1 Install grml to harddisk:
5 Notice: You can pre-select the partition for the partition selector
6 and mbr dialogs inside grml2hd using:
7 # grml2hd /dev/hda1 -mbr /dev/hda
9 See: man grml2hd + http://grml.org/grml2hd/
11 Tags: grml2hd, installation
13 Install grml on software RAID level 1:
15 Create /dev/md0 (and some more /dev/md* devices) first of all:
16 # cd /dev && MAKEDEV dev
19 # mdadm --create --verbose /dev/md0 --level=raid1 \
20 --raid-devices=2 /dev/hda1 /dev/hdc1
22 Finally install grml on it:
23 # SWRAID='mbr-only' grml2hd /dev/md0 -mbr /dev/md0
25 See: man grml2hd + http://grml.org/grml2hd/
27 Tags: grml2hd, installation, mdadm, raid
29 Install grml in non interactive mode with grml2hd:
31 Adjust configuration as needed:
32 # vim /etc/grml2hd/config
36 # GRML2HD_NONINTERACTIVE=yes grml2hd
42 Use with care and only if you really know what you are doing!
44 See: man grml2hd + http://grml.org/grml2hd/
46 Tags: grml2hd, installation
52 Tags: configuration, network
54 Deactivate error correction of zsh:
58 Run zsh-help for more information regarding zsh.
60 Tags: zsh, configuration
62 Disable automatic setting of title in GNU screen:
66 Set it manually e.g. via:
68 % screen -X title foobar
70 Run zsh-help for more information regarding zsh.
72 Tags: zsh, configuration
74 Do not use menu completion in zsh:
78 Run zsh-help for more information regarding zsh.
80 Tags: zsh, configuration
82 Run GNU screen with grml-configuration:
88 % screen -c /etc/grml/screenrc
90 Tags: screen, configuration
92 Print out grml-version:
104 Configure mutt-ng / muttng:
110 Set up Inode-PPTP connection:
114 # grml-pptp-xdsl-students
116 Tags: pptp, inode, xdsl
118 Set up VPN / WLAN connection at TUG (TU Graz):
120 Set ESSID and request for ip-address via DHCP:
121 # iwconfig $DEVICE essid tug
124 Now run the main script:
127 After running the script an init script is available:
129 # /etc/init.d/vpnctug [start|stop]
133 Set up PPTP connection at VCG (Virtual Campus Graz):
145 # grml-vpn -k 2005 add 1000 192.168.20.1 192.168.20.2
149 Tags: grml, vpn, network
151 Use encrypted files / partitions:
153 # grml-crypt <options>
159 # grml-crypt format /mnt/external1/encrypted_file /mnt/test
160 # cp big_file /mnt/test
161 # grml-crypt stop /mnt/test
165 # grml-crypt start /mnt/external1/encrypted_file /mnt/test
166 # grml-crypt stop /mnt/test
170 Tags: crypto, grml-crypt, dmcrypt, luks
172 Change resolution of X:
174 % xrandr -s '1024x768'
176 Tags: x11, xorg, resolution
178 Change resolution of framebuffer:
184 Configure newsreader slrn:
190 Configure grml system:
194 Or directly run scripts:
199 Tags: grml, configuration
201 Lock screen (X / console):
205 Press ctrl-alt-x to lock a GNU screen session.
207 Tags: grml, lock, grml-lock, screen
209 Change wallpaper in X:
211 % grml-wallpaper <press-tab>
213 Tags: grml, wallpaper
215 Start X window system (XFree86 / Xorg / X.org):
217 % grml-x $WINDOWMANAGER
222 % grml-x -mode '1024x768' wmii
223 % grml-x -nosync wm-ng
225 Tags: grml-x, x11, xorg, graphic
227 Collect hardware information:
231 or run as root to collect some more information:
235 will generate a file named info.tar.bz2.
237 Tags: grml, hardware, hwinfo, collect
239 Configure hardware detection features of harddisk installation:
243 or manually edit /etc/grml/autoconfig[.small]
245 See: man grml-autoconfig
247 Tags: grml, installation, configuration
249 Bootoptions / cheatcodes / bootparams for booting grml:
251 On the grml-ISO if not running grml:
252 % less /cdrom/GRML/grml-cheatcodes.txt
255 % most /usr/share/doc/grml-docs/grml-cheatcodes.txt.gz
257 Tags: grml, cheatcodes, boot, bootoptions, bootparam
259 Report bugs to Debian's Bug Tracking System (BTS):
261 % reportbug --bts debian
263 or adjust /etc/reportbug.conf to your needs.
