1 Install grml to harddisk:
5 Notice: You can pre-select the partition for the partition selector
6 and mbr dialogs inside grml2hd using:
7 # grml2hd /dev/hda1 -mbr /dev/hda
9 See: man grml2hd + http://grml.org/grml2hd/
11 Tags: grml2hd, installation
13 Install grml on software RAID level 1:
15 Create /dev/md0 (and some more /dev/md* devices) first of all:
16 # cd /dev && MAKEDEV dev
19 # mdadm --create --verbose /dev/md0 --level=raid1 \
20 --raid-devices=2 /dev/hda1 /dev/hdc1
22 Finally install grml on it:
23 # SWRAID='mbr-only' grml2hd /dev/md0 -mbr /dev/md0
25 See: man grml2hd + http://grml.org/grml2hd/
27 Tags: grml2hd, installation, mdadm, raid
29 Install grml in non interactive mode with grml2hd:
31 Adjust configuration as needed:
32 # vim /etc/grml2hd/config
36 # GRML2HD_NONINTERACTIVE=yes grml2hd
42 Use with care and only if you really know what you are doing!
44 See: man grml2hd + http://grml.org/grml2hd/
46 Tags: grml2hd, installation
52 Tags: configuration, network
54 Deactivate error correction of zsh:
58 Run zsh-help for more information regarding zsh.
60 Tags: zsh, configuration
62 Disable automatic setting of title in GNU screen:
66 Set it manually e.g. via:
68 % screen -X title foobar
70 Run zsh-help for more information regarding zsh.
72 Tags: zsh, configuration
74 Do not use menu completion in zsh:
78 Run zsh-help for more information regarding zsh.
80 Tags: zsh, configuration
82 Run GNU screen with grml-configuration:
88 % screen -c /etc/grml/screenrc
90 Tags: screen, configuration
92 Print out grml-version:
104 Configure mutt-ng / muttng:
110 Set up Inode-PPTP connection:
114 # grml-pptp-xdsl-students
116 Tags: pptp, inode, xdsl
118 Set up VPN / WLAN connection at TUG (TU Graz):
120 Set ESSID and request for ip-address via DHCP:
121 # iwconfig $DEVICE essid tug
124 Now run the main script:
127 After running the script an init script is available:
129 # /etc/init.d/vpnctug [start|stop]
133 Set up PPTP connection at VCG (Virtual Campus Graz):
145 # grml-vpn -k 2005 add 1000 192.168.20.1 192.168.20.2
149 Tags: grml, vpn, network
151 Use encrypted files / partitions:
153 # grml-crypt <options>
159 # grml-crypt format /mnt/external1/encrypted_file /mnt/test
160 # cp big_file /mnt/test
161 # grml-crypt stop /mnt/test
165 # grml-crypt start /mnt/external1/encrypted_file /mnt/test
166 # grml-crypt stop /mnt/test
170 Tags: crypto, grml-crypt, dmcrypt, luks
172 Change resolution of X:
174 % xrandr -s '1024x768'
176 Tags: x11, xorg, resolution
178 Change resolution of framebuffer:
184 Configure newsreader slrn:
190 Configure grml system:
194 Or directly run scripts:
199 Tags: grml, configuration
201 Lock screen (X / console):
205 Press ctrl-alt-x to lock a GNU screen session.
207 Tags: grml, lock, grml-lock, screen
209 Change wallpaper in X:
211 % grml-wallpaper <press-tab>
213 Tags: grml, wallpaper
215 Start X window system (XFree86 / Xorg / X.org):
217 % grml-x $WINDOWMANAGER
222 % grml-x -mode '1024x768' wmii
223 % grml-x -nosync wm-ng
225 Tags: grml-x, x11, xorg, graphic
227 Collect hardware information:
231 or run as root to collect some more information:
235 will generate a file named info.tar.bz2.
237 Tags: grml, hardware, hwinfo, collect
239 Configure hardware detection features of harddisk installation:
243 or manually edit /etc/grml/autoconfig[.small]
245 See: man grml-autoconfig
247 Tags: grml, installation, configuration
249 Bootoptions / cheatcodes / bootparams for booting grml:
251 On the grml-ISO if not running grml:
252 % less /cdrom/GRML/grml-cheatcodes.txt
255 % most /usr/share/doc/grml-docs/grml-cheatcodes.txt.gz
257 Tags: grml, cheatcodes, boot, bootoptions, bootparam
259 Report bugs to Debian's Bug Tracking System (BTS):
261 % reportbug --bts debian
263 or adjust /etc/reportbug.conf to your needs.
267 http://grml.org/bugs/
268 http://www.debian.org/Bugs/
270 Tags: bug, reportbug, bts, debian
272 Offline documentation:
276 Online documentation:
279 http://grml.org/docs/
280 http://wiki.grml.org/doku.php
282 Tags: info, grml, grml-info, documentation
284 Mount ntfs partition (read-write):
287 # ntfsmount /dev/hda1 /mnt/hda1
291 Overwrite specific file on an NTFS partition:
293 ntfscp /dev/hda1 /tmp/file_source path/to/file_target
295 Resize an NTFS partition:
301 ntfsresize -n -s 10G /dev/hda1 # testcase
302 ntfsresize -s 10G /dev/hda1 # testing was successfull, now really resize partition
303 cfdisk /dev/hda # delete partition hda1, create new one with 10000MB and fs-type 07 (NTFS)
305 Tags: ntfs, resize, ntfsresize
307 Modify resolution for intel graphic chipsets:
313 # 915resolution 4d 1400 1050
315 Connect bluetooth mouse:
319 ... and press 'connect' button on your bluetooth device.
321 Connect bluetooth headset:
325 ... and press 'connect' button on your bluetooth device.
327 Secure delete file / directory / partition:
333 Also take a look at shred(1), sfill(1) and http://dban.sourceforge.net/
335 Tags: delete, secure, wipe, shred
337 Use grml on Samsung X20 laptop:
339 # apt-get install grml-samsung-x20
341 See: http://www.michael-prokop.at/computer/samsung_x20.html
343 Development information regarding grml:
345 http://grml.supersized.org/
347 Tags: blog, grml, developmnet
351 #grml on irc.freenode.org - http://grml.org/irc/
352 http://grml.org/contact/
354 Tags: contact, irc, freenode, email
356 Join the grml mailinglist:
358 http://grml.org/mailinglist/
360 Tags: grml, mailinglist
364 http://grml.org/donations/
366 Tags: grml, dontations
368 Commercial support / system administration / adjusted live-cds:
370 grml-solutions: http://grml.org/solutions/
372 Tags: grml, commercial, customize
374 Information regarding the kernel provided by grml:
376 http://grml.org/kernel/
378 Tags: documentation, grml, kernel
380 SMTP command-line test tool:
386 % swaks -s $MAILSERVER -tlsc -a -au $ACCOUNT -ap $PASSWORD -f $MAILADRESSE -t $MAILADRESSE
390 Tags: swak, smtp, test
392 NTFS related packages:
400 Modify service through init script:
407 # /etc/init.d/lvm start
409 Tags: init, script, start, stop
413 # jstest /dev/input/js0
417 % mplayer /path/to/movie
421 Use webcam with mplayer:
423 % mplayer tv:// -tv driver=v4l:width=352:height=288:outfmt=yv12:device=/dev/video0
427 Powerful network discovery tool:
431 Tags: network, python, tool
433 Grab an entire CD and compress it to Ogg/Vorbis,
434 MP3, FLAC, Ogg/Speex and/or MPP/MP+(Musepack) format:
438 Tags: rip, abcde, mp3, transcode, audio
440 Show a console session in several terminals:
444 Switch behaviour of caps lock key:
448 grep with Perl-compatible regular expressions:
452 ncp: a fast file copy tool for LANs
457 Remote (receive file):
460 Tags: copy, file, network
462 utility for sorting records in complex ways:
466 a smaller, cheaper, faster SED implementation:
474 See: http://grml.org/zsh/
476 zsh reference card for grml system:
479 /usr/share/doc/grml-docs/zsh/grml-zsh-refcard.pdf.gz
483 % for i in foo* ; do mv "$i" "bar${i/foo}" ; done
485 % prename 's/foo/bar/' foo*
487 % zmv 'foo(*)' 'bar$1'
489 Test TFT / LCD display:
497 Improved grep version:
501 Grep with highlighting:
503 % grep --color=auto ...
506 Tags: grep, color, highlighte
508 Extract matches when grepping:
511 % ifconfig | grepc 'inet addr:(.*?)\s'
512 % ifconfig | glark --extract-matches 'inet addr:(.*?)\s'
514 Output text as sound:
517 % xsay # when running X and text selected via mouse
519 Adjust a grml harddisk (grml2hd) installation:
523 Tags: grml2hd, configuration, installation
525 Get information on movie files:
527 % tcprobe -i file.avi
529 Get an overview of your image files:
531 % convert 'vid:*.jpg' thumbnails.jpg
533 List all standard defines:
535 % gcc -dM -E - < /dev/null
537 Send a mail as reminder:
539 echo "mail -s 'check TODO-list' $MAILADDRESS < /dev/null" | at 23:42
541 ncurses-based presentation tool:
545 See: man tpp and /usr/share/doc/tpp/examples/
547 Use ICQ / Jabber / Yahoo! / AIM / MSN /... on command line:
551 Use IRC on command line:
557 % vimdiff file1 file2
563 Moving between diffs:
573 Hardware monitoring without kernel dependencies:
577 Install grml-iso to usb-stick:
579 % grml2usb grml.iso /mount/point
581 Tags: usbpen, usbstick, installation, grml2usb
583 Use mplayer on framebuffer console:
585 % mplayer -vo fbdev ...
587 Use links2 on framebuffer console:
589 % links2 -driver fb ...
591 Switch language / keyboard:
593 * use the bootparam lang to set language environment ($LANG, $LC_ALL, $LANGUAGE)
594 * use the bootparams keyboard / xkeyboard to activate specific keyboard layout
595 Usage example: 'grml lang=us keyboard=de xkeyboard=de'
597 Or run one of the following commands:
601 # loadkeys i386/qwertz/de-latin1-nodeadkeys.kmap.gz # console
604 Tags: languae, keyboard, configuration
606 Switch setting of caps-control key (switch between ctrl + shift) on keyboard:
610 Mount usb device / usb stick:
612 % mount /mnt/external1 # corresponds to /dev/sda1
614 % mount /mnt/external # corresponds to /dev/sda
616 Install Sun Java packages:
618 Download j2re.bin-file from http://java.sun.com/downloads/index.html and run
620 # apt-get install java-package
621 # fakeroot make-jpkg j2re-*.bin
622 # dpkg -i sun-j2re*.deb
623 # update-alternatives --config java
627 ddrescue is an improved version of dd which tries to read and
628 if it fails it will go on with the next sectors, where tools
635 How to make an audio file (e.g. Musepack format) out of a DVD track:
637 % mkfifo /tmp/fifo.wav
638 % mppenc /tmp/fifo.wav track06.mpc &
639 % mplayer -vo null -vc null -ao pcm:fast:file=/tmp/fifo.wav -dvd-device /dev/dvd dvd://1 -chapter 6-6
641 Adjust the mppenc line with the encoder you would like to use,
642 for example 'oggenc -o track06.ogg /tmp/fifo.wav' for ogg files.
