Linux

From Objectif Client Inc
Jump to navigation Jump to search

Command Line

Usefull Linux Command

Vi

Vi commands

Work with Disk image

Backup 

dd if=/dev/sdd of=~/SDCardBackup.img

Restore 

dd bs=4M if=~/SDCardBackup.img of=/dev/sdd
sync

Java

  • in case of error message "wrong ELF class: ELFCLASS64"
  • Install 32bit jdk package
apt-get install openjdk-7-jdk:i386


Win 10 Samba

Windows 10 will try to negotiate SMB3_11, which Samba4 doesn't yet support except in the current 4.3 release candidate. I suspect for now disabling SMB2/3 on the Windows 10 client is your best, if not ideal, option.


To disable SMBv2 and SMBv3 on the SMB client, run the following commands: 

sc.exe config lanmanworkstation depend= bowser/mrxsmb10/nsi
sc.exe config mrxsmb20 start= disabled

To enable SMBv2 and SMBv3 on the SMB client, run the following commands: 

sc.exe config lanmanworkstation depend= bowser/mrxsmb10/mrxsmb20/nsi
sc.exe config mrxsmb20 start= auto

Server Setup

Template Server

Install Ubuntu Server

  1. Download ubuntu lts server version
    1. Only install open ssh sever
  2. Update package : apt-get update
  3. Update system : apt-get upgrade

Install Minimum Desktop

  1. Install minimal desktop : apt-get install --no-install-recommends xubuntu-desktop

Install other Software

  1. Install other tools : apt-get install firefox synaptic gkrellm gkrellmd gnome-terminal nfs-common xdiskusage gparted
  2. To compile : apt-get install build-essential linux-headers-generic

Install WebMin

  1. Download Webmin : wget http://prdownloads.sourceforge.net/webadmin/webmin_1.910_all.deb
  2. Install Dependencies : apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python unzip
  3. Install Webmin : dpkg --install webmin_1.910_all.deb
Steps to install apt-show-versions on Docker
apt-get purge apt-show-versions
rm /var/lib/apt/lists/*gz
apt-get -o Acquire::GzipIndexes=false update
apt-get install -y apt-show-versions

Certificate

Certificat SSL

DNS

Bins DNS Server

Mail Server

Mail Server

WebServer

Apache

Fail2Ban

Fail2Ban

Validate your server over internet service

Domaine reputation

  • Sender Score to evaluation your server/domain reputation

senderscore.org

Smtp validation and BlackList

  • MxToolBox To validate your certificat your smtp setup and balcklist !!

MxToolBox

  • Google postmaster

postmaster.google.com

Configuration Notes

SSH

  • Allow root access
  • edit /etc/ssh/sshd_config
PermitRootLogin yes
  • Allow X11 Forward
X11Forwarding yes
  • Allow external X11 not
X11UseLocalhost no
  • Restart service
service ssh restart

Php

PHP Module

VirtualBox

  • Too display Usb devices
usermod -aG vboxusers yourusername
  • Increase Virtual Disk space
    • VBoxManage modifyhd <absolute path to file> --resize <size in MB>
VBoxManage modifyhd wim.vdi --resize 20000

VNC

  • Fixing the tab key in VNC
xfconf-query -c xfce4-keyboard-shortcuts -p /xfwm4/custom/'<'Super'>'Tab -r

Container Docker

Install Docker

  • Install
 apt-get install docker.io

Network Configuration

  • Configuration to share the same network
  • Edit /etc/network/interfaces to add a "bridge" you may have to reconfigure your firewall
  • Add br0 to auto
  • Remove ip assignement or dhcp of eth0
  • Add br0 bridged to eth0
Ip Address assigned by dhcp
# Interfaces(5) file used by ifup(8) and ifdown(8)
auto lo br0 eth0
iface lo inet loopback

iface eth0 inet manual

iface br0 inet dhcp
        bridge_ports eth0
Ip Address Fix
# Interfaces(5) file used by ifup(8) and ifdown(8)
auto lo br0 eth0
iface lo inet loopback

iface br0 inet static
        address 10.1.1.1
        netmask 255.255.255.0
        broadcast 10.1.1.255
        network 10.1.1.0
        bridge_ports eth0
Update Docker Configuration to use the bridge
  • Edit /etc/default/docker.io
  • Add private dns (--dns 192.168.1.1) and bridge (-b br0) to Docker Option line
 DOCKER_OPTS="--dns 8.8.8.8 --dns 10.10.1.1 -b br0"
Howto manage container

See Container Howto for the usage

Owncloud

  • Add the repository
sudo sh -c "echo 'deb http://download.opensuse.org/repositories/isv:/ownCloud:/community/xUbuntu_14.04/ /' >> /etc/apt/sources.list.d/owncloud.list"
  • Add Key
wget http://download.opensuse.org/repositories/isv:ownCloud:community/xUbuntu_14.04/Release.key
sudo apt-key add - < Release.key
  • Install
sudo apt-get update
sudo apt-get install owncloud
  • Rescan Directory
sudo -u www-data php occ files:scan --all
php occ  files:scan --all