267 http://grml.org/bugs/
268 http://www.debian.org/Bugs/
270 Tags: bug, reportbug, bts, debian
272 Offline documentation:
276 Online documentation:
279 http://grml.org/docs/
280 http://wiki.grml.org/doku.php
282 Tags: info, grml, grml-info, documentation
284 Mount NTFS partition (read-write):
286 # mount.ntfs-3g /dev/sda1 /mnt/sda1
290 Overwrite specific file on an NTFS partition:
292 ntfscp /dev/hda1 /tmp/file_source path/to/file_target
294 Resize an NTFS partition:
300 ntfsresize -n -s 10G /dev/hda1 # testcase
301 ntfsresize -s 10G /dev/hda1 # testing was successfull, now really resize partition
302 cfdisk /dev/hda # delete partition hda1, create new one with 10000MB and fs-type 07 (NTFS)
304 Tags: ntfs, resize, ntfsresize
306 Modify resolution for intel graphic chipsets:
312 # 915resolution 4d 1400 1050
314 Connect bluetooth mouse:
318 ... and press 'connect' button on your bluetooth device.
320 Connect bluetooth headset:
324 ... and press 'connect' button on your bluetooth device.
326 Secure delete file / directory / partition:
332 Also take a look at shred(1), sfill(1) and http://dban.sourceforge.net/
334 Tags: delete, secure, wipe, shred
336 Use grml on Samsung X20 laptop:
338 # apt-get install grml-samsung-x20
340 See: http://www.michael-prokop.at/computer/samsung_x20.html
342 Development information regarding grml:
344 http://blog.grml.org/
346 Tags: blog, grml, developmnet
350 #grml on irc.freenode.org - http://grml.org/irc/
351 http://grml.org/contact/
353 Tags: contact, irc, freenode, email
355 Join the grml mailinglist:
357 http://grml.org/mailinglist/
359 Tags: grml, mailinglist
363 http://grml.org/donations/
367 Commercial support / system administration / adjusted live-cds:
369 grml-solutions: http://grml.org/solutions/
371 Tags: grml, commercial, customize
373 Information regarding the kernel provided by grml:
375 http://grml.org/kernel/
377 Tags: documentation, grml, kernel
379 SMTP command-line test tool:
385 % swaks -s $MAILSERVER -tlsc -a -au $ACCOUNT -ap $PASSWORD -f $MAILADRESSE -t $MAILADRESSE
389 Tags: swak, smtp, test
391 NTFS related packages:
399 Modify service through init script:
406 # /etc/init.d/lvm start
408 Tags: init, script, start, stop
412 # jstest /dev/input/js0
416 % mplayer /path/to/movie
420 Use webcam with mplayer:
422 % mplayer tv:// -tv driver=v4l:width=352:height=288:outfmt=yv12:device=/dev/video0
424 Tags: webcam, mplayer
426 Powerful network discovery tool:
430 Tags: network, python, tool
432 Grab an entire CD and compress it to Ogg/Vorbis,
433 MP3, FLAC, Ogg/Speex and/or MPP/MP+(Musepack) format:
437 Tags: rip, abcde, mp3, transcode, audio
439 Show a console session in several terminals:
443 Switch behaviour of caps lock key:
447 grep with Perl-compatible regular expressions:
451 ncp: a fast file copy tool for LANs
456 Remote (receive file):
459 Tags: copy, file, network
461 utility for sorting records in complex ways:
465 a smaller, cheaper, faster SED implementation:
473 See: http://grml.org/zsh/
475 zsh reference card for grml system:
478 /usr/share/doc/grml-docs/zsh/grml-zsh-refcard.pdf.gz
482 % for i in foo* ; do mv "$i" "bar${i/foo}" ; done
484 % prename 's/foo/bar/' foo*
486 % zmv 'foo(*)' 'bar$1'
488 Test TFT / LCD display:
496 Improved grep version:
500 Grep with highlighting:
502 % grep --color=auto ...