646 % mplayer -vo null -dumpaudio -dumpfile track06.raw -aid N -dvd-device /dev/dvd dvd://1 -chapter 6-6
647 to extract audio without processing, where 'N' is the corresponding audio channel (see 'man mplayer')
649 Usage example for getting a PCM/wave file from audio channel 128:
650 % mplayer -vo null -vc null -ao pcm:fast:file=track06.wav -aid 128 -dvd-device /dev/dvd dvd://6
652 Create simple chroot:
654 # make_chroot_jail $USERNAME
656 Convert DOS formated file to unix format:
658 sed 's/.$//' dosfile > unixfile # assumes that all lines end with CR/LF
659 sed 's/^M$//' dosfile > unixfile # in bash/tcsh, press Ctrl-V then Ctrl-M
660 sed 's/\x0D$//' dosfile > unixfile # gsed 3.02.80, but top script is easier
661 awk '{sub(/\r$/,"");print}' # assumes EACH line ends with Ctrl-M
662 gawk -v BINMODE="w" '1' infile >outfile # in DOS environment; cannot be done with
663 # DOS versions of awk, other than gawk
664 tr -d \r < dosfile > unixfile # GNU tr version 1.22 or higher
665 tr -d '\015' < dosfile > unixfile # use octal value for "\r" (see man ascii)
666 tr -d '[\015\032]' < dosfile > unixfile # sometimes ^Z is appended to DOS-files
667 vim -c ":set ff=unix" -c ":wq" file # convert using vim
668 vim -c "se ff=dos|x" file # ... and even shorter ;)
669 recode ibmpc..lat1 file # convert using recode
670 echo -e "s/\r//g" > dos2unix.sed; sed -f dos2unix.sed < dosfile > unixfile
672 Tags: windows, line, convert, recode, tr, line end,
674 Save live audio stream to file:
676 % mplayer -ao pcm:file=$FILE $URL
678 Save live stream to file:
680 % mplayer -dumpfile $FILE -dumpstream $STREAM
684 % mencoder mms://$URL -o $FILE -ovc copy -oac copy
688 % mimms mms://file.wmv
694 % avimerge -i *.avi -o blub.avi
698 % cat *.mpg > blub.mpg
702 % mencoder file1.wmv -ovc lavc -oac lavc -ofps 25 -srate 48000 -mc 0 -noskip -forceidx -o file1.avi
703 % mencoder file2.wmv -ovc lavc -oac lavc -ofps 25 -srate 48000 -mc 0 -noskip -forceidx -o file2.avi
704 % avimerge -i file1.avi file2.avi -o blub.avi
706 Display MS-Word file:
708 % strings file.doc | fmt | less
714 Convert MS-Word file to postscript:
716 % antiword -p a4 file.doc > file.ps
718 Convert manual to postscript:
720 % zcat /usr/share/man/man1/zsh.1.gz | groff -man > zsh.1.ps
722 % man -t zsh > zsh.ps
726 % dd if=/dev/mem bs=1k skip=768 count=256 2>/dev/null | strings -n 8
728 Read HTTP via netcat:
730 echo -e "GET / HTTP/1.1\r\nHost: $DOMAIN\r\n\r\n" | netcat $DOMAIN 80
732 Get X ressources for specific program:
734 % xrdb -q |grep -i xterm
736 Get windowid of specific X-window:
738 % xwininfo -int | grep "Window id:" | cut -d ' ' -f 4
740 Get titel of specific X-window:
744 check locale - LC_MESSAGES:
746 % locale -ck LC_MESSAGES
748 Create random password:
752 % dd if=/dev/urandom bs=14 count=1 | hexdump | cut -c 9-
754 Get tarballs of various Linux Kernel trees:
757 to get the current stable 2.6 release
760 to get a list of all supported trees
762 Transfer your SSH public key to another host:
764 % ssh-keygen # ssh-keygen / ssh-key-gen: if you don't have a key yet
766 % ssh-copy-id -i ~/.ssh/id_rsa.pub user@remote-system
768 % cat $HOME/.ssh/id_rsa.pub | ssh user@remote-system 'cat >> .ssh/authorized_keys'
770 Tags: ssh, ssh key, public key, ssh-copy-id, ssh-keygen
772 Update /etc/fstab entries:
776 See "man grml-rebuildfstab" for more details about
777 generation of /etc/fstab (including stuff like
778 fs LABELs / UUIDs,...).
780 Fetch and potentially change SCSI device parameters:
786 reclaim disk space by linking identical files together:
790 Find and remove duplicate files:
794 Perform layer 2 attacks:
798 Tags: network, attack, security
802 Guess PC-type hard disk partitions / partition table:
806 Perform a standard scan:
809 Write back the guessed table:
810 # gpart -W /dev/ice /dev/ice
812 Tags: partition, recovery, disk
814 Develop, test and use exploit code with the Metasploit Framework:
817 wget http://spool.metasploit.com/releases/framework-3.2.tar.gz
818 unp framework-3.2.tar.gz
822 Useful documentation:
824 % w3m /usr/share/doc/Debian/reference/reference.en.html
826 % xpdf =(zcat /usr/share/doc/Debian/reference/reference.en.pdf.gz)
828 http://grml.org/docs/ grml Documentation
829 http://wiki.grml.org/ grml Wiki
830 http://www.debian.org/doc/ Debian Documentation
831 http://wiki.debian.org/ Debian Wiki
832 http://www.gentoo.org/doc/en/ Gentoo Documentation
833 http://gentoo-wiki.com/ Gentoo Wiki
834 http://www.tldp.org/ The Linux Documentation Project
838 % fortune debian-hints
844 % fortune debian-hints
845 % dpkg -L funny-manpages
847 Backup master boot record (MBR):
849 # dd if=/dev/ice of=/tmp/backup_of_mbr bs=512 count=1
853 Backup partition table:
855 # sfdisk -d /dev/hda > hda.out
857 Restore partition table:
859 # sfdisk /dev/hda < hda.out
861 Tags: backup, partition, sfdisk, recovery
863 Clone disk via network using netcat:
866 # nc -vlp 30000 > hda1.img
868 # dd if=/dev/hda1 | nc -vq 0 192.168.1.2 30000
870 Adjust blocksize (dd's option bs=...) and include 'gzip -c'
873 # dd if=/dev/hda1 bs=32M | gzip -c | nc -vq 0 192.168.1.2 30000
875 Tags: network, backup, dd, netcat
877 Backup specific directories via cpio and ssh:
879 # for f in directory_list; do find $f >> backup.list done
880 # cpio -v -o --format=newc < backup.list | ssh user@host "cat > backup_device"
886 This one uses CPU cycles on the remote server to compare the files:
887 # ssh target_address cat remotefile | diff - localfile
888 # cat localfile | ssh target_address diff - remotefile
890 This one uses CPU cycles on the local server to compare the files:
891 # ssh target_address cat <localfile "|" diff - remotefile
893 Tags: network, backup, ssh
895 Useful tools for cloning / backups:
897 * dd: convert and copy a file
898 * dd_rescue: copies data from one file (or block device) to another
899 * pcopy: a replacement for dd
900 * partimage: back up and restore disk partitions
901 * dirvish: Disk based virtual image network backup system
902 * devclone: in-place filesystem conversion -- device cloning
903 * ntfsclone: efficiently clone, image, restore or rescue an NTFS
904 * dump: ext2/3 filesystem backup
905 * udpcast: multicast file transfer tool
906 * cpio: copy files to and from archives
907 * pax: read and write file archives and copy directory hierarchies
908 * netcat / ssh / tar / gzip / bzip2: additional helper tools
910 Tags: network, backup, ssh, udp, rescue, recovery
912 Use grml as a rescue system:
916 * dd: convert and copy a file
917 * ddrescue: copies data from one file or block device to another
918 * partimage: Linux/UNIX utility to save partitions in a compressed image file
919 * cfdisk: Partition a hard drive
920 * nparted: Newt and GNU Parted based disk partition table manipulator
921 * parted-bf: The GNU Parted disk partition resizing program, small version
922 * testdisk: Partition scanner and disk recovery tool
923 * gpart: Guess PC disk partition table, find lost partitions
927 * e2fsprogs: ext2 file system utilities and libraries
928 * e2tools: utilities for manipulating files in an ext2/ext3 filesystem
929 * e2undel: Undelete utility for the ext2 file system
930 * ext2resize: an ext2 filesystem resizer
931 * recover: Undelete files on ext2 partitions
935 * reiser4progs: administration utilities for the Reiser4 filesystem
936 * reiserfsprogs: User-level tools for ReiserFS filesystems
940 * xfsdump: Administrative utilities for the XFS filesystem
941 * xfsprogs: Utilities for managing the XFS filesystem
945 * jfsutils: utilities for managing the JFS filesystem
949 * ntfsprogs: tools for doing neat things in NTFS partitions from Linux
950 * salvage-ntfs: free NTFS data recovery tools
951 * scrounge-ntfs: data recovery program for NTFS file systems
952 * ntfsresize: resize ntfs partitions
954 Tags: ntfs, jfs, xfs, ext3, rescue, recovery, backup, filesystem, tools
956 Get ASCII value of a character with zsh:
958 % char=N ; print $((#char))
960 Convert a collection of mp3 files to wave or cdr using zsh:
962 % for i (./*.mp3){mpg321 --w - $i > ${i:r}.wav}
964 Convert images (foo.gif to foo.png) using zsh:
966 % for i in **/*.gif; convert $i $i:r.png
968 Remove all "non txt" files using zsh:
972 Remote Shell Using SSH:
975 % ssh -NR 3333:localhost:22 user@yourhost
978 % ssh user@localhost -p 3333
980 Tags: port forwarding, ssh, remote port, network
982 Reverse Shell with Netcat:
985 % netcat -v -l -p 3333 -e /bin/sh
988 % netcat 192.168.0.1 3333
990 TagS: port forwarding, ssh, remote, network
992 Reverse Shell via SSH:
994 local host (inside the network):
995 % ssh -NR 1234:localhost:22 remote_host
997 remote host (outside the network):
998 % ssh localhost -p 1234
1000 Tags: port forwarding, ssh, remote port, network
1002 Remove empty directories with zsh:
1004 % rmdir ./**/*(/od) 2> /dev/null
1006 Find all the empty directories in a tree with zsh:
1010 Find all files without a valid owner and change ownership with zsh:
1012 % chmod user /**/*(D^u:${(j.:u:.)${(f)"$(</etc/passwd)"}%%:*}:)
1014 Display the 5-10 last modified files with zsh:
1016 % print -rl -- /path/to/dir/**/*(D.om[5,10])
1018 Find and list the ten newest files in directories and subdirs (recursive) with zsh:
1020 % print -rl -- **/*(Dom[1,10])
1022 Find most recent file in a directory with zsh:
1024 % setopt dotglob ; print directory/**/*(om[1])
1026 Tunnel all traffic through an external server:
1028 % ssh -ND 3333 username@external.machine
1030 Then set the SOCKS4/5 proxy to localhost:3333.
1031 Check whether it's working by surfing e.g. to checkip.dyndns.org
1033 Tags: ssh, network, proxy, socks, tunnel
1035 Tunnel everything through SSH via tsocks:
1037 set up the SSH proxy on the client side:
1039 % ssh -ND 3333 user@remote.host.example.com
1041 Adjust /etc/tsocks.conf afterwards (delete all other lines):
1046 For programs who natively support proxying connections (e.g. Mozilla
1047 Firefox) you can now set the proxy address to localhost port 3333.
1049 All other programs which's connections you want to tunnel through your
1050 external host are prefixed with tsocks, e.g.:
1052 % tsocks netcat example.com 80
1053 % tsocks irssi -c irc.quakenet.eu.org -p 6667
1055 If you call tsocks without parameters it executes a shell witht the
1056 LD_PRELOAD environment variable already set and exported.
1058 Tags: ssh, network, proxy, socks, tunnel, tsocks
1060 smartctl - control and monitor utility for harddisks using Self-Monitoring,
1061 Analysis and Reporting Technology (SMART):
1063 # smartctl --all /dev/ice
1065 If you want to use smartctl on S-ATA (sata) disks use:
1067 # smartctl -d ata --all /dev/sda
1070 # smartctl -t offline /dev/ice
1073 # smartctl -t short /dev/ice
1075 Display results of test:
1076 # smartctl -l selftest /dev/ice
1078 Query device information:
1079 # smartctl -i /dev/ice
1081 Tags: smart, s.m.a.r.t, info, test, hardware
1083 Mount a BSD / Solaris partition:
1085 # mount -t ufs -o ufstype=ufs2 /dev/hda1 /mnt/hda1
1087 Use ufstype 44bsd for FreeBSD, NetBSD, OpenBSD (read-write).
1088 Use ufstype ufs2 for >= FreeBSD 5.x (read-only).
1089 Use ufstype sun for SunOS (Solaris) (read-write).
1090 Use ufstype sunx86 for SunOS for Intel (Solarisx86) (read-write).
1092 See /usr/share/doc/linux-doc-$(uname -r)/Documentation/filesystems/ufs.txt.gz
1095 Tags: ufs, bsd, mount, solaris
1097 Read BIOS (and or BIOS) password:
1099 # dd if=/dev/mem bs=512 skip=2 count=1 | hexdump -C | head
1101 Clone one of the kernel trees via git:
1103 git clone rsync://rsync.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.git
1104 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1105 This path defines the tree. See http://kernel.org/git/ for an overview.
