown)
Line 5: Line 5:
==Basic Terminal Commands==
==Basic Terminal Commands==
{{see also | Bash (Unix shell)}}
{{see also | Bash (Unix shell)}}
===List===
<code>ls</code>
* <code>-l</code> shows long format
* <code>-a</code> shows all files including hidden files, current directory <code>.</code>, and parent directory <code>..</code>.
** <code>-A</code> omits <code>.</code> and <code>..</code>
* <code>-h</code> human readable file sizes
* <code>-s</code> shows blocks taken up by the file (i.e. size on disk)
There are also other commands like <code>lsblk</code>, <code>lscpu</code>, <code>lshw</code>.


===Disk Space===
===Disk Space===
Line 40: Line 49:


==Package Management==
==Package Management==
See [https://www.digitalocean.com/community/tutorials/package-management-basics-apt-yum-dnf-pkg DigitalOcean: Package management basics]
===apt===
===apt===
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
Line 49: Line 60:
</syntaxhighlight>
</syntaxhighlight>


===Repositories===
;Repositories
Repos are stored in
Repository sources are saved in
* <code>/etc/apt/sources.list</code>
* A line in <code>/etc/apt/sources.list</code>
* A file in <code>/etc/apt/sources.list.d/</code>
* A file in <code>/etc/apt/sources.list.d/</code>


Application desktop icons are stored in <code>/usr/share/applications/</code>.
The update notifications are in <code>/etc/apt/apt.conf.d/99update-notifier</code>. Comment these out to disable them.<br>
Unattended-updates are in <code>/etc/apt/apt.conf.d/50unattended-upgrades</code>.
{{hidden | dpkg |
===dpkg===
===dpkg===
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
Line 62: Line 80:
sudo dpkg -l | grep apache
sudo dpkg -l | grep apache
</syntaxhighlight>
</syntaxhighlight>
}}
{{hidden | yum |
===yum===
<syntaxhighlight lang="bash">
# Update package lists, typically not necessary
yum check-update
# Upgrade packages
yum update
</syntaxhighlight>
}}


==SSH==
==SSH==
Line 67: Line 96:
Generate an ssh-key for every client
Generate an ssh-key for every client
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
ssh-keygen -t ed25519 -a 100 [-C "comment your client name"] [-f output_path]
ssh-keygen -t ed25519 [-C "comment your client name"] [-f output_path]
</syntaxhighlight>
</syntaxhighlight>


Some older software such as Solid file explorer require RSA keys in PEM key format
Some older software such as Solid file explorer require RSA keys in PEM key format
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
ssh-keygen -t rsa -b 4096 -a 100 -m PEM [-C "comment your client name"] [-f output_path]
ssh-keygen -t rsa -b 4096 -m PEM [-C "comment your client name"] [-f output_path]
</syntaxhighlight>
</syntaxhighlight>


Line 99: Line 128:


===Disable password authentication===
===Disable password authentication===
* Edit <code>/etc/ssh/sshd_config</code>
# Edit <code>/etc/ssh/sshd_config</code>
* Set <code>PasswordAuthentication</code> to <code>no</code>
# Set <code>PasswordAuthentication</code> to <code>no</code>
* Set <code>ChallengeResponseAuthentication</code> to <code>no</code>
# Set <code>ChallengeResponseAuthentication</code> to <code>no</code>
# Test by ssh'ing into the machine using <code>-o PreferredAuthentications=password -o PubkeyAuthentication=no</code>


===Port Forwarding===
===Port Forwarding===
Line 154: Line 184:


===Driver Installation===
===Driver Installation===
* Run <code>ubuntu-drivers list</code> to get a list of drivers
# Run <code>ubuntu-drivers list</code> to get a list of drivers
* Install the latest driver
# Install the latest driver
** E.g. <code>sudo apt install nvidia-driver-450</code>
#* E.g. <code>sudo apt install nvidia-driver-460</code>
* If you have secure boot enabled, you will be asked for a password during installation
# If you have secure boot enabled, you will be asked for a password during installation
** This is because the driver is a DKMS module.
#* This is because the driver is a DKMS module.
** After installation, reboot your computer and select "Enroll MOK" and enter that password in.
#* After installation, reboot your computer and select "Enroll MOK" and enter that password in.
** '''Note''' Failure to do this will result in the driver not working
#* '''Note''' Failure to do this will result in the driver not working
* Validate your installation by running <code>nvidia-smi</code>
# Validate your installation by running <code>nvidia-smi</code>.
#* <code>nvidia-smi</code> shows the latest cuda version supported by the driver, not the cuda version installed.


===Cuda Installation===
===Cuda Installation===
Download cuda from the nvidia website.
Download cuda from the nvidia website or add the cuda repo to your apt sources.