505 Tags: grep, color, highlight
507 Extract matches when grepping:
510 % ifconfig | grepc 'inet addr:(.*?)\s'
511 % ifconfig | glark --extract-matches 'inet addr:(.*?)\s'
513 Output text as sound:
516 % xsay # when running X and text selected via mouse
518 Adjust a grml harddisk (grml2hd) installation:
522 Tags: grml2hd, configuration, installation
524 Get information on movie files:
526 % tcprobe -i file.avi
528 Get an overview of your image files:
530 % convert 'vid:*.jpg' thumbnails.jpg
532 List all standard defines:
534 % gcc -dM -E - < /dev/null
536 Send a mail as reminder:
538 echo "mail -s 'check TODO-list' $MAILADDRESS < /dev/null" | at 23:42
540 ncurses-based presentation tool:
544 See: man tpp and /usr/share/doc/tpp/examples/
546 Use ICQ / Jabber / Yahoo! / AIM / MSN /... on command line:
550 Use IRC on command line:
556 % vimdiff file1 file2
562 Moving between diffs:
572 Hardware monitoring without kernel dependencies:
576 Install grml-iso to usb-stick:
578 % grml2usb grml.iso /mount/point
580 Tags: usbpen, usbstick, installation, grml2usb
582 Use mplayer on framebuffer console:
584 % mplayer -vo fbdev ...
586 Use links2 on framebuffer console:
588 % links2 -driver fb ...
590 Switch language / keyboard:
592 * use the bootparam lang to set language environment ($LANG, $LC_ALL, $LANGUAGE)
593 * use the bootparams keyboard / xkeyboard to activate specific keyboard layout
594 Usage example: 'grml lang=us keyboard=de xkeyboard=de'
596 Or run one of the following commands:
600 # loadkeys i386/qwertz/de-latin1-nodeadkeys.kmap.gz # console
603 Tags: language, keyboard, configuration
605 Switch setting of caps-control key (switch between ctrl + shift) on keyboard:
609 Mount usb device / usb stick:
611 % mount /mnt/external1 # corresponds to /dev/sda1
613 % mount /mnt/external # corresponds to /dev/sda
615 Install Sun Java packages:
617 Download j2re.bin-file from http://java.sun.com/downloads/index.html and run
619 # apt-get install java-package
620 # fakeroot make-jpkg j2re-*.bin
621 # dpkg -i sun-j2re*.deb
622 # update-alternatives --config java
626 ddrescue is an improved version of dd which tries to read and
627 if it fails it will go on with the next sectors, where tools
634 How to make an audio file (e.g. Musepack format) out of a DVD track:
636 % mkfifo /tmp/fifo.wav
637 % mppenc /tmp/fifo.wav track06.mpc &
638 % mplayer -vo null -vc null -ao pcm:fast:file=/tmp/fifo.wav -dvd-device /dev/dvd dvd://1 -chapter 6-6
640 Adjust the mppenc line with the encoder you would like to use,
641 for example 'oggenc -o track06.ogg /tmp/fifo.wav' for ogg files.
645 % mplayer -vo null -dumpaudio -dumpfile track06.raw -aid N -dvd-device /dev/dvd dvd://1 -chapter 6-6
646 to extract audio without processing, where 'N' is the corresponding audio channel (see 'man mplayer')
648 Usage example for getting a PCM/wave file from audio channel 128:
649 % mplayer -vo null -vc null -ao pcm:fast:file=track06.wav -aid 128 -dvd-device /dev/dvd dvd://6
651 Create simple chroot:
653 # make_chroot_jail $USERNAME
655 Convert DOS formated file to unix format:
657 sed 's/.$//' dosfile > unixfile # assumes that all lines end with CR/LF
658 sed 's/^M$//' dosfile > unixfile # in bash/tcsh, press Ctrl-V then Ctrl-M
659 sed 's/\x0D$//' dosfile > unixfile # gsed 3.02.80, but top script is easier
660 awk '{sub(/\r$/,"");print}' # assumes EACH line ends with Ctrl-M
661 gawk -v BINMODE="w" '1' infile >outfile # in DOS environment; cannot be done with
662 # DOS versions of awk, other than gawk
663 tr -d \r < dosfile > unixfile # GNU tr version 1.22 or higher
664 tr -d '\015' < dosfile > unixfile # use octal value for "\r" (see man ascii)
665 tr -d '[\015\032]' < dosfile > unixfile # sometimes ^Z is appended to DOS-files
666 vim -c ":set ff=unix" -c ":wq" file # convert using vim
667 vim -c "se ff=dos|x" file # ... and even shorter ;)
668 recode ibmpc..lat1 file # convert using recode
669 echo -e "s/\r//g" > dos2unix.sed; sed -f dos2unix.sed < dosfile > unixfile