1107 Mount filesystems over ssh protocol:
1109 % sshfs user@host:/remote_dir /mnt/test
1113 % fusermount -u /mnt/test
1115 (Notice: requires fuse kernel module)
1117 Tags: ssh, sshfs, network, mount, directory, remote, fuse
1119 Install Gentoo using grml:
1121 See http://www.gentoo.org/doc/en/altinstall.xml
1123 Install (plain) Debian (sarge release) via grml:
1125 Assuming you want to install Debian to sda1:
1127 mkfs.ext3 /dev/sda1 # make an ext3 filesystem on /dev/sda1
1128 mount -o rw,suid,dev /dev/sda1 /mnt/test # now mount the new partition
1129 debootstrap sarge /mnt/test ftp://ftp.tugraz.at/mirror/debian # get main packages from a debian-mirror
1130 chroot /mnt/test /bin/bash # let's chroot into the new system
1131 mount -t devpts none /dev/pts # ...otherwise running base-config might fail ("Terminated" or "openpty failed")
1132 mount -t proc none /proc # make sure we also have a mounted /proc
1133 base-config # now configure some main settings
1134 vi /etc/mkinitrd/mkinitrd.conf # adjust $ROOT (to /dev/sda1) for your new partition, autodetection will fail in chroot
1135 cd /dev ; ./MAKEDEV generic # make sure we have all necessary devices for lilo
1136 apt-get install lilo linux-image-2.6.12-1-386 # install lilo and a kernel which fits your needs
1137 cp /usr/share/doc/lilo/examples/conf.sample /etc/lilo.conf # let's use a template
1138 vi /etc/lilo.conf && lilo # adjust the file for your needs and run lilo afterwards
1139 umount /proc ; umount /dev/pts # we do not need them any more
1140 exit # now leave chroot
1141 cp /etc/hosts /etc/fstab /mnt/test/etc/ # you might want to take the existing files...
1142 cp /etc/network/interfaces /mnt/test/etc/network/ # ...from the running grml system for your new system
1143 umount /mnt/test && reboot # unmount partition and reboot...
1145 See also: http://www.debian.org/releases/stable/i386/apcs04.html.en
1146 Avoid all of the above steps - use grml-debootstrap(8) instead!
1148 Tags: manual, installation, debian, debootstrap
1150 Install (plain) Debian (etch release) via grml
1152 Assuming you want to install Debian to sda1:
1154 mkfs.ext3 /dev/sda1 # make an ext3 filesystem on /dev/sda1
1155 mount -o rw,suid,dev /dev/sda1 /mnt/test # now mount the new partition
1156 debootstrap etch /mnt/test ftp://ftp.tugraz.at/mirror/debian # get main packages from a debian-mirror
1157 chroot /mnt/test /bin/bash # let's chroot into the new system
1158 mount -t proc none /proc # make sure we have a mounted /proc
1159 apt-get install locales console-data # install locales
1160 dpkg-reconfigure locales console-data # adjust locales to your needs
1161 apt-get install vim most zsh screen less initrd-tools file grub \
1162 usbutils pciutils bzip2 sysfsutils dhcp3-client resolvconf \
1163 strace lsof w3m # install useful software
1164 apt-get install linux-headers-2.6-686 linux-image-686 # install current kernel
1166 echo "127.0.0.1 localhost" > /etc/hosts # adjust /etc/hosts and network:
1167 cat >> /etc/network/interfaces << EOF
1168 iface lo inet loopback
1169 iface eth0 inet dhcp
1174 ln -sf /usr/share/zoneinfo/Europe/Vienna /etc/localtime # adjust timezone and /etc/fstab:
1175 cat >> /etc/fstab << EOF
1176 sysfs /sys sysfs auto 0 0
1177 proc /proc proc defaults 0 0
1178 /dev/sda1 / ext3 defaults,errors=remount-ro 0 1
1179 /dev/sda2 none swap sw 0 0
1180 /dev/cdrom /mnt/cdrom0 iso9660 ro,user,noauto 0 0
1182 passwd # set password of user root
1184 mkdir /boot/grub # setup grub
1185 cp /usr/share/doc/grub/examples/menu.lst /boot/grub
1186 cat >> /boot/grub/menu.lst << EOF
1187 title Debian Etch, kernel 2.6.18-3-686 (on /dev/sda1)
1189 kernel /boot/vmlinuz-2.6.18-3-686 root=/dev/sda1 ro
1190 initrd /boot/initrd.img-2.6.18-3-686
1192 vim /boot/grub/menu.lst # adjust grub configuration to your needs
1193 cd /dev && MAKEDEV generic # create default devices
1194 cp -i /usr/lib/grub/i386-pc/* /boot/grub/ # copy stage-files to /boot/grub/
1195 grub install # now install grub, run in grub-cmdline following commands:
1199 umount -a # unmount all filesystems in chroot and finally:
1200 exit # exit the chroot and:
1203 If you want to use lilo instead of grub take a look at
1204 /usr/share/doc/lilo/examples/conf.sample or use the following template:
1206 cat > /etc/lilo.conf << EOF
1207 # This allows booting from any partition on disks with more than 1024 cylinders.
1210 # Specifies the boot device
1213 # Specifies the device that should be mounted as root.
1216 # use Debian on software raid:
1217 # raid-extra-boot=mbr-only
1225 image=/boot/vmlinuz-2.6.18-grml
1229 initrd=/boot/initrd.img-2.6.18-grml
1232 See also: http://www.debian.org/releases/stable/i386/apcs04.html.en
1233 Avoid all of the above steps - use grml-debootstrap(8) instead!
1235 Tags: manual, installation, debian, debootstrap, howto
1237 Convert files from Unicode / UTF-8 to ISO:
1239 % iconv -c -f utf8 -t iso-8859-15 < utffile > isofile
1243 % iconv -f iso-8859-15 -t utf8 < isofile > utffile
1245 Tags: utf-8, iso, unicode, utf8
1247 Assign static setup for network cards (NICs) via udev:
1249 Retrieve information for address (corresponding to MAC address):
1251 # udevadm info -a -p /sys/class/net/eth0/ | grep -i 'ATTR{address}'
1253 Execute /lib/udev/write_net_rules with according values (INTERFACE
1254 is old NIC name, INTERFACE_NAME is new NIC name and MATCHADDR
1255 is the MAC address retrieved with udevadm info command):
1257 # INTERFACE=eth0 INTERFACE_NAME=lan0 MATCHADDR=00:00:00:00:00:01 /lib/udev/write_net_rules
1259 This will generate file /etc/udev/rules.d/70-persistent-net.rules with content:
1261 SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:00:00:00:00:01", KERNEL=="eth*", NAME="lan0"
1263 Finally take down the interface (ifdown/ifconfig) and execute:
1265 # udevadm trigger --action=add --subsystem-match=net
1267 so the interface will be renamed. (Rebooting or
1268 unloading drivers/restart udev/loading drivers again
1269 works as well of course.)
1271 Tags: udev, configuration, name, eth0, howto
1273 Change the suffix from *.sh to *.pl using zsh:
1276 % zmv -W '*.sh' '*.pl'
1278 Generate SSL certificate:
1280 Create self signed certificate (adjust /etc/ssl/openssl.cnf if necessary):
1281 # openssl req -x509 -newkey rsa:1024 -keyout keyfile -out certfile -days 9999 -nodes
1284 # openssl x509 -in certfile -text
1286 Verify against CA certificate:
1287 # openssl verify -CAfile cacert.crt -verbose -purpose sslserver
1289 Generate 2048bit RSA-key:
1290 # openssl req -new -x509 -keyout pub-sec-key.pem -out pub-sec-key.pem -days 365 -nodes
1292 As before but add request to existing key pub-sec-key.pem:
1293 # openssl req -new -out request.pem -keyin pub-sec-key.pem
1295 Show request request.pem:
1296 # openssl req -text -noout -in request.pem
1298 Verify signature of request request.pem:
1299 # openssl req -verify -noout -in request.pem
1301 Generate SHA1 fingerprint (modulo key) of request.pem:
1302 # openssl req -noout -modulus -in request.pem | openssl sha1 -c
1304 Generate 2048bit RSA-key and put it to pub-sec-key.pem. Save self signed certificate in self-signed-certificate.pem:
1305 # openssl req -x509 -days 365 -newkey rsa:2048 -out self-signed-certificate.pem -keyout pub-sec-key.pem
1307 As before but create self signed certificate based on existing key pub-sec-key.pem:
1308 # openssl req -x509 -days 365 -new -out self-signed-certificate.pem -key pub-sec-key.pem
1310 Generate new request out of existing self signed certificate:
1311 # openssl x509 -x509toreq -in self-signed-certificate.pem -signkey pub-sec-key.pem -out request.pem
1313 Display certificate self-signed-certificate.pem in plaintext:
1314 # openssl x509 -text -noout -md5 -in self-signed-certificate.pem
1316 Check self signed certificate:
1317 # openssl verify -issuer_checks -CAfile self-signed-certificate.pem self-signed-certificate.pem
1319 Estable OpenSSL-connection using self-signed-certificate.pem and display certificate:
1320 # openssl s_client -showcerts -CAfile self-signed-certificate.pem -connect www.example.com:443
1322 Generate ssl-certificate for use with apache2:
1324 export RANDFILE=/dev/random
1325 mkdir /etc/apache2/ssl/
1326 openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/ssl/apache.pem -keyout /etc/apache2/ssl/apache.pem
1327 chmod 600 /etc/apache2/ssl/apache.pem
1329 Also take a look at make-ssl-cert (debconf wrapper for openssl):
1331 # /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/apache.pem
1333 and mod-ssl-makecert (utility to create SSL certificates in /etc/apache/ssl.*/).
1335 Tags: openssl, howto
1337 Change Windows NT password(s):
1339 # mount -o rw /mnt/hda1
1340 # cd /mnt/hda1/WINDOWS/system32/config/
1341 # chntpw SAM SECURITY system
1343 Notice: if mounting the partition read-write did not work (check syslog!)
1344 try using mount.ntfs-3g instead: mount.ntfs-3g /dev/hda1 /mnt/hda1
1346 (Be careful with deactivating syskey!)
1348 Tags: password, windows, recovery, chntpw, howto
1350 glark - replacement for grep written in Ruby:
1352 A replacement for (or supplement to) the grep family, glark offers:
1353 Perl compatible regular expressions, highlighting of matches,
1354 context around matches, complex expressions and automatic exclusion
1359 % glark -y keyword file # display only the region that matched, not the entire line
1360 % glark -o format print *.h # search for either "printf" or "format"
1362 More information: man glark
1364 Find CD burning device(s):
1366 General information on CD-ROM:
1367 % cat /proc/sys/dev/cdrom/info
1369 Scan using ATA Packet specific SCSI transport:
1370 # cdrecord -dev=ATA -scanbus
1371 # cdrecord-prodvd -s -scanbus dev=ATA
1373 Get specific information for /dev/ice:
1374 # cdrecord dev=/dev/ice -scanbus
1376 Tags: hardware, info, cd burn
1378 Create devices in /dev on udev:
1380 For example create md devices (/dev/md0, /dev/md1,...):
1381 # cd /dev ; WRITE_ON_UDEV=1 ./MAKEDEV md
1385 Identify network device (NIC):
1387 # ethtool -i $DEVICE
1389 Show NIC statistics:
1391 # ethtool -S $DEVICE
1393 If your NIC shows some aging signs, you may want to be sure:
1395 # ethtool -t $DEVICE
1397 Disable TCP/UDP checksums:
1399 # ethtool -K $DEVICE tx off
1401 Tags: configuration, network, device
1403 grml2hd seems to hang? Getting Squashfs errors? Problems while booting?