===Switching between Nvidia and Intel===
===Switching between Nvidia and Intel===
Line 179: Line 210:
</pre>
</pre>
<code>prime-select query</code> will print either <code>nvidia</code> or <code>intel</code> to stdout.
<code>prime-select query</code> will print either <code>nvidia</code> or <code>intel</code> to stdout.
===Fix tearing on laptops===
[https://ubuntuhandbook.org/index.php/2018/07/fix-screen-tearing-ubuntu-18-04-optimus-laptops/ Reference]<br>
# Add <code>options nvidia-drm modeset=1</code> to <code>/etc/modprobe.d/nvidia-drm-nomodeset.conf</code>
# Run <code>sudo update-initramfs -u</code>


==Environment Variables==
==Environment Variables==
Line 204: Line 240:
# Attach to a session
# Attach to a session
tmux attach -t my_session
tmux attach -t my_session
# Renumber windows
:movew
</syntaxhighlight>
</syntaxhighlight>
===Mouse scrolling===
Set <code>set -g mouse on</code> in your <code>~/.tmux.conf</code>


==File Manager==
==File Manager==
Line 211: Line 252:
===Add to context menu===
===Add to context menu===
[https://askubuntu.com/questions/1030940/nautilus-actions-in-18-04 AskUbuntu]
[https://askubuntu.com/questions/1030940/nautilus-actions-in-18-04 AskUbuntu]
;22.04
See [https://github.com/harry-cpp/code-nautilus https://github.com/harry-cpp/code-nautilus]


;20.04
;20.04
Line 218: Line 262:
sudo apt install filemanager-actions nautilus-actions nautilus-extension-fma
sudo apt install filemanager-actions nautilus-actions nautilus-extension-fma
</pre>
</pre>
;18.04
<pre>
sudo add-apt-repository ppa:daniel-marynicz/filemanager-actions
sudo apt install filemanager-actions-nautilus-extension # Nautilus
</pre>
To add Atom, create two entries: 
;Open file in Atom and Open folder in Atom
<pre>
Path: atom
Parameters: %f
Working directory: %d
</pre>
You may also want:
;Copy folder path and Copy file path


==Etcher==
==Etcher==
Line 295: Line 322:


===systemd service===
===systemd service===
See [https://wiki.debian.org/systemd/Services] [https://www.freedesktop.org/software/systemd/man/systemd.service.html manual]<br>
See [https://wiki.debian.org/systemd/Services debian/systemd Services]<br>
[https://www.freedesktop.org/software/systemd/man/systemd.service.html manual]<br>
 
System-wide services are in <code>/etc/systemd/system/</code><br>
User services are in <code>~/.config/systemd/user/</code>
 
{{hidden|A basic systemd service file|
{{hidden|A basic systemd service file|
<pre>
<pre>
Line 367: Line 399:
# Archive
# Archive
7z a <output_file> <input_file/folder>
7z a <output_file> <input_file/folder>
# Archive with password
7z a <output_file> <input_file> -p -mhe=on


# Extract  
# Extract  
7z x <file> [-o{dir}]
7z x <file> [-o{dir}]
</syntaxhighlight>
</syntaxhighlight>
* <code>-mhe=on</code> hides file stuctures


===zip/unzip===
===zip/unzip===
Line 413: Line 449:
==Dual Booting==
==Dual Booting==
===Fix time difference between Windows===
===Fix time difference between Windows===
[http://ubuntuhandbook.org/index.php/2016/05/time-differences-ubuntu-1604-windows-10/ Reference]
By default, Windows stores the local time in the hardware clock while Ubuntu stores UTC time.
 
Set ubuntu to store UTC time:
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
timedatectl set-local-rtc 1 --adjust-system-clock
timedatectl set-local-rtc 0 --adjust-system-clock
</syntaxhighlight>
</syntaxhighlight>
Set Windows to store UTC time:
https://wiki.archlinux.org/title/System_time#UTC_in_Microsoft_Windows


===Recover GRUB after installing Windows===
===Recover GRUB after installing Windows===
Line 426: Line 467:
Allows you to reboot into an OS one time.<br>
Allows you to reboot into an OS one time.<br>
i.e. If you are ssh'd into linux and want to boot into Windows one time.<br>
i.e. If you are ssh'd into linux and want to boot into Windows one time.<br>
===Encryption===
[https://www.mikekasberg.com/blog/2020/04/08/dual-boot-ubuntu-and-windows-with-encryption.html https://www.mikekasberg.com/blog/2020/04/08/dual-boot-ubuntu-and-windows-with-encryption.html]


==Users and Groups==
==Users and Groups==
Line 458: Line 502:
# Add user to group
# Add user to group
usermod -a -G <group> <user>
usermod -a -G <group> <user>
# Remove user from group
gpasswd -d <user> <group>
</syntaxhighlight>
</syntaxhighlight>


Line 498: Line 545:
See [https://wiki.archlinux.org/index.php/HiDPI Arch Wiki HiDPI]   
See [https://wiki.archlinux.org/index.php/HiDPI Arch Wiki HiDPI]   


Fractional scaling is missing in Ubuntu 18.04 but returns in Ubuntu 20.04.
Fractional scaling is natively available in Ubuntu 20.04+.