671 Tags: windows, line, convert, recode, tr, line end,
673 Save live audio stream to file:
675 % mplayer -ao pcm:file=$FILE $URL
677 Save live stream to file:
679 % mplayer -dumpfile $FILE -dumpstream $STREAM
683 % mencoder mms://$URL -o $FILE -ovc copy -oac copy
687 % mimms mms://file.wmv
693 % avimerge -i *.avi -o blub.avi
697 % cat *.mpg > blub.mpg
701 % mencoder file1.wmv -ovc lavc -oac lavc -ofps 25 -srate 48000 -mc 0 -noskip -forceidx -o file1.avi
702 % mencoder file2.wmv -ovc lavc -oac lavc -ofps 25 -srate 48000 -mc 0 -noskip -forceidx -o file2.avi
703 % avimerge -i file1.avi file2.avi -o blub.avi
705 Display MS-Word file:
707 % strings file.doc | fmt | less
713 Convert MS-Word file to postscript:
715 % antiword -p a4 file.doc > file.ps
717 Convert manual to postscript:
719 % zcat /usr/share/man/man1/zsh.1.gz | groff -man > zsh.1.ps
721 % man -t zsh > zsh.ps
725 % dd if=/dev/mem bs=1k skip=768 count=256 2>/dev/null | strings -n 8
727 Read HTTP via netcat:
729 echo -e "GET / HTTP/1.1\r\nHost: $DOMAIN\r\n\r\n" | netcat $DOMAIN 80
731 Get X ressources for specific program:
733 % xrdb -q |grep -i xterm
735 Get windowid of specific X-window:
737 % xwininfo -int | grep "Window id:" | cut -d ' ' -f 4
739 Get titel of specific X-window:
743 check locale - LC_MESSAGES:
745 % locale -ck LC_MESSAGES
747 Create random password:
751 % dd if=/dev/urandom bs=14 count=1 | hexdump | cut -c 9-
753 Get tarballs of various Linux Kernel trees:
756 to get the current stable 2.6 release
759 to get a list of all supported trees
761 Transfer your SSH public key to another host:
763 % ssh-keygen # ssh-keygen / ssh-key-gen: if you don't have a key yet
765 % ssh-copy-id -i ~/.ssh/id_rsa.pub user@remote-system
767 % cat $HOME/.ssh/id_rsa.pub | ssh user@remote-system 'cat >> .ssh/authorized_keys'
769 Tags: ssh, ssh key, public key, ssh-copy-id, ssh-keygen
771 Update /etc/fstab entries:
775 See "man grml-rebuildfstab" for more details about
776 generation of /etc/fstab (including stuff like
777 fs LABELs / UUIDs,...).
779 Fetch and potentially change SCSI device parameters:
785 reclaim disk space by linking identical files together:
789 Find and remove duplicate files:
793 Perform layer 2 attacks:
797 Tags: network, attack, security
801 Guess PC-type hard disk partitions / partition table:
805 Perform a standard scan:
808 Write back the guessed table:
809 # gpart -W /dev/ice /dev/ice
811 Tags: partition, recovery, disk
813 Develop, test and use exploit code with the Metasploit Framework:
816 wget http://spool.metasploit.com/releases/framework-3.2.tar.gz
817 unp framework-3.2.tar.gz
821 Useful documentation:
823 % w3m /usr/share/doc/Debian/reference/reference.en.html
825 % xpdf =(zcat /usr/share/doc/Debian/reference/reference.en.pdf.gz)
827 http://grml.org/docs/ grml Documentation
828 http://wiki.grml.org/ grml Wiki
829 http://www.debian.org/doc/ Debian Documentation
830 http://wiki.debian.org/ Debian Wiki
831 http://www.gentoo.org/doc/en/ Gentoo Documentation
832 http://gentoo-wiki.com/ Gentoo Wiki
833 http://www.tldp.org/ The Linux Documentation Project
837 % fortune debian-hints
843 % fortune debian-hints
844 % dpkg -L funny-manpages
846 Backup master boot record (MBR):
848 # dd if=/dev/ice of=/tmp/backup_of_mbr bs=512 count=1
852 Backup partition table:
854 # sfdisk -d /dev/hda > hda.out
856 Restore partition table:
858 # sfdisk /dev/hda < hda.out
860 Tags: backup, partition, sfdisk, recovery
862 Clone disk via network using netcat:
865 # nc -vlp 30000 > hda1.img
867 # dd if=/dev/hda1 | nc -vq 0 192.168.1.2 30000
869 Adjust blocksize (dd's option bs=...) and include 'gzip -c'
872 # dd if=/dev/hda1 bs=32M | gzip -c | nc -vq 0 192.168.1.2 30000
874 Tags: network, backup, dd, netcat
876 Backup specific directories via cpio and ssh:
878 # for f in directory_list; do find $f >> backup.list done
879 # cpio -v -o --format=newc < backup.list | ssh user@host "cat > backup_device"