1405 Switch to tty12 and take a look at the syslog. If you see something like:
1407 SQUASHFS error: zlib_fs returned unexpected result 0x........
1408 SQUASHFS error: Unable to read cache block [.....]
1409 SQUASHFS error: Unable to read inode [.....]
1411 your ISO/CD-ROM very probably is not ok. Verify it via booting with grml testcd.
1412 Check your CD low-level via running:
1414 # readcd -c2scan dev=/dev/cdrom
1416 If the medium really is ok and it still fails try to boot with deactivated DMA
1417 via using grml nodma at the bootprompt.
1419 Tags: grml2hd, installation, verify, squashfs, error
1421 Write a Microsoft compatible boot record (MBR) using ms-sys
1423 Write a Windows 2000/XP/2003 MBR to a device:
1425 # ms-sys -m /dev/ice
1427 Notice: grab ms-sys from http://ms-sys.sourceforge.net/ - demo:
1429 wget http://surfnet.dl.sourceforge.net/sourceforge/ms-sys/ms-sys-2.1.3.tgz
1430 unp ms-sys-2.1.3.tgz
1435 Tags: mbr, windows, ms-sys, recovery
1437 Use a Vodafone 3G Datacard (UMTS) with Linux:
1439 Plug in your vodafone card and check in syslog whether the appropriate
1440 (probably /dev/ttyUSB0 or /dev/noz0) has been created. If so run:
1443 # wvdial --config /etc/wvdial.conf.umts $PROFILE
1446 # comgt -d /dev/ttyUSB0
1447 # wvdial --config /etc/wvdial.conf.umts a1usb
1449 # comgt -d /dev/noz0
1450 # wvdial --config /etc/wvdial.conf.umts tmnozomi
1452 # comgt -d /dev/noz0
1453 # wvdial --config /etc/wvdial.conf.umts dreiusb
1455 # comgt -d /dev/ttyACM0
1456 # wvdial --config /etc/wvdial.conf.umts yesss
1458 If you receive invalid DNS nameservers when connecting, like:
1461 --> primary DNS address 10.11.12.13
1462 --> secondary DNS address 10.11.12.14
1464 just provide a working nameserver to resolvconf via:
1466 # echo "nameserver 80.120.17.70" | resolvconf -a ppp0
1468 Notice: some vodafone cards require the nozomi driver (run 'modprobe nozomi' on
1469 your grml system), some other ones require the sierra driver (run
1472 If your device isn't supported by usbserial yet, manually provide vendor and
1473 product ID when loading the usbserial module. Usage example:
1477 Bus 004 Device 008: ID 1199:6813 Sierra Wireless, Inc.
1479 # modprobe usbserial vendor=0x1199 product=0x6813
1481 To get a list of available providers execute:
1483 # comgt -s -d /dev/ttyUSB0 /etc/comgt/operator
1485 Tags: umts, 3g, vodafone, sierra, wvdial, ppp, howto
1487 hdparm - get/set hard disk parameters
1489 Display the identification info that was obtained from the drive at boot time,
1491 # hpdarm -i /dev/ice
1493 Request identification info directly from the drive:
1494 # hpdarm -I /dev/ice
1496 Perform timings of device + cache reads for benchmark and comparison purposes:
1497 # hdparm -tT /dev/ice
1499 Tags: hardware, performance, configuration, harddisk
1501 bonnie++ - program to test hard drive performance.
1503 # mkdir /mnt/benchmark
1504 # mount /dev/ice /mnt/benchmark
1505 # chmod go+w /mnt/benchmark
1506 # bonnie -u grml -d /mnt/benchmark -s 2000M
1508 Tags: benchmark, harddisk
1510 Use gizmo with a bluetooth headset:
1512 % DEVICE="/dev/dsp$(awk '/- BT Headset/ {print $1}' /proc/asound/cards)"
1513 % gizmo --mic $DEVICE --speaker $DEVICE
1515 Scan a v4l device for TV stations:
1517 % scantv -c /dev/video0 -C /dev/vbi0 -o ~/.xawtv
1519 Then running xawtv should work:
1523 Run apt-get with timeout of 3 seconds:
1525 # apt-get -o acquire::http::timeout=3 update
1529 Debian GNU/Linux device driver check page
1531 % $BROWSER http://kmuto.jp/debian/hcl/index.cgi
1533 Use dd with status line:
1535 # dd if=/dev/ice conv=noerror,notrunc,sync | buffer -S 100k | dd of=/tmp/file
1537 Generate a 512k file of random data with status bar:
1539 % dd if=/dev/random bs=1024 count=512 | bar -s 512k -of ./random
1541 Install Grub instead of lilo on grml installation (grml2hd):
1546 adjust grub's configuration file menu.lst:
1547 # $EDITOR /boot/grub/menu.lst
1549 now install grub (usage example for /dev/sda1):
1556 Install Ubuntu using grml:
1558 See https://wiki.ubuntu.com/Installation/FromKnoppix
1560 Tags: ubuntu, installation
1562 Resize ext2 / ext3 partition:
1564 # tune2fs -O '^has_journal' /dev/iceX # disable journaling
1565 # fsck.ext2 -v -y -f /dev/iceX # check the filesystem
1566 # resize2fs -p /dev/iceX $SIZE # resize it (adjust $SIZE)
1567 # fdisk /dev/ice # adjust partition in partition table
1568 # fsck.ext2 -v -y -f /dev/iceX # check filesystem again
1569 # resize2fs -p /dev/iceX # resize it to maximum
1570 # tune2fs -j /dev/iceX # re-enable journal
1572 Tags: resize, ext2, ext3, ext4, partition, howto
1574 Tune ext2 / ext3 filesystem:
1576 Check partition first:
1578 # tune2fs -l /dev/iceX
1580 If you don't see dir_index in the list, then enable it:
1582 # tune2fs -O dir_index /dev/iceX
1584 Now run e2fsck with the -D option to have the directories optimized:
1586 # e2fsck -D /dev/iceX
1588 Notice: since e2fsprogs (1.39-1) filesystems are created with
1589 directory indexing and on-line resizing enabled by default.
1591 Tags: configuration, ext2, ext3, ext4, partition
1593 Search for printers via network:
1595 # pconf_detect -m NETWORK -i 192.168.0.1/24
1597 Tags: printer, network, scan
1599 Mount a remote directory via webdav (e.g. Mediacenter of GMX):
1601 # mount -t davfs https://mediacenter.gmx.net/ /mnt/test
1603 Tags: webdav, mount, mediacenter, gmx
1605 System-Profiling using oprofile:
1610 # opcontrol --setup --no-vmlinux --event=CPU_CLK_UNHALTED:500000:0:1:1 --separate=library
1615 Now $DO_SOME_TASKS...
1618 # opcontrol --shutdown
1620 Then take a look at the reports using something like e.g.:
1621 # opreport -t 0.5 --exclude-dependent
1622 # opreport -t 0.5 /path/to/executable_to_check
1623 # opannotate -t 0.5 --source --assembly
1625 Tags: profile, profiling, opcontrol, howto
1627 Install ATI's fglrx driver for Xorg / X.org:
1629 Usually there already exist drivers for the grml-system:
1630 # apt-get update ; apt-get install fglrx-driver fglrx-kernel-`uname -r`
1632 After installing adjust xorg.conf via running:
1633 # aticonfig --initial --input=/etc/X11/xorg.conf
1635 For more information take a look at http://wiki.grml.org/doku.php?id=ati
1637 Tags: xorg, x11, driver, ati
1639 Install nvidia driver for Xorg / X.org:
1641 Usually there already exist drivers for the grml-system:
1642 # apt-get update ; apt-get install nvidia-glx nvidia-kernel-`uname -r`
1644 Then switch from module nv to nvidia:
1646 # sed -i 's/Driver.*nv.*/Driver "nvidia"/' /etc/X11/xorg.conf
1648 Tags: xorg, x11, driver, nvidia
1650 glxgears - a GLX demo that draws three rotating gears
1652 To print frames per second (fps) use:
1653 % glxgears -printfps
1655 Tags: xorg, x11, glx,
1657 You forgot to boot with 'grml noeject noprompt' to avoid
1658 ejecting and prompting for CD removal when rebooting/halting
1669 If you want to avoid only the prompting part, run:
1677 Tags: bootparam, fix, grml
1679 Mount wikipedia local via fuse:
1681 Adjust configuration:
1682 % cat ~/.wikipediafs/config.xml
1685 <article-cache-time>300</article-cache-time>
1689 <dirname>wikipedia-de</dirname>
1690 <host>de.wikipedia.org</host>
1691 <basename>/w/index.php</basename>
1694 <dirname>wikipedia-en</dirname>
1695 <host>en.wikipedia.org</host>
1696 <basename>/w/index.php</basename>
1701 Mount it (/wiki must exist of course):
1702 % mount.wikipediafs /wiki
1703 % cat /wiki/wikipedia-en/Cat
1706 % fusermount -u /wiki
1708 Tags: fuse, wikipedia, mount
1710 Remote notification on X via osd (on screen display):
1712 Start osd_server.py at your local host (listens on port 1234 by default):
1715 Then login to a $REMOTEHOST
1716 % ssh -R 1234:localhost:1234 $REMOTEHOST
1718 Now send the text to your local display via running something like:
1719 % echo "text to send" | nc localhost 1234
1721 Very useful when you are waiting for a long running job
1722 but want to do something else in the meanwhile:
1724 % ./configure && make && echo "finished compiling" | netcat localhost 1234
1726 You can use this in external programs as well of course. Examples:
1728 Use osd in centericq:
1730 % cat ~/.centericq/external
1739 if [ -x /usr/bin/socat -a -x /bin/netcat ] ; then
1740 CONTACT_CUSTOM_NICK=$(cat ${CONTACT_INFODIR}/info | head -n 46 | tail -n 1)
1741 osd_msg="*** CenterICQ: new ${EVENT_NETWORK} ${EVENT_TYPE} from ${CONTACT_CUSTOM_NICK} ***"
1742 if echo | socat - TCP4:localhost:1234 &>/dev/null ; then
1743 echo "${osd_msg}" | netcat localhost 1234
1747 Use it in the IRC console client irssi via running:
1751 You can even activate the port forwarding by default globally:
1756 RemoteForward 1234 127.0.0.1:1234
1759 Notice: if you get 'ABORT: Requested font not found' make sure the
1760 requested font is available, running 'LANG=C LC_ALL=C osd_server.py...'
1763 Tags: osd, notification, ssh, network, port-forwarding
1765 Avoid automatical startup of init scripts via invoke-rc.d:
1767 First of all make sure the package policyrcd-script-zg2 (which
1768 provides the /usr/sbin/policy-rc.d interface) is installed.
1770 In policyrcd-script-zg2's configuration file named
1771 /etc/zg-policy-rc.d.conf the script /usr/sbin/grml-policy-rc.d is
1772 defined as the interface for handling invoke-rc.d's startup policy.
1774 grml-policy-rc.d can be configure via /etc/policy-rc.d.conf. By
1775 default you won't notice any differences to Debian's default
1776 behaviour, except that invoke-rc.d won't be executed if a chroot has
1777 been detected (detection: /proc is missing).
1779 If you want to disable automatical startup of newly installed packages
1780 (done via the invoke-rc.d mechanism) just set EXITSTATUS to '101' in
1781 /etc/policy-rc.d.conf.
1783 To restore the default behaviour set EXITSTATUS back to '0' in
1784 /etc/policy-rc.d.conf.