Notes

Remove Maintenance Mode
cd /var/www/owncloud
sudo -u www-data php occ maintenance:mode --off
Disable Apps via Command Line
  • Get the list
sudo -u www-data ./occ app:list
  • Disable app
sudo -u www-data ./occ app:disable <app-id>

sudo -u www-data ./occ app:disable activity
sudo -u www-data ./occ app:disable afterlogic
sudo -u www-data ./occ app:disable bookmarks
sudo -u www-data ./occ app:disable calendar
sudo -u www-data ./occ app:disable camerarawpreviews
sudo -u www-data ./occ app:disable carnet
sudo -u www-data ./occ app:disable checksum
sudo -u www-data ./occ app:disable comments
sudo -u www-data ./occ app:disable configreport
sudo -u www-data ./occ app:disable contacts
sudo -u www-data ./occ app:disable dav
sudo -u www-data ./occ app:disable diagnostics
sudo -u www-data ./occ app:disable drawio
sudo -u www-data ./occ app:disable extract
sudo -u www-data ./occ app:disable federatedfilesharing
sudo -u www-data ./occ app:disable federation
sudo -u www-data ./occ app:disable files
sudo -u www-data ./occ app:disable files_external
sudo -u www-data ./occ app:disable files_mediaviewer
sudo -u www-data ./occ app:disable files_pdfviewer
sudo -u www-data ./occ app:disable files_sharing
sudo -u www-data ./occ app:disable files_texteditor
sudo -u www-data ./occ app:disable files_textviewer
sudo -u www-data ./occ app:disable files_trashbin
sudo -u www-data ./occ app:disable files_versions
sudo -u www-data ./occ app:disable firstrunwizard
sudo -u www-data ./occ app:disable gallery
sudo -u www-data ./occ app:disable market
sudo -u www-data ./occ app:disable notes
sudo -u www-data ./occ app:disable notifications
sudo -u www-data ./occ app:disable onlyoffice
sudo -u www-data ./occ app:disable provisioning_api
sudo -u www-data ./occ app:disable qownnotesapi
sudo -u www-data ./occ app:disable richdocuments
sudo -u www-data ./occ app:disable systemtags
sudo -u www-data ./occ app:disable tasks
sudo -u www-data ./occ app:disable updatenotification

Apache Svn Server

1: Install Apache HTTP server and required modules: 

sudo apt-get install libapache2-svn apache2

2: Enable SSL 

sudo a2enmod ssl
sudo vi /etc/apache2/ports.conf

Add or check that the following is in the file: 

<IfModule mod_ssl.c>
    Listen 443
</IfModule>

3: Generate an SSL certificate: 

sudo apt-get install ssl-cert
sudo mkdir /etc/apache2/ssl
sudo /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem

4: Create virtual host 

sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/svnserver
sudo kate /etc/apache2/sites-available/svnserver

Change (in ports.conf): 

"NameVirtualHost *" to "NameVirtualHost *:443"

and (in svnserver) 

<VirtualHost *> to <VirtualHost *:443>

Add, under ServerAdmin (also in file svnserver): 

SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM

5: Enable the site: 

sudo a2ensite svnserver
sudo /etc/init.d/apache2 restart

To overcome warnings: 

sudo vi /etc/apache2/apache2.conf

Add: "ServerName $your_server_name"

Add, under ServerAdmin (also in file svnserver): 

SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM

6: Adding repository(ies): The following setup assumes we want to host multiple repositories. Run this for creating the first repository: 

sudo mkdir /var/svn
sudo svnadmin create /var/svn/mysvnrepository
sudo chown -R www-data:www-data /var/svn/mysvnrepository
sudo chmod -R g+ws /var/svn/mysvnrepository<

6.a. For more repositories: do step 6 again (changing mysvnrepository Name)

7: Add an authenticated user 

sudo htpasswd -c -m /etc/apache2/dav_svn.passwd $user_name

8: Enable and configure WebDAV and SVN: 

sudo vi /etc/apache2/mods-available/dav_svn.conf

Add or uncomment: 

<Location /svn>
DAV svn

# for multiple repositories - see comments in file
SVNParentPath /var/svn

AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/dav_svn.passwd
Require valid-user
SSLRequireSSL
</Location>

9: Restart apache server: 

sudo /etc/init.d/apache2 restart

10: Validation:

Fired up a browser:

http://localhost/svn/$REPOS https://localhost/svn/$REPOS

Commit something: 

svn import --username $user_name anyfile.txt https://localhost/svn/$REPOS/anyfile.txt -m “Testing”

Accept the certificate and enter password. Check out what you've just committed: 

svn co --username $user_name https://localhost/svn/$REPOS

XDMCP

vi /etc/lightdm/lightdm.conf
[SeatDefaults]
greeter-session=lightdm-gtk-greeter
user-session=xubuntu
###Nr001 
allow-guest=false
greeter-show-manual-login=true
greeter-hide-users=true

###Nr001
[XDMCPServer]
enabled=true

Video File Manipulation

Convert Video file

Display Remote Screen

SSH Server Setup

  • Create .Xauthority on the server under sshd service user (root)
touch ~/.Xauthority
xauth add ${HOST}:0 . $(xxd -l 16 -p /dev/urandom)
xauth list
  • /etc/ssh/sshd_config
AllowTcpForwarding yes
X11Forwarding yes
X11UseLocalhost no

Xephyr / xdmcp

plugin Xdmcp for remina does not work and since few year noby seams to take care of it !

Instead use 

Xephyr -query $REMOTE_HOST :1 -screen 1280x1024

Gnome Setting

Restore min, max icon on windows

  • From Command Line
gsettings set org.gnome.desktop.wm.preferences button-layout ':minimize,maximize,close'
  • Graphic
  1. Install dconf-editor
  2. Navigate to org/gnome/desktop/wm/preferences
  3. Click the line says ‘button-layout’
  4. Enter value '/org/gnome/desktop/wm/preferences/button-layout' inside custom value
Retrieved from "http://wiki.objclt.ca/wiki/index.php?title=Linux&oldid=1322"