885 This one uses CPU cycles on the remote server to compare the files:
886 # ssh target_address cat remotefile | diff - localfile
887 # cat localfile | ssh target_address diff - remotefile
889 This one uses CPU cycles on the local server to compare the files:
890 # ssh target_address cat <localfile "|" diff - remotefile
892 Tags: network, backup, ssh
894 Useful tools for cloning / backups:
896 * dd: convert and copy a file
897 * dd_rescue: copies data from one file (or block device) to another
898 * pcopy: a replacement for dd
899 * partimage: back up and restore disk partitions
900 * dirvish: Disk based virtual image network backup system
901 * devclone: in-place filesystem conversion -- device cloning
902 * ntfsclone: efficiently clone, image, restore or rescue an NTFS
903 * dump: ext2/3 filesystem backup
904 * udpcast: multicast file transfer tool
905 * cpio: copy files to and from archives
906 * pax: read and write file archives and copy directory hierarchies
907 * netcat / ssh / tar / gzip / bzip2: additional helper tools
909 Tags: network, backup, ssh, udp, rescue, recovery
911 Use grml as a rescue system:
915 * dd: convert and copy a file
916 * ddrescue: copies data from one file or block device to another
917 * partimage: Linux/UNIX utility to save partitions in a compressed image file
918 * cfdisk: Partition a hard drive
919 * nparted: Newt and GNU Parted based disk partition table manipulator
920 * parted-bf: The GNU Parted disk partition resizing program, small version
921 * testdisk: Partition scanner and disk recovery tool
922 * gpart: Guess PC disk partition table, find lost partitions
926 * e2fsprogs: ext2 file system utilities and libraries
927 * e2tools: utilities for manipulating files in an ext2/ext3 filesystem
928 * e2undel: Undelete utility for the ext2 file system
929 * ext2resize: an ext2 filesystem resizer
930 * recover: Undelete files on ext2 partitions
934 * reiser4progs: administration utilities for the Reiser4 filesystem
935 * reiserfsprogs: User-level tools for ReiserFS filesystems
939 * xfsdump: Administrative utilities for the XFS filesystem
940 * xfsprogs: Utilities for managing the XFS filesystem
944 * jfsutils: utilities for managing the JFS filesystem
948 * ntfsprogs: tools for doing neat things in NTFS partitions from Linux
949 * salvage-ntfs: free NTFS data recovery tools
950 * scrounge-ntfs: data recovery program for NTFS file systems
951 * ntfsresize: resize ntfs partitions
953 Tags: ntfs, jfs, xfs, ext3, rescue, recovery, backup, filesystem, tools
955 Get ASCII value of a character with zsh:
957 % char=N ; print $((#char))
959 Convert a collection of mp3 files to wave or cdr using zsh:
961 % for i (./*.mp3){mpg321 --w - $i > ${i:r}.wav}
963 Convert images (foo.gif to foo.png) using zsh:
965 % for i in **/*.gif; convert $i $i:r.png
967 Remove all "non txt" files using zsh:
971 Remote Shell Using SSH:
974 % ssh -NR 3333:localhost:22 user@yourhost
977 % ssh user@localhost -p 3333
979 Tags: port forwarding, ssh, remote port, network
981 Reverse Shell with Netcat:
984 % netcat -v -l -p 3333 -e /bin/sh
987 % netcat 192.168.0.1 3333
989 TagS: port forwarding, ssh, remote, network
991 Reverse Shell via SSH:
993 local host (inside the network):
994 % ssh -NR 1234:localhost:22 remote_host
996 remote host (outside the network):
997 % ssh localhost -p 1234
999 Tags: port forwarding, ssh, remote port, network
1001 Remove empty directories with zsh:
1003 % rmdir ./**/*(/od) 2> /dev/null
1005 Find all the empty directories in a tree with zsh:
1009 Find all files without a valid owner and change ownership with zsh:
1011 % chmod user /**/*(D^u:${(j.:u:.)${(f)"$(</etc/passwd)"}%%:*}:)
1013 Display the 5-10 last modified files with zsh:
1015 % print -rl -- /path/to/dir/**/*(D.om[5,10])
1017 Find and list the ten newest files in directories and subdirs (recursive) with zsh:
1019 % print -rl -- **/*(Dom[1,10])
1021 Find most recent file in a directory with zsh:
1023 % setopt dotglob ; print directory/**/*(om[1])