1786 Tags: policy, init, script, invode-rc.d
1788 Install VMware-Tools for grml:
1790 First of all make sure a CD-ROM device in VMware is available.
1792 Mount the CD-ROM device to /mnt/cdrom, then unpack and install
1796 unp /mnt/cdrom/vmware-linux-tools.tar.gz
1797 cd vmware-tools-distrib
1800 /etc/init.d/networking stop
1805 /etc/init.d/networking start
1807 In an X terminal, launch the VMware Tools running:
1811 Tags: vmware, tool, vmware-toolbox, howto
1813 Some important Postfix stuff
1821 Send all messages in the queue:
1825 Send all messages in the queue for a specific site:
1829 Delete a specific message
1830 # postsuper -d 12345678942
1832 Deletes all messages held in the queue for later delivery
1833 # postsuper -d ALL deferred
1835 Mail queues in postfix:
1837 incoming -> mail who just entered the system
1838 active -> mail to be delivered
1839 deferred -> mail to be delivered later because there were problems
1840 hold -> mail that should not be delivered until released from hold
1842 For configuration of postfix take a look at
1843 /etc/postfix/master.cf - man 5 master
1844 /etc/postfix/main.cf - man 5 postconf
1845 and http://www.postfix.org/documentation.html.
1849 mode 4000 - set user ID (suid):
1851 - for executable files: run as the user who owns the file, instead of the
1852 user who runs the file
1853 - for directories: not used
1855 mode 2000 - set group ID (guid):
1857 - for executable files: run as the group who owns the file, instead of the
1858 group of the user who runs the file
1859 - for directories: when a file is created inside the directory, it belongs
1860 to the group of the directory instead of the default group of the user who
1863 mode 1000 - sticky bit:
1865 - for files: not used
1866 - for directories: only the owner of a file can delete or rename the file
1868 Tags: postix, mailq, postsuper, queue, delete, smtp
1870 Create MySQL database
1872 # apt-get install mysql-client mysql-server
1874 Run 'mysql' as root - create a database with:
1876 create database grml
1878 Give a user access to the database (without password):
1880 grant all on grml.* to mika;
1882 Give a user access to the database (with password):
1884 grant all on grml.* to enrico identified by "PASSWORD";
1886 Tags: mysql, database
1888 Setup an HTTPS website:
1890 Create a certificate:
1892 # mkdir /etc/apache2/ssl
1893 # make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
1895 Create a virtual host on port 443:
1897 <VirtualHost www.foo.invalid:443>
1901 Enable SSL in the VirtualHost:
1904 SSLCertificateFile /etc/apache2/ssl/apache.pem
1906 Enable listening on the HTTPS port (/etc/apache2/ports.conf):
1910 and make sure the SSL module is used:
1914 Tags: ssl, https, configuration, apache
1916 Useful Apache / Apache2 stuff
1918 Check configuration file via running:
1920 # apache2ctl configtest
1928 # a2enmod modulename
1930 Tags: apache, configuration
1932 Create tar archive and store it on remote machine:
1934 % tar zcf - /sourcedir | ssh user@targethost "cat >file.tgz"
1936 Tags: tar, backup, remote, network, ssh
1938 Pick out and displays images from network traffic:
1942 Tags: remote, network, sniff, image
1944 Install Flash plugin:
1946 # dpkg-reconfigure flashplugin-nonfree
1950 To test a proxy, low level way:
1954 GET http://www.google.com HTTP/1.0 [press enter twice]
1958 Adjust system for use of qemu with kqemu:
1960 Make sure you have all you need:
1961 # aptitude update ; aptitude install qemu kqemu-modules-$(uname -r)
1966 mknod /dev/kqemu c 250 0
1967 chmod 666 /dev/kqemu
1968 chmod 666 /dev/net/tun
1970 Check kqemu support via starting qemu, press
1971 Ctrl-Alt-2 and entering 'info kqemu'.
1973 (High-Load) Debugging related tools:
1975 mpstat # report processors related statistics
1976 iostat # report CPU statistics and input/output statistics for devices and partitions
1977 vmstat # report virtual memory statistics
1978 slabtop # display kernel slab cache information in real time
1979 atsar # system activity report
1980 dstat # versatile tool for generating system resource statistics
1991 Tags: test, debug, information, hardware, statistic
1993 Using WPA for network setup manually:
1995 # wpa_supplicant -Dwext -iwlan0 -c/etc/wpa_supplicant.conf
1997 Adjust the options and configuration file to your needs.
1998 Also take a look at 'grml-network'.
2000 Tags: wireless, wpa, network, configuration
2002 Start X and lock console via exiting:
2004 % startx 2>~/.xsession-errors &| exit
2006 Tags: xorg, x11, startx, graphical
2008 Which process is writing to disk and/or causes the disk to spin up?
2010 First of all use lsof to check what's going on. Does not help? ->
2012 # echo 1 > /proc/sys/vm/block_dump
2014 The command sets a sysctl to cause the kernel to log all disk
2015 writes. Please notice that there is a lot of data. So please
2016 disable syslogd/syslog-ng before you do this, or you must make
2017 sure that kernel output is not logged.
2019 When you're done, disable block dump using:
2020 # echo 0 > /proc/sys/vm/block_dump
2023 laptop-mode-tools provides a tool named lm-profiler (laptop mode profiler)
2024 which handles block_dump on its own.
2026 See: $KERNEL-SOURCE/Documentation/laptop-mode.txt
2028 Also take a look at event-viewer(8) which is part of grml-debugtools.
2030 Tags: debug, device, block, partition
2032 Install initrd via initramfs-tools for currently running kernel:
2034 # update-initramfs -c -t -k $(uname -r)
2038 Install initrd via yaird for currently running kernel:
2040 # yaird -o /boot/initrd.img-$(uname -r)
2042 Install initrd via yaird for specific kernel:
2046 # yaird -o /boot/initrd.img-2.6.15-1-686 2.6.15-1-686
2048 Reinstall package with its original configuration files:
2050 # apt-get install --reinstall -o DPkg::Options::=--force-confmiss -o \
2051 DPkg::Options::=--force-confnew package
2053 grml 0.8 funkenzutzler - rt2x00 drivers:
2055 To avoid conflicts with the other rt2x00-drivers the package rt2x00 (which
2056 includes beta-version drivers) is not installed by default. If you want to
2057 use the kernel modules rt2400pci, rt2500pci, rt2500usb, rt61pci and/or
2058 rt73usb please install the package manually running:
2060 # dpkg -i /usr/src/rt2x00-modules-*.deb
2062 Use Java with jikes and jamvm on grml:
2066 % cp /usr/share/doc/grml-templates/template.java .
2067 % jikes template.java
2070 Notice that grml exports $JIKESPATH (/usr/share/classpath/glibj.zip),
2071 so you do not have to manually run
2072 jikes --bootclasspath /usr/share/classpath/glibj.zip
2074 Online resizing of (Software-)RAID5:
2076 # Initiate a RAID5 setup for testing purposes:
2077 mdadm --create --verbose /dev/md0 --level=5 --raid-devices=3 /dev/hda1 /dev/hdb1 /dev/hdd1
2079 # Create filesystem, mount md0, create a testfile and save md5sum for
2082 mount /dev/md0 /mnt/test
2083 dd if=/dev/urandom of=/mnt/test/dd bs=512 count=10000
2084 md5sum /mnt/test/dd > md5sum
2086 # Make sure the RAID is synched via checking:
2089 # Now remove one partition:
2090 mdadm /dev/md0 --fail /dev/hdd1 --remove /dev/hdd1
2092 # Delete partition, create a new + bigger one and set partition type to fd
2093 # (Linux raid autodetect):
2096 # And re-add the partition:
2097 mdadm -a /dev/md0 /dev/hdd1
2099 # Make sure the RAID is synched via checking:
2102 # Repeat the steps for all other disks/partitions as well:
2103 mdadm /dev/md0 --fail /dev/hdb1 --remove /dev/hdb1
2105 mdadm -a /dev/md0 /dev/hdb1
2107 mdadm /dev/md0 --fail /dev/hda1 --remove /dev/hda1
2109 mdadm -a /dev/md0 /dev/hda1
2112 # Now resize the RAID5 system online [see 'man mdadm' for details]:
2113 mdadm --detail /dev/md0 | grep -e 'Array Size' -e 'Device Size'
2114 mdadm --grow /dev/md0 -z max
2115 mdadm --detail /dev/md0 | grep -e "Array Size" -e 'Device Size'
2117 # Last step - resize the filesystem (online again):
2120 Tags: raid, resize, raid5, mdadm
2122 ext3 online resizing:
2124 Starting with Linux kernel 2.6.10 you can resize ext3 online. With
2125 e2fsprogs >=1.39-1 new filesystems are created with directory indexing and
2126 on-line resizing enabled by default (see /etc/mke2fs.conf).
2130 cfdisk /dev/hda # create a partition with type 8e (lvm)
2131 pvcreate /dev/hda2 # create a physical volume
2132 vgcreate resize_me /dev/hda2 # create volume group
2133 lvcreate -n resize_me -L100 resize_me # create a logical volume
2134 mkfs.ext3 /dev/resize_me/resize_me # now create a new filesystem
2135 mount /dev/resize_me/resize_me /mnt/test # mount the new fs for demonstrating online resizing
2136 df -h # check the size of the partition
2137 lvextend -L+100M /dev/resize_me/resize_me # let's extend the logical volume
2138 resize2fs /dev/resize_me/resize_me # and finally resize the filesystem
2139 df -h # recheck the size of the partition
2141 This also works for Software-RAID. Demo:
2143 mdadm --create --verbose /dev/md0 --level=raid1 --raid-devices=2 /dev/hda2 /dev/hdb1
2145 mount /dev/md0 /mnt/test
2146 mdadm /dev/md0 --fail /dev/hda2 --remove /dev/hda2
2147 cfdisk /dev/hda # adjust partition size for hda2
2148 mdadm /dev/md0 --add /dev/hda2
2149 mdadm /dev/md0 --fail /dev/hdb1 --remove /dev/hdb1
2150 cfdisk /dev/hdb # adjust partition size for hdb1
2151 mdadm /dev/md0 --add /dev/hdb1
2152 mdadm --grow /dev/md0 --size=max
2155 Notice: online resizing works as soon as the kernel can re-read the
2156 partition table. So it works for example with LVM and SW-RAID but not with
2157 a plain device (/dev/[sh]d*). The kernel does not re-read the partition
2158 table if the device is already mounted.