{{hidden | Ubuntu 18.04 |
;Xorg
;Xorg
<pre>
<pre>
Line 521: Line 569:
xrandr --output DP-2 --scale 1.3x1.3
xrandr --output DP-2 --scale 1.3x1.3
</pre>
</pre>
}}


==Clock==
==Clock==
Line 575: Line 624:
Produces random numbers.
Produces random numbers.


On my system, it's limited to about 50 MB/s. If you need faster, you can encrypt from <code>/dev/zero</code> to get 1 GB/s.   
On my system, it's limited to about 60 MB/s. If you need faster randomness, you can encrypt from <code>/dev/zero</code> to get 2.7 GB/s.   
See [https://serverfault.com/questions/6440/is-there-an-alternative-to-dev-urandom/415962#415962 reference].
See [https://serverfault.com/questions/6440/is-there-an-alternative-to-dev-urandom/415962#415962 reference].
<pre>
<pre>
# Using urandom
# Using urandom
dd if=/dev/urandom | pv | dd of=/dev/null
pv < /dev/urandom > /dev/ull


# Using encryption
# Using encryption
openssl enc -aes-256-ctr -pass pass:"$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64)" -nosalt < /dev/zero | pv | dd of=/dev/null
openssl enc -pbkdf2 -iter 100000 -aes-256-ctr -pass pass:"$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64)" -nosalt < /dev/zero | pv > /dev/null
 
# Create a 4 GB file.
dd if=/dev/zero bs=4M count=1024 | openssl enc -pbkdf2 -iter 100000 -aes-256-ctr -pass pass:"$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64)" -nosalt | pv > random.bin
</pre>
</pre>


Line 595: Line 647:
[https://unix.stackexchange.com/questions/141095/automatically-reboot-if-no-wifi-connection-for-a-certain-time reference]
[https://unix.stackexchange.com/questions/141095/automatically-reboot-if-no-wifi-connection-for-a-certain-time reference]


{{hidden | Auto Reboot Script |
Auto reboot if no internet is detected:
Auto reboot if no internet is detected:
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
Line 635: Line 688:
*/10 * * * * /home/david/bin/check_inet.sh
*/10 * * * * /home/david/bin/check_inet.sh
</pre>
</pre>
}}


==Encryption==
==Encryption==
For encrypting external drives, I recommend [[VeraCrypt]].
For encrypting entire drives, I recommend LUKS.<br>
I do not recommend using Ubuntu's full disk encryption. 
If you want encrypt a directly, you can use fscrypt (ext4 only).
If you want to do encryption, just encrypt your home directory using fscrypt.
 
Note that ecryptfs is deprecated and shouldn't be used.


===Encrypt Home After Install===
===Encrypt Home After Install===
Line 645: Line 700:
See [https://tlbdk.github.io/ubuntu/2018/10/22/fscrypt.html https://tlbdk.github.io/ubuntu/2018/10/22/fscrypt.html].
See [https://tlbdk.github.io/ubuntu/2018/10/22/fscrypt.html https://tlbdk.github.io/ubuntu/2018/10/22/fscrypt.html].


This uses the newer fscrypt and requires Ubuntu 18.10+.
<ol>
<ol>
<li>
<li>
Line 689: Line 745:
;Notes and Caveats
;Notes and Caveats
* <code>systemd</code> will no longer have access to your home so all startup apps should be placed elsewhere
* <code>systemd</code> will no longer have access to your home so all startup apps should be placed elsewhere
** E.g. Move all startup scripts in your <code>~/bin</code> to <code>/usr/bin</code>
** E.g. Move all startup scripts in your <code>~/.local/bin</code> to <code>/usr/local/bin</code>
* <code>ssh</code> will not work until home has been decrypted since the authorized keys are in <code>~/.ssh/authorized_keys</code>
* <code>ssh</code> will not work until home has been decrypted since the authorized keys are in <code>~/.ssh/authorized_keys</code>