1025 Tunnel all traffic through an external server:
1027 % ssh -ND 3333 username@external.machine
1029 Then set the SOCKS4/5 proxy to localhost:3333.
1030 Check whether it's working by surfing e.g. to checkip.dyndns.org
1032 Tags: ssh, network, proxy, socks, tunnel
1034 Tunnel everything through SSH via tsocks:
1036 set up the SSH proxy on the client side:
1038 % ssh -ND 3333 user@remote.host.example.com
1040 Adjust /etc/tsocks.conf afterwards (delete all other lines):
1045 For programs who natively support proxying connections (e.g. Mozilla
1046 Firefox) you can now set the proxy address to localhost port 3333.
1048 All other programs which's connections you want to tunnel through your
1049 external host are prefixed with tsocks, e.g.:
1051 % tsocks netcat example.com 80
1052 % tsocks irssi -c irc.quakenet.eu.org -p 6667
1054 If you call tsocks without parameters it executes a shell witht the
1055 LD_PRELOAD environment variable already set and exported.
1057 Tags: ssh, network, proxy, socks, tunnel, tsocks
1059 smartctl - control and monitor utility for harddisks using Self-Monitoring,
1060 Analysis and Reporting Technology (SMART):
1062 # smartctl --all /dev/ice
1064 If you want to use smartctl on S-ATA (sata) disks use:
1066 # smartctl -d ata --all /dev/sda
1069 # smartctl -t offline /dev/ice
1072 # smartctl -t short /dev/ice
1074 Display results of test:
1075 # smartctl -l selftest /dev/ice
1077 Query device information:
1078 # smartctl -i /dev/ice
1080 Tags: smart, s.m.a.r.t, info, test, hardware
1082 Mount a BSD / Solaris partition:
1084 # mount -t ufs -o ufstype=ufs2 /dev/hda1 /mnt/hda1
1086 Use ufstype 44bsd for FreeBSD, NetBSD, OpenBSD (read-write).
1087 Use ufstype ufs2 for >= FreeBSD 5.x (read-only).
1088 Use ufstype sun for SunOS (Solaris) (read-write).
1089 Use ufstype sunx86 for SunOS for Intel (Solarisx86) (read-write).
1091 See /usr/share/doc/linux-doc-$(uname -r)/Documentation/filesystems/ufs.txt.gz
1094 Tags: ufs, bsd, mount, solaris
1096 Read BIOS (and or BIOS) password:
1098 # dd if=/dev/mem bs=512 skip=2 count=1 | hexdump -C | head
1100 Clone one of the kernel trees via git:
1102 git clone rsync://rsync.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.git
1103 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
1104 This path defines the tree. See http://kernel.org/git/ for an overview.
1106 Mount filesystems over ssh protocol:
1108 % sshfs user@host:/remote_dir /mnt/test
1112 % fusermount -u /mnt/test
1114 (Notice: requires fuse kernel module)
1116 Tags: ssh, sshfs, network, mount, directory, remote, fuse
1118 Install Gentoo using grml:
1120 See http://www.gentoo.org/doc/en/altinstall.xml
1122 Install (plain) Debian (sarge release) via grml:
1124 Assuming you want to install Debian to sda1:
1126 mkfs.ext3 /dev/sda1 # make an ext3 filesystem on /dev/sda1
1127 mount -o rw,suid,dev /dev/sda1 /mnt/test # now mount the new partition
1128 debootstrap sarge /mnt/test ftp://ftp.tugraz.at/mirror/debian # get main packages from a debian-mirror
1129 chroot /mnt/test /bin/bash # let's chroot into the new system
1130 mount -t devpts none /dev/pts # ...otherwise running base-config might fail ("Terminated" or "openpty failed")
1131 mount -t proc none /proc # make sure we also have a mounted /proc
1132 base-config # now configure some main settings
1133 vi /etc/mkinitrd/mkinitrd.conf # adjust $ROOT (to /dev/sda1) for your new partition, autodetection will fail in chroot
1134 cd /dev ; ./MAKEDEV generic # make sure we have all necessary devices for lilo
1135 apt-get install lilo linux-image-2.6.12-1-386 # install lilo and a kernel which fits your needs
1136 cp /usr/share/doc/lilo/examples/conf.sample /etc/lilo.conf # let's use a template
1137 vi /etc/lilo.conf && lilo # adjust the file for your needs and run lilo afterwards
1138 umount /proc ; umount /dev/pts # we do not need them any more
1139 exit # now leave chroot
1140 cp /etc/hosts /etc/fstab /mnt/test/etc/ # you might want to take the existing files...