2160 Tags: resize, raid, lvm, ext2, ext3, ext4, raid1
2162 Use vim as an outline editor:
2164 % $PAGER /usr/share/doc/vim-vimoutliner/README.Debian
2168 Monitor directories/files for changes using iwatch
2170 Monitor /tmp for changes:
2173 Monitor files/directories specified in /etc/iwatch.xml
2174 and send mail on changes:
2177 Tags: inotify, watch, file, directory
2179 Some often used mdadm commands:
2182 # mdadm --create --verbose /dev/md0 --level=raid1 --raid-devices=2 /dev/hda1 /dev/hdb1
2184 Display details of specific RAID:
2185 # mdadm --detail /dev/md0
2188 Simulating a drive failure by software:
2189 # mdadm --manage --set-faulty /dev/md0 /dev/hda1
2191 Remove disk from RAID:
2192 # mdadm /dev/md0 -r /dev/hda1
2194 Set disk as faulty and remove from RAID:
2195 # mdadm /dev/md0 --fail /dev/hda1 --remove /dev/hda1
2200 Restart a RAID-device:
2203 Add another disk to existing RAID setup (hotadd):
2204 # mdadm /dev/md0 -a /dev/hde1
2205 # mdadm --grow /dev/md0 --raid-devices=4
2207 Assemble and start all arrays:
2208 # mdadm --assemble --scan
2210 Assemble a specific array:
2211 # mdadm --assemble /dev/md0 /dev/sda1 /dev/sdb1 /dev/sdc1
2214 # mdadm --assemble --run --force --update=resync /dev/md0 /dev/sda1 /dev/sda2
2217 # mdadm --stop --scan
2219 Scan for and setup arrays automatically:
2220 # mdadm --assemble --scan --auto=yes --verbose
2222 Notice: If the above does not work make sure /etc/mdadm/mdadm.conf contains:
2224 CREATE owner=root group=disk mode=0660 auto=yes
2229 # /usr/share/mdadm/mkconf > /etc/mdadm/mdadm.conf
2232 Monitoring the sw raid
2233 # nohup mdadm --monitor --mail=root@localhost --delay=300 /dev/md0
2235 Producing /etc/mdadm/mdadm.conf:
2236 # mdadm --detail --scan > /etc/mdadm/mdadm.conf
2238 See also: man mdadm | less -p "^EXAMPLES"
2239 http://www.tldp.org/HOWTO/Software-RAID-HOWTO.html
2241 Tags: raid, raid1, raid5, configuration, mdadm, howto
2243 A quick summary of the most commonly used RAID levels:
2246 => 2 disks each 160 GB: 320 GB data
2247 RAID 1: Mirrored Set
2248 => 2 disks each 160 GB: 160 GB data
2249 RAID 5: Striped Set with Parity
2250 => 3 disks each 160 GB: 320 GB data; 160 GB redundancy
2252 Common nested RAID levels:
2253 RAID 01: A mirror of stripes
2254 RAID 10: A stripe of mirrors
2255 RAID 30: A stripe across dedicated parity RAID systems
2256 RAID 100: A stripe of a stripe of mirrors
2258 -- http://en.wikipedia.org/wiki/RAID
2260 Tags: raid, raid1, raid5, raid01, raid10, raid100
2262 Logical Volume Management (LVM) with Linux
2267 | hda1 hdc1 (PV:s on partitions or whole disks)
2273 | usrlv rootlv varlv (LV:s)
2275 | ext3 ext3 xfs (filesystems)
2277 Often used commands:
2278 ~~~~~~~~~~~~~~~~~~~~
2280 Create a physical volume:
2281 # pvcreate /dev/hda2
2283 Create a volume group:
2284 # vgcreate testvg /dev/hda2
2286 Create a logical volume:
2287 # lvcreate -n test_lv -L100 testvg
2289 Resize a logical volume:
2290 # lvextend -L+100M /dev/resize_me/resize_me
2291 # resize2fs /dev/resize_me/resize_me # ext2/3
2292 # xfs_growfs /dev/resize_me/resize_me # xfs
2293 # resize_reiserfs -f /dev/resize_me/resize_me # reiserfs online
2294 # mount -o remount,resize /dev/resize_me/resize_me # jfs
2296 Create a snapshot of a logical volume:
2297 # lvcreate -L 500M --snapshot -n mysnap /dev/testvg/test_lv
2299 Deactivate a volume group:
2300 # vgchange -a n my_volume_group
2302 Actually remove a volume group:
2303 # vgremove my_volume_group
2305 Display information about physical volume:
2306 # pvdisplay /dev/hda1
2308 Remove physical volume:
2309 # vgreduce my_volume_group /dev/hda1
2311 Remove logical volume:
2312 # umount /dev/myvg/homevol
2313 # lvremove /dev/myvg/homevol
2316 http://www.tldp.org/HOWTO/LVM-HOWTO/
2318 Tags: lvm, howto, pvcreate, lvcreate
2320 How to use APT locally
2322 Sometimes you have lots of packages .deb that you would like to use APT to
2323 install so that the dependencies would be automatically solved. Solution:
2326 dpkg-scanpackages debs /dev/null | gzip > debs/Packages.gz
2327 echo " deb file:/root debs/" >> /etc/apt/sources.list
2328 dpkg-scansources debs | gzip > debs/Sources.gz
2329 echo " deb-src file:/root debs/" >> /etc/apt/sources.list
2331 See also: http://www.debian.org/doc/manuals/apt-howto/ch-basico.en.html
2335 Check filesystem's LABEL:
2340 ext2/3 without blkid:
2341 # dumpe2fs /dev/sda1 | grep "Filesystem volume name"
2344 # xfs_admin -l /dev/sda1
2346 reiserfs without blkid:
2347 # debugreiserfs /dev/sda1 | grep -i label
2350 # jfs_tune -l /dev/sda1 | grep -i label
2352 reiser4 without blkid:
2353 # debugfs.reiser4 /dev/sda1 | grep -i label
2355 Tags: filesystem, ext2, ext3, ext4, blkid, jfs, xfs, label
2357 Check filesystem's UUID:
2362 ext2/3 without blkid:
2363 # dumpe2fs /dev/sda1 | grep -i UUID
2366 # xfs_admin -u /dev/sda1
2368 reiserfs without blkid:
2369 # debugreiserfs /dev/sda1 | grep -i UUID
2371 reiser4 without blkid:
2372 # debugfs.reiser4 /dev/sda1 | grep -i UUID
2374 Tags: filesystem, ext2, ext3, ext4, blkid, jfs, xfs, uuid
2376 Change a filesystem's LABEL:
2379 # mkswap -L $LABEL /dev/sda1
2382 # e2label /dev/sda1 $LABEL
2383 # tune2fs -L $LABEL /dev/sda1
2386 # reiserfstune -l $LABEL /dev/sda1
2389 # jfs_tune -L $LABEL /dev/sda1
2392 # xfs_admin -L $LABEL /dev/sda1
2395 # echo 'drive i: file="/dev/sda1"' >> ~/.mtoolsrc
2396 # mlabel -s i:$LABEL
2399 # ntfslabel $LABEL /dev/sda1
2401 Tags: filesystem, ext2, ext3, ext4, blkid, jfs, xfs
2403 Disable pdiffs feature of APT:
2406 # echo 'Acquire::PDiffs "false";' >> /etc/apt/apt.conf
2409 # apt-get update -o Acquire::Pdiffs=false
2411 Backup big devices or files and create compressed splitted
2412 image chunks of it using zsplit
2414 Create backup of /dev/sda named archiveofsda_#.spl.zp in directory
2415 /mnt/sda1/backup, split the files up into chunks of 1GB each and set
2416 read/write buffer to 256kB:
2417 # zsplit -b 256 -N archiveofsda -o /mnt/sda1/backup/ -s 1G /dev/sda
2419 Restore the backup using unzsplit:
2420 # unzsplit -D /dev/sda -d archiveofsda
2422 More usage examples: man zsplit + man unzsplit
2424 Tags: backup, reocvery, spllt, limit, howto
2426 Measure network performance using iperf:
2432 % iperf -c <server_address> -V
2436 Server with 128k TCP window size:
2439 Client with running for 60 seconds and bidirectional test:
2440 % iperf -c <server_address> -r -w128k -t60
2442 Tags: network, benchmark
2444 Framebuffer resolutions:
2446 Resolution in pixels
2447 Color depth | 640x480 800x600 1024x768 1280x1024
2448 256 (8bit)| 769 771 773 775
2449 32000 (15bit)| 784 787 790 793
2450 65000 (16bit)| 785 788 791 794
2451 16.7 Mill.(24bit)| 786 789 792 795
2455 Mode 0x0300: 640x400 (+640), 8 bits
2456 Mode 0x0301: 640x480 (+640), 8 bits
2457 Mode 0x0303: 800x600 (+800), 8 bits
2458 Mode 0x0303: 800x600 (+832), 8 bits
2459 Mode 0x0305: 1024x768 (+1024), 8 bits
2460 Mode 0x0307: 1280x1024 (+1280), 8 bits
2461 Mode 0x030e: 320x200 (+640), 16 bits
2462 Mode 0x030f: 320x200 (+1280), 24 bits
2463 Mode 0x0311: 640x480 (+1280), 16 bits
2464 Mode 0x0312: 640x480 (+2560), 24 bits
2465 Mode 0x0314: 800x600 (+1600), 16 bits
2466 Mode 0x0315: 800x600 (+3200), 24 bits
2467 Mode 0x0317: 1024x768 (+2048), 16 bits
2468 Mode 0x0318: 1024x768 (+4096), 24 bits
2469 Mode 0x031a: 1280x1024 (+2560), 16 bits
2470 Mode 0x031b: 1280x1024 (+5120), 24 bits
2471 Mode 0x0330: 320x200 (+320), 8 bits
2472 Mode 0x0331: 320x400 (+320), 8 bits
2473 Mode 0x0332: 320x400 (+640), 16 bits
2474 Mode 0x0333: 320x400 (+1280), 24 bits
2475 Mode 0x0334: 320x240 (+320), 8 bits
2476 Mode 0x0335: 320x240 (+640), 16 bits
2477 Mode 0x0336: 320x240 (+1280), 24 bits
2478 Mode 0x033c: 1400x1050 (+1408), 8 bits
2479 Mode 0x033d: 640x400 (+1280), 16 bits
2480 Mode 0x033e: 640x400 (+2560), 24 bits
2481 Mode 0x0345: 1600x1200 (+1600), 8 bits
2482 Mode 0x0346: 1600x1200 (+3200), 16 bits
2483 Mode 0x034d: 1400x1050 (+2816), 16 bits
2484 Mode 0x035c: 1400x1050 (+5632), 24 bits
2486 Tags: framebuffer, resolution
2488 Portscan using netcat:
2490 # netcat -v -w2 <host|ip-addr.> 1-1024
2492 Run apt-get but disable apt-listchanges:
2494 APT_LISTCHANGES_FRONTEND=none apt-get ...
2496 Upgrade system but disable apt-listbugs:
2498 APT_LISTBUGS_FRONTEND=none apt-get ...
2500 Set up a Transparent Debian Proxy
2502 Install of apt-cacher, the default config will do:
2503 # apt-get install apt-cacher
2505 Check out the ip address of debian mirror(s).
2506 Then add this to your firewall script:
2508 DEBIAN_MIRRORS="141.76.2.4 213.129.232.18"
2509 for ip in ${DEBIAN_MIRRORS} ; do
2510 ${IPTABLES} -t nat -A PREROUTING -s $subnet -d $ip -p tcp --dport 80 -j REDIRECT --to-port 3142
2513 where ${IPTABLES} is the location of your iptables binary
2514 and $subnet is your internal subnet.
2516 Now everybody in your subnet who does access either
2517 ftp.de.debian.org or ftp.at.debian.org will actually
2518 access your apt-cacher instead.
2520 To use apt-cacher on the router itself, add the following
2521 line to your /etc/apt/apt.conf:
2523 Acquire::http::Proxy "http://localhost:3142/";
2525 Tags: proxy, debian, apt-get, howto
2527 Version control using Mercurial
2529 Setting up a Mercurial project:
2532 % hg init # creates .hg
2533 % hg add # add all files
2534 % hg commit # commit all changes, edit changelog entry
2536 Branching and merging:
2538 % hg clone linux linux-work # create a new branch
2543 % hg pull ../linux-work # pull changesets from linux-work
2544 % hg merge # merge the new tip from linux-work into
2545 # (old versions used "hg update -m" instead)
2546 # our working directory
2547 % hg commit # commit the result of the merge
2551 % cat ../p/patchlist | xargs hg import -p1 -b ../p
2559 % hg export 1234 > foo.patch # export changeset 1234
2561 Export your current repo via HTTP with browsable interface:
2563 % hg serve -n "My repo" -p 80
2565 Pushing changes to a remote repo with SSH:
2567 % hg push ssh://user@example.com/~/hg/
2569 Merge changes from a remote machine:
2571 host1% hg pull http://foo/
2572 host2% hg merge # merge changes into your working directory
2574 Set up a CGI server on your webserver:
2575 % cp hgwebdir.cgi ~/public_html/hg/index.cgi
2576 % $EDITOR ~/public_html/hg/index.cgi # adjust the defaults
2578 Download binary codecs for mplayer:
2580 # /usr/share/mplayer/scripts/win32codecs.sh
2584 # /usr/share/mplayer/scripts/binary_codecs.sh install
2586 (depending on the mplayer version you have).
2588 To play encrypted DVDs and if you are living in a country where using
2589 libdvdcss code is not illegal can install Debian package libdvdread3
2590 and use the script /usr/share/doc/libdvdread3/install-css.sh.