Line 735: Line 791:
==System Administration==
==System Administration==
{{main | Linux Administration}}
{{main | Linux Administration}}
==Installing Binaries==
# Copy your binary to <code>/usr/local/bin/</code> or <code>~/.local/bin/</code>
# Copy your man page to <code>/usr/local/share/man/man1/</code> or <code>~/.local/share/man/man1/</code>
==Network Troubleshooting==
On one of my OptiPlex 5060 servers, the network adapter would reset on git ssh clones.<br>
This would appear in <code>/var/log/syslog</code> as:
<pre>
Feb  8 22:22:01 optiplex5060-2 kernel: [ 4378.992607] e1000e 0000:00:1f.6 eno1: Reset adapter unexpectedly
</pre>
This was resolved by disabling TCP Segmentation Offload:
<syntaxhighlight lang="bash">
sudo ethtool -K eno1 tso off
# Verify tso is disabled
ethtool -k eno1 | grep tcp
</syntaxhighlight>
To make this persist across reboots:
{{hidden | Script |
If you're using netplan (default for Ubuntu):<br>
[https://michael.mulqueen.me.uk/2018/08/disable-offloading-netplan-ubuntu/ Reference]<br>
<syntaxhighlight lang="bash">
output_path=/usr/lib/networkd-dispatcher/routable.d/10-disable-offloading
sudo tee $output_path <<EOF> /dev/null
#!/bin/bash
ethtool -K eno1 tso off
EOF
sudo chmod +x $output_path
</syntaxhighlight>
If using ifupdown:
<syntaxhighlight lang="bash">
output_path=/etc/network/if-up.d/disable-tso
sudo tee $output_path <<EOF> /dev/null
#!/bin/bash
ethtool -K eno1 tso off
EOF
sudo chmod +x $output_path
</syntaxhighlight>
}}
==Cloning to a new disk==
The easiest way is to use gparted.
{{hidden | Terminal Guide |
To do this in the terminal:
<syntaxhighlight lang="bash">
OLD_DRIVE=/dev/sda
NEW_DRIVE=/dev/sdb
# Show old drive partitions in sectors
parted $OLD_DRIVE unit s print free
# Apply GPT
parted $NEW_DRIVE mklabel gpt
# Copy new EFI partition with start 1024s and end 1050623s
parted $NEW_DRIVE mkpart primary fat32 2048s 1050623s
# Apply boot and esp flags.
parted $NEW_DRIVE set 1 boot on
parted $NEW_DRIVE set 1 esp on
parted $NEW_DRIVE name 1 'EFI System Partition'
# dd the old to the new
dd if=${OLD_DRIVE}1 of=${NEW_DRIVE}1 bs=4k
# Make a new partition. Make sure start and end sectors are aligned.
# i.e. start % 8 == 0 and end % 8 == 7 if your physical sector size is 4096 bytes, typical for new HDDs and SSDs.
parted $NEW_DRIVE mkpart primary btrfs 1050624s 488396791s
parted $NEW_DRIVE align-check opt 2
# Copy the filesystem
mkfs.btrfs ${NEW_DRIVE}2
mkdir /media/${NEW_DRIVE}
mount -t btrfs -o compress=zstd /media/${NEW_DRIVE}2
rsync -axHAWXS --numeric-ids --info=progress2 /media/${NEW_DRIVE}2
</syntaxhighlight>
[https://superuser.com/questions/307541/copy-entire-file-system-hierarchy-from-one-drive-to-another rsync reference]
;rsync options
* -a    archive mode
* -x    one file system
* -H    preserve hard links
* -A    preserve ACLs
* -W    copy whole files instead of deltas
* -X    preserve extended attributes
* -S    handle sparse files efficiently
* --numeric-ids    use id instead of uid/gid
To copy a root partition, make sure you change the following on the new drive:
* Update the UUID and mount options in <code>/etc/fstab</code>
* Update the UUID in <code>/boot/grub/grub.cfg</code> and run <code>update-grub</code>
* Update the UUID in <code>/boot/EFI/ubuntu/grub.cfg</code>
* Run [https://help.ubuntu.com/community/Boot-Repair boot-repair] from a live disk if you run into any issues.
}}
==Ubuntu==
Ubuntu-specific notes
===Disable ESM message===
[https://askubuntu.com/questions/1453749/inhibit-esm-messages-at-login Reference]
<syntaxhighlight lang="bash">
# Disable MOTD
sudo chmod -x /etc/update-motd.d/88-esm-announce
sudo chmod -x /etc/update-motd.d/91-contract-ua-esm-status
# Disable APT check
sudo sed -Ezi.orig \
  -e 's/(def _output_esm_service_status.outstream, have_esm_service, service_type.:\n)/\1    return\n/' \
  -e 's/(def _output_esm_package_alert.*?\n.*?\n.:\n)/\1    return\n/' \
  /usr/lib/update-notifier/apt_check.py
sudo /usr/lib/update-notifier/update-motd-updates-available --force
</syntaxhighlight>
Retrieved from "https://wiki.davidl.me/view/Linux"