1141 cp /etc/network/interfaces /mnt/test/etc/network/ # ...from the running grml system for your new system
1142 umount /mnt/test && reboot # unmount partition and reboot...
1144 See also: http://www.debian.org/releases/stable/i386/apcs04.html.en
1145 Avoid all of the above steps - use grml-debootstrap(8) instead!
1147 Tags: manual, installation, debian, debootstrap
1149 Install (plain) Debian (etch release) via grml
1151 Assuming you want to install Debian to sda1:
1153 mkfs.ext3 /dev/sda1 # make an ext3 filesystem on /dev/sda1
1154 mount -o rw,suid,dev /dev/sda1 /mnt/test # now mount the new partition
1155 debootstrap etch /mnt/test ftp://ftp.tugraz.at/mirror/debian # get main packages from a debian-mirror
1156 chroot /mnt/test /bin/bash # let's chroot into the new system
1157 mount -t proc none /proc # make sure we have a mounted /proc
1158 apt-get install locales console-data # install locales
1159 dpkg-reconfigure locales console-data # adjust locales to your needs
1160 apt-get install vim most zsh screen less initrd-tools file grub \
1161 usbutils pciutils bzip2 sysfsutils dhcp3-client resolvconf \
1162 strace lsof w3m # install useful software
1163 apt-get install linux-headers-2.6-686 linux-image-686 # install current kernel
1165 echo "127.0.0.1 localhost" > /etc/hosts # adjust /etc/hosts and network:
1166 cat >> /etc/network/interfaces << EOF
1167 iface lo inet loopback
1168 iface eth0 inet dhcp
1173 ln -sf /usr/share/zoneinfo/Europe/Vienna /etc/localtime # adjust timezone and /etc/fstab:
1174 cat >> /etc/fstab << EOF
1175 sysfs /sys sysfs auto 0 0
1176 proc /proc proc defaults 0 0
1177 /dev/sda1 / ext3 defaults,errors=remount-ro 0 1
1178 /dev/sda2 none swap sw 0 0
1179 /dev/cdrom /mnt/cdrom0 iso9660 ro,user,noauto 0 0
1181 passwd # set password of user root
1183 mkdir /boot/grub # setup grub
1184 cp /usr/share/doc/grub/examples/menu.lst /boot/grub
1185 cat >> /boot/grub/menu.lst << EOF
1186 title Debian Etch, kernel 2.6.18-3-686 (on /dev/sda1)
1188 kernel /boot/vmlinuz-2.6.18-3-686 root=/dev/sda1 ro
1189 initrd /boot/initrd.img-2.6.18-3-686
1191 vim /boot/grub/menu.lst # adjust grub configuration to your needs
1192 cd /dev && MAKEDEV generic # create default devices
1193 cp -i /usr/lib/grub/i386-pc/* /boot/grub/ # copy stage-files to /boot/grub/
1194 grub install # now install grub, run in grub-cmdline following commands:
1198 umount -a # unmount all filesystems in chroot and finally:
1199 exit # exit the chroot and:
1202 If you want to use lilo instead of grub take a look at
1203 /usr/share/doc/lilo/examples/conf.sample or use the following template:
1205 cat > /etc/lilo.conf << EOF
1206 # This allows booting from any partition on disks with more than 1024 cylinders.
1209 # Specifies the boot device
1212 # Specifies the device that should be mounted as root.
1215 # use Debian on software raid:
1216 # raid-extra-boot=mbr-only
1224 image=/boot/vmlinuz-2.6.18-grml
1228 initrd=/boot/initrd.img-2.6.18-grml
1231 See also: http://www.debian.org/releases/stable/i386/apcs04.html.en
1232 Avoid all of the above steps - use grml-debootstrap(8) instead!
1234 Tags: manual, installation, debian, debootstrap, howto
1236 Convert files from Unicode / UTF-8 to ISO:
1238 % iconv -c -f utf8 -t iso-8859-15 < utffile > isofile
1242 % iconv -f iso-8859-15 -t utf8 < isofile > utffile
1244 Tags: utf-8, iso, unicode, utf8
1246 Assign static setup for network cards (NICs) via udev:
1248 Retrieve information for address (corresponding to MAC address):
1250 # udevadm info -a -p /sys/class/net/eth0/ | grep -i 'ATTR{address}'
1252 Execute /lib/udev/write_net_rules with according values (INTERFACE
1253 is old NIC name, INTERFACE_NAME is new NIC name and MATCHADDR
1254 is the MAC address retrieved with udevadm info command):
1256 # INTERFACE=eth0 INTERFACE_NAME=lan0 MATCHADDR=00:00:00:00:00:01 /lib/udev/write_net_rules
1258 This will generate file /etc/udev/rules.d/70-persistent-net.rules with content:
1260 SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:00:00:00:00:01", KERNEL=="eth*", NAME="lan0"
1262 Finally take down the interface (ifdown/ifconfig) and execute:
1264 # udevadm trigger --action=add --subsystem-match=net
1266 so the interface will be renamed. (Rebooting or
1267 unloading drivers/restart udev/loading drivers again
1268 works as well of course.)
1270 Tags: udev, configuration, name, eth0, howto
1272 Change the suffix from *.sh to *.pl using zsh:
1275 % zmv -W '*.sh' '*.pl'
1277 Generate SSL certificate:
1279 Create self signed certificate (adjust /etc/ssl/openssl.cnf if necessary):
1280 # openssl req -x509 -newkey rsa:1024 -keyout keyfile -out certfile -days 9999 -nodes
1283 # openssl x509 -in certfile -text
1285 Verify against CA certificate:
1286 # openssl verify -CAfile cacert.crt -verbose -purpose sslserver
1288 Generate 2048bit RSA-key:
1289 # openssl req -new -x509 -keyout pub-sec-key.pem -out pub-sec-key.pem -days 365 -nodes
1291 As before but add request to existing key pub-sec-key.pem:
1292 # openssl req -new -out request.pem -keyin pub-sec-key.pem
1294 Show request request.pem:
1295 # openssl req -text -noout -in request.pem
1297 Verify signature of request request.pem:
1298 # openssl req -verify -noout -in request.pem
1300 Generate SHA1 fingerprint (modulo key) of request.pem:
1301 # openssl req -noout -modulus -in request.pem | openssl sha1 -c
1303 Generate 2048bit RSA-key and put it to pub-sec-key.pem. Save self signed certificate in self-signed-certificate.pem:
1304 # openssl req -x509 -days 365 -newkey rsa:2048 -out self-signed-certificate.pem -keyout pub-sec-key.pem
1306 As before but create self signed certificate based on existing key pub-sec-key.pem:
1307 # openssl req -x509 -days 365 -new -out self-signed-certificate.pem -key pub-sec-key.pem
1309 Generate new request out of existing self signed certificate:
1310 # openssl x509 -x509toreq -in self-signed-certificate.pem -signkey pub-sec-key.pem -out request.pem
1312 Display certificate self-signed-certificate.pem in plaintext:
1313 # openssl x509 -text -noout -md5 -in self-signed-certificate.pem
1315 Check self signed certificate:
1316 # openssl verify -issuer_checks -CAfile self-signed-certificate.pem self-signed-certificate.pem
1318 Estable OpenSSL-connection using self-signed-certificate.pem and display certificate:
1319 # openssl s_client -showcerts -CAfile self-signed-certificate.pem -connect www.example.com:443
1321 Generate ssl-certificate for use with apache2:
1323 export RANDFILE=/dev/random
1324 mkdir /etc/apache2/ssl/
1325 openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/ssl/apache.pem -keyout /etc/apache2/ssl/apache.pem
1326 chmod 600 /etc/apache2/ssl/apache.pem
1328 Also take a look at make-ssl-cert (debconf wrapper for openssl):
1330 # /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/apache.pem
1332 and mod-ssl-makecert (utility to create SSL certificates in /etc/apache/ssl.*/).
1334 Tags: openssl, howto
1336 Change Windows NT password(s):
1338 # mount -o rw /mnt/hda1
1339 # cd /mnt/hda1/WINDOWS/system32/config/
1340 # chntpw SAM SECURITY system
1342 Notice: if mounting the partition read-write did not work (check syslog!)
1343 try using mount.ntfs-3g instead: mount.ntfs-3g /dev/hda1 /mnt/hda1
1345 (Be careful with deactivating syskey!)
1347 Tags: password, windows, recovery, chntpw, howto
1349 glark - replacement for grep written in Ruby:
1351 A replacement for (or supplement to) the grep family, glark offers:
1352 Perl compatible regular expressions, highlighting of matches,
1353 context around matches, complex expressions and automatic exclusion
1358 % glark -y keyword file # display only the region that matched, not the entire line
1359 % glark -o format print *.h # search for either "printf" or "format"
1361 More information: man glark
1