2592 Read manpages of uninstalled packages with debman:
2594 % debman -p git-core git
2596 Test network performance using netperf:
2602 # netperf -t TCP_STREAM -H 192.168.0.41
2604 Tags: benchmark, network
2606 Setup Xen within 20 minutes on Debian/grml
2608 Install relevant software und update grub's menu.lst (Xen does not work with
2609 usual lilo so install grub instead if not done already):
2611 apt-get install linux-image-2.6.18-1-xen-686 xen-hypervisor-3.0.3-1-i386 \
2612 xen-utils-3.0.3-1 xen-tools bridge-utils
2615 Example for installation of Debian etch as DomU:
2618 xen-create-image --debootstrap --dir=/mnt/md1/xen --size=2Gb --memory=512Mb --fs=ext3 \
2619 --cache=yes --dist=etch --hostname=xengrml1 --ip 192.168.1.2 --netmask 255.255.255.0 \
2620 --gateway 192.168.1.1 --initrd=/boot/initrd.img-2.6.18-1-xen-686 \
2621 --kernel=/boot/vmlinuz-2.6.18-1-xen-686 --mirror=http://ftp.at.debian.org/debian/
2625 /etc/init.d/xend start
2626 /etc/init.d/xendomains start
2628 Setup a bridge for network, either manually:
2630 brctl addbr xenintbr
2631 brctl stp xenintbr off
2632 brctl sethello xenintbr 0
2633 brctl setfd xenintbr 0
2634 ifconfig xenintbr 192.168.1.1 netmask 255.255.255.0 up
2636 or via /etc/network/interfaces (run ifup xenintbr to bring up the device then
2640 iface xenintbr inet static
2641 pre-up brctl addbr xenintbr
2642 post-down brctl delbr xenintbr
2644 netmask 255.255.255.0
2649 Setup forwarding (adjust $PUBLIC_IP; for permanet setup use /etc/sysctl.conf and
2650 add the iptables commands to a startup script like /etc/init.d/rc.local):
2652 echo 1 > /proc/sys/net/ipv4/ip_forward
2653 iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j SNAT --to $PUBLIC_IP
2654 iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to $PUBLIC_IP
2656 Adjust network configuration of Xend:
2658 cat >> /etc/xen/xend-config.sxp << EOF
2659 (network-script network-route)
2660 (vif-bridge xenintbr)
2661 (vif-script vif-bridge)
2664 List domains, start up a DomU, shutdown later again:
2666 xm create -c /etc/xen/xengrml1.cfg
2670 This HowTo is also available online at http://grml.org/xen/
2672 Tags: howto, xen, grml
2674 Play tetris with zsh:
2678 bindkey "^Xt" tetris
2680 Now press 'ctrl-x t'.
2682 Set up a router with grml
2684 Run grml-router script:
2687 Install dnsmasq if not already present:
2688 # apt-get update ; apt-get install dnsmasq
2690 Adjust /etc/dnsmasq.conf according to your needs:
2691 # cat >> /etc/dnsmasq.conf << EOF
2694 dhcp-range=19.168.0.124,192.168.0.254,1m # dhcp range
2695 dhcp-option=3,192.168.0.1 # dns server
2696 dhcp-option=1,255.255.255.0 # netmask
2699 Start dnsmasq finally:
2702 Tags: network, router, grml
2704 Display stats about memory allocations performed by a program:
2706 Usage example for 'ls':
2708 % LD_PRELOAD=/lib/libmemusage.so ls > /dev/null
2710 Use KVM (Kernel-based Virtual Machine for Linux):
2712 Make sure to install the relevant tools:
2713 # apt-get update ; apt-get install kvm
2716 Test it with a minimal system like ttylinux:
2717 # wget http://www.minimalinux.org/ttylinux/packages/bootcd-i386-5.3.iso.gz
2718 # gzip -d bootcd-i386-5.3.iso.gz
2719 # kvm -cdrom bootcd-i386-5.3.iso
2721 EEPROM data decoding for SDRAM DIMM modules:
2724 # /usr/share/doc/lm-sensors/examples/eeprom/decode-dimms.pl
2728 Make sure your device is supported by Linux and running.
2729 See http://www.linuxtv.org/ for more details.
2731 If the DVB device works on your system (see 'hwinfo --usb'
2732 when using a DVB usb device for example), then make sure you
2733 have the scan util from dvb-utils available:
2735 # aptitude install dvb-utils
2737 Then create a channels.conf configuration file:
2739 % scan /usr/share/doc/dvb-utils/examples/scan/... > ~/.mplayer/channels.conf
2741 You can find some example configuration files on
2742 your grml system in ~/.channels. Usage example:
2744 % ln -s ~/.mplayer/channels.conf-AT-graz ~/.mplayer/channels.conf
2746 Tip: w_scan (see http://free.pages.at/wirbel4vdr/w_scan/index2.html)
2747 might be useful if you do not know the initial configuration
2750 Get the lastest mercurial snapshot:
2752 Make sure you have the python-dev package available:
2753 # apt-get update ; apt-get install python-dev
2755 Get and build the source:
2756 % hg clone http://selenic.com/repo/hg mercurial
2759 % export PYTHONPATH=$(pwd)
2760 % export PATH=$PATH:$(pwd)
2762 now you should have the newest version of mercurial whenever you execute hg.
2764 To update to the lastest development snapshot, additionally use
2765 the following commands:
2766 % hg pull -u http://hg.intevation.org/mercurial/crew
2772 Available bootoptions relevant in live-cd mode:
2773 -----------------------------------------------
2775 * utc: set UTC, if your system clock is set to UTC (GMT)
2776 * gmt: set UTC, if your system clock is set to UTC (GMT) [like bootoption utc]
2777 * tz=$option: set timezone to corresponding $option, usage example:
2780 Configuration options relevant on harddisk installation:
2781 --------------------------------------------------------
2783 * Use the tzconfig utility to set the local timezone:
2787 which adjusts /etc/timezone and /etc/localtime according
2788 to the provided information. Running:
2790 # dpkg-reconfigure tzdata
2792 might be useful as well.
2794 * /etc/default/rcS: set variable UTC according to your needs,
2795 whether your system clock is set to UTC (UTC='yes') or
2798 * /etc/localtime: adjust zoneinfo according to your needs:
2800 # ln -sf /usr/share/zoneinfo/$WHATEVER_YOU_WANT /etc/localtime
2802 The zoneinfo directory contains the time zone files that were
2803 compiled by zic. The files contain information such as rules
2804 about DST. They allow the kernel to convert UTC UNIX time into
2805 appropriate local dates and times. Use the zdump utility to
2806 print current time and date (in the specified time zone).
2808 * /etc/adjtime: This file is used e.g. by the adjtimex function,
2809 which can smoothly adjust system time while the system runs
2811 * If you change the time (using 'date --set ...', ntpdate,...)
2812 it is worth setting also the hardware clock to the correct time:
2814 # hwclock --systohc [--utc]
2816 Remember to add the --utc -option if the hardware clock is set
2822 Check your current settings via:
2825 zdump /etc/localtime
2828 grep hwclock /etc/runlevel.conf
2829 grep '^UTC' /etc/default/rc
2831 Further information:
2832 --------------------
2834 hwclock(8) tzselect(1) tzconfig(8)
2835 http://www.debian.org/doc/manuals/system-administrator/ch-sysadmin-time.html
2836 http://wiki.debian.org/TimeZoneChanges
2838 Tags: timezone, rtc, configuration
2840 Recorder shellscript session using script:
2842 % script -t 2>~/upgrade.time -a ~/upgrade.script
2843 % scriptreplay ~/upgrade.time ~/upgrade.script
2845 Test UTF-8 capabilities of terminal:
2847 wget http://www.linux-cjk.net/Console/garabik/UTF-8-demo.txt.gz
2848 zcat UTF-8-demo.txt.gz
2852 wget http://www.cl.cam.ac.uk/~mgk25/ucs/examples/UTF-8-test.txt
2855 UTF-8 at grml / some general information regarding Unicde/UTF-8:
2857 http://wiki.grml.org/doku.php?id=utf8
2860 This allows one ssh connection attepmt per minute per source ip, with a initial
2861 burst of 10. The available burst is like a counter which is initialised with
2862 10. Every connection attempt decrements the counter, and every minute where the
2863 connection limit of one per minute is not overstepped the counter is
2864 incremented by one. If the burst counter is exhausted the real rate limit
2865 comes into play. This gives you 11 connectionattepmts in the first minute
2866 before blocked for 10minutes. After 10 minutes block the game restarts.
2868 Hint: you could set the burst value to 5 and the block time to only 5 minutes
2869 to achive the same average connection rate but with halve the block time.
2871 iptables -A inet_in -p tcp --syn --dport 22 -m hashlimit --hashlimit-name ssh \
2872 --hashlimit 1/minute \ --hashlimit-burst 10 --hashlimit-mode srcip \
2873 --hashlimit-htable-expire 600000 -j ACCEPT
2874 iptables -A inet_in -p tcp --dport 22 -m state --state NEW -j REJECT
2876 Tunnel a specific connection via socat:
2879 % socat TCP4-LISTEN:8003 TCP4:gateway:500
2882 # socat TCP4-LISTEN:500,fork TCP4:target:$PORT
2884 Using localhost:8003 on the client uses the tunnel now.
2888 # date --set=060916102007
2890 where the bits are month(2)/day(2)/hour(2)/minute(2)/year(4)
2892 Set date using a relative date:
2898 # date -s '+tomorrow'
2900 Display a specific relative date:
2902 # date -d '+5 days -2 hours'
2904 Don't forget to set hardware clock via:
2908 Booting grml via network / PXE:
2910 Start grml-terminalserver on a system with network access
2911 and where grml is running:
2913 # grml-terminalserver
2915 Then booting your client(s) via PXE should work without
2918 See: man grml-terminalserver + http://grml.org/terminalserver/
2920 Tags: howto, pxe, network, boot
2922 Debugging SSL communications:
2924 % openssl s_client -connect server.adress:993 > output_file
2925 % openssl x509 -noout -text -in output_file
2929 # ssldump -a -A -H -i eth0
2931 See http://prefetch.net/articles/debuggingssl.html for more details.
2933 Tags: debug, ssl, openssl
2935 Remove bootmanager from MBR:
2937 # lilo -M /dev/hda -s /dev/null
2941 Rewrite grub to MBR:
2944 # grub-install --recheck --no-floppy --root-directory=/mnt/sda1 /dev/sda
2948 Rewrite lilo to MBR:
2955 Create screenshot of plain/real console - tty1:
2957 # fbgrab -c 1 screeni.png
2959 Create screenshot when running X:
2963 Tip: use the gkrellshoot plugin when using gkrellm
2965 Tags: screenshot, xorg
2967 Redirect all connections to hostA:portA to hostB:portB, where hostA and hostB are
2970 Run the following commands on hostA:
2972 echo 1 > /proc/sys/net/ipv4/ip_forward
2973 iptables -t nat -A PREROUTING -p tcp --dport portA -j DNAT --to hostB:portB
2974 iptables -A FORWARD -i eth0 -o eth0 -d hostB -p tcp --dport portB -j ACCEPT
2975 iptables -A FORWARD -i eth0 -o eth0 -s hostB -p tcp --sport portB -j ACCEPT
2976 iptables -t nat -A POSTROUTING -p tcp -d hostB --dport portB -j SNAT --to-source hostA
2978 Tags: howto, network, redirect, port
2980 Flash BIOS without DOS/Windows:
2982 Dump flash info and set the flash chip to writable:
2985 Backup the original BIOS:
2986 # flashrom -r backup.bin
2988 Notice: the following step will overwrite your current BIOS!
2989 So make sure you really know what you are doing.
2991 Flash the BIOS image:
2992 # flashrom -wv newbios.bin
2994 Also check out LinuxBIOS: http://linuxbios.org/
2996 Enable shadow passwords:
3000 Set up an IPv6 tunnel on grml:
3004 Set up console newsreader slrn for use with Usenet:
3008 Calculate with IPv6 addresses:
3012 For usage examples refer to manpage ipv6calc(8).
3016 Common network debugging tools for use with IPv6:
3027 Set up NFS (Network File System):
3031 Make sure the relevant services are running on the server side:
3033 # /etc/init.d/portmap start
3034 # /etc/init.d/nfs-common start
3035 # /etc/init.d/nfs-kernel-server start
3037 Export shares via /etc/exports:
3039 /backups 192.168.1.100/24(rw,wdelay,no_root_squash,async,subtree_check)
3041 ... or manually export a directory running:
3043 # exportfs -o rw,wdelay,no_root_squash,async,subtree_check 192.168.1.100:/backups
3045 and unexport a share running:
3047 # exportfs -u 192.168.1.100:/backups
3049 and every time when you modify /etc/exports file run
3053 Display what NFS components are running:
3057 Display list of exported shares:
3065 Make sure the relevant services are running on the client side:
3067 # /etc/init.d/portmap start
3068 # /etc/init.d/nfs-common start
3070 Verify that the server allows you to access its RPC/NFS services:
3072 # rpcinfo -p server_name
3074 Check what directories the server exports:
3076 # showmount -e server_name
3078 On the client side you can use something like the following in /etc/fstab:
3080 192.168.1.101:/backups /mnt/nfs nfs defaults,users,wsize=8192,rsize=8192 0 0
3082 Tags: nfs, howto, network
3086 # aptitude install cloop-src
3089 # modprobe cloop file=/path/to/cloop/file
3090 # mount -r -t iso9660 /dev/cloop /mnt/test
3092 Create a PS/PDF of a plaintext file:
3094 % a2ps --medium A4dj -E -o output.ps input_file
3097 Print two pages on one in a PDF file:
3099 % pdfnup --nup 2x1 input.pdf
3101 Concatenate, extract pages/parts, encrypt/decrypt,
3102 compress PDFs using 'pdftk'.
3104 Read a PS/PDF file on console:
3108 or on plain framebuffer console in graphical mode:
3110 % pdf2ps file.pdf ; ps2png file.ps file.png ; fbi file.png
3116 Bypass the password of a PDF file:
3118 % gs -q -dNOPAUSE -sDEVICE=pdfwrite -sOutputFile=output.pdf input.pdf -c quit
3124 This will record a AIFF audio file.
3126 Change passphrase / password of an existing SSH key:
3130 Enable syntax highlighting in nano:
3132 Just uncomment the include directives for your respective
3133 language at the bottom of the file /etc/nanorc
3135 Create netboot package for grml-terminalserver:
3137 # bash /usr/share/doc/grml-terminalserver/examples/create-netboot
3139 To boot grml via network (PXE) check out grml-terminalserver:
3141 # grml-terminalserver
3143 See http://grml.org/terminalserver/ for more details.
3147 Using the 'Orientation' tag of the Exif header, rotate
3148 the image so that it is upright:
3149 % jhead -autorot *.jpg
3151 Manually rotate a picture:
3152 % convert -rotate 270 input.jpg output.jpg
3154 Rename files based on the information inside their exif header:
3156 % jhead -n%Y-%m-%d_%Hh%M_%f *.jpg
3158 This will rename a file named img_2071.jpg to something like:
3160 2007-08-17_10h38_img_2071.jpg
3162 if it was shot at 10:38 o'clock on 2007-08-17 (according to
3163 the information inside the exif header).
3165 Calculate network / netmask:
3168 % ipcalc 10.0.0.28 255.255.255.0
3169 % ipcalc 10.0.0.0/24
3171 Blacklist a kernel module:
3173 # blacklist <name_of_kernel_module>
3175 -> running 'blacklist hostap_cs' for example will generate an
3176 entry like this in /etc/modprobe.d/grml:
3181 To remove the module from the blacklist again just invoke:
3183 # unblacklist <name_of_kernel_module>
3185 or manually remove the entry from /etc/modprobe.d/grml.
3187 Create a Debian package of a perl module:
3189 % dh-make-perl --cpan Acme::Smirch --build
3191 The Magic SysRq Keys (SysReq or Sys Req, short for System Request):
3193 To reboot your system using the SysRq keys just hold down the Alt and
3194 SysRq (Print Screen) key while pressing the keys REISUB ("Raising
3195 Elephants Is So Utterly Boring").
3197 R = take the keyboard out of raw mode
3198 E = terminates all processes (except init)
3199 I = kills all processes (except init)
3200 S = synchronizes the disk(s)
3201 U = remounts all filesystems read-only
3202 B = reboot the system
3204 Notice: use O instead of B for poweroff.
3206 Or write the sequence to /proc/sysrq-trigger instead:
3208 # for i in r e i s u b ; do echo $i > /proc/sysrq-trigger ; done
3210 To enable or disable SysRq calls:
3212 # echo 0 > /proc/sys/kernel/sysrq
3213 # echo 1 > /proc/sys/kernel/sysrq
3215 See http://en.wikipedia.org/wiki/Magic_SysRq_key for more details.
3217 Tags: reboot, documentation, sysrq, magic
3221 Just boot your grml Live-CD with "memtest" to execute a memcheck/memtest
3224 Tunnel TCP-Traffic through DNS using dns2tcp:
3228 1. Create necessary DNS-Records:
3229 dnstun.example.com. 3600 IN NS host.example.com.
3230 dnstun.example.com. 3600 IN A 192.168.1.1
3231 host.example.com. 3600 IN A 192.168.1.1
3233 2. Configure dns2tcpd on host.example.com.:
3234 # cat /etc/dns2tcpd.conf
3235 listen = 192.168.1.1 #the ip dns2tcpd should listen on
3236 port = 53 #" port " " " "
3239 domain = dnstun.example.com. # the zone as specified inside dns
3240 ressources = ssh:127.0.0.1:22 # available resources
3242 3. Start the daemon:
3243 # cat > /etc/default/dns2tcp << EOF
3244 # Set ENABLED to 1 if you want the init script to start dns2tcpd.
3248 # /etc/init.d/dns2tcp start
3252 You have two possibilities:
3253 - Use the DNS inside your network (DNS must allow resolving for external domains)
3254 # grep nameserver /etc/resolv.conf
3255 nameserver 172.16.42.1
3256 # dns2tcpc -z dnstun.example.com 172.16.42.1
3257 Available connection(s) :
3259 # dns2tcpc -r ssh -l 2222 -z dnstun.example.com 172.16.42.1 &
3260 Listening on port : 2222
3261 # ssh localhost -p 2222
3262 user@host.example.com:~#
3264 - Directly contact the endpoint (port 53 UDP must be allowed outgoing)
3265 # dns2tcpc -z dnstun.example.com dnstun.example.com
3266 Available connection(s) :
3268 # dns2tcpc -r ssh -l 2222 -z dnstun.example.com dnstun.example.com &
3269 Listenning on port : 2222
3270 # ssh localhost -p 2222
3271 user@host.example.com:~#
3273 Notice: using 'ssh -D 8080 ..' you will get a socks5-proxy listening on
3274 localhost:8080 which you can use to tunnel everything through your "dns-uplink".
3276 Tags: howto, network, tunnel
3278 Configure a MadWifi device for adhoc mode:
3280 Disable the autocreation of athX devices:
3281 # echo "options ath_pci autocreate=none" > /etc/modprobe.d/madwifi
3283 Remove the autocreated device for now:
3284 # wlanconfig ath0 destroy
3286 Configuration in /etc/network/interfaces:
3288 iface ath0 inet static
3294 - Do not use interface names without ending 0 (otherwise startup fails).
3295 - Only chooss unique names for interfaces.
3297 Find dangling symlinks using zsh:
3301 Use approx with runit supervision
3302 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3304 Install the packages:
3305 # apt-get install approx runit
3307 Add user approxlog for the logging daemon:
3308 # adduser --system --home /nonexistent --no-create-home approxlog
3310 Create config directory:
3311 # mkdir /etc/sv/approx
3313 Use /var/run/sv.approx as supervise directory:
3314 # ln -s /var/run/sv.approx /etc/sv/approx/supervise
3316 # cat > /etc/sv/approx/run << EOF
3318 echo 'approx starting'
3322 You normally do not need a logging service for approx because it logs
3323 to syslog too. So just for completion:
3324 # mkdir -p /etc/sv/approx/log
3325 # ln -s /var/run/sv.approx.log /etc/sv/approx/log/supervise
3326 # cat > /etc/sv/approx/log/run << EOF
3329 LOG="/var/log/approx"
3330 test -d "$LOG" || mkdir -p -m2750 "$LOG" && chown approxlog:adm "$LOG"
3331 exec chpst -uapproxlog svlogd -tt -v "$LOG"
3334 Now activate the new approx service (will be started within 5s):
3335 # ln -s /etc/sv/approx/ /var/service/
3337 Make approx managed via runit available via init-script interface:
3338 # dpkg-divert --local --rename /etc/init.d/approx
3339 # ln -s /usr/bin/sv /etc/init.d/approx
3341 Remote-reboot a grml system using SysRQ via /proc (execute as root):
3346 echo b > /proc/sysrq-trigger
3348 Tags: reboot, howto, grml, network
3350 Show what happens on /dev/sda0:
3352 # mount the debugfs to relay kernel info to userspace
3353 mount -t debugfs none /sys/kernel/debug
3355 # is a convenient wrapper arround blktrace and blkparse
3358 Tags: debug, block, partition, trace
3360 Convert Flash to Avi:
3362 % ffmpeg -i input.flv output.avi
3364 Extract MP3 from Flash file:
3366 % for i in *.flv; do ffmpeg -i $i -acodec copy ${i%.flv}.mp3 ; done
3368 Usage example for cryptsetup / -luks encrypted partition on LVM:
3370 volume group name: x61
3371 logical volume name: home
3373 echo "grml-crypt_home /dev/mapper/x61-home none luks" >> /etc/crypttab
3375 mount /dev/mapper/grml-crypt_home /mnt/test
3377 fdisk/parted/... complains with something like
3378 'unable to open /dev/sda - unrecognised disk label'?!
3380 See http://grml.org/faq/#fdisk =>
3382 * use /sbin/fdisk.distrib from util-linux
3383 * switch to sfdisk, cfdisk,...
3384 * use parted's mklabel command (but please read the
3385 parted manual before executing this command)
3387 dmraid - support for SW-RAID / FakeRAID controllers
3388 like Highpoint HPT and Promise FastTrack
3390 Activate all software RAID sets discovered:
3393 Deactivates all active software RAID sets:
3396 Discover all software RAID devices supported on the system:
3399 Extract winmail.dat:
3404 Extract files to current directory:
3405 % ytnef -f . winmail.dat
3407 Approx - Debian package proxy/cacher howto
3409 % apt-get install approx
3410 % echo 'debian http://ftp.de.debian.org/debian' >>/etc/approx/approx.conf
3413 Add your new approx to sources.list
3416 deb http://localhost:9999/debian unstable main contrib non-free
3418 use approx in grml-debootstrap like:
3419 % grml-debootstrap -r lenny -t /dev/sda1 -m http://127.0.0.1:9999/debian
3421 Simple webserver with python:
3423 % python -m SimpleHTTPServer
3425 Upgrade only packages from the grml-stable Debian repository:
3427 echo 'deb http://deb.grml.org/ grml-stable main' > /etc/apt/grml-stable.list
3428 apt-get -o Dir::Etc::sourcelist=/etc/apt/grml-stable.list -o Dir::Etc::sourceparts=/doesnotexist update
3431 Install Centos into a directory:
3433 % febootstrap centos-5 directory http://mirror.centos.org/centos-5/5.3/os/i386/
3435 Install Fedora into a directory:
3437 % febootstrap fedora-11 target_directory
3439 Use Nessus / OpenVAS (remote network security auditor):
3441 Install software packages:
3443 # apt-get install openvas-client openvas-server openvas-plugins-base openvas-plugins-dfsg
3448 Start openvas server (takes a while):
3449 # Start openvas-server
3451 Invoke client as user:
3454 Find packages not available from any active apt repository:
3456 % apt-show-versions | awk '/No available version in archive/{print $1}'
3458 Simple mailserver with python:
3460 % python -m smtpd -n -c DebuggingServer localhost:1025
3464 echo $USER | nc $HOST 79
3466 Install Archlinux using Grml:
3468 https://wiki.archlinux.org/index.php/Install_from_Existing_Linux
3470 wget http://tokland.googlecode.com/svn/trunk/archlinux/arch-bootstrap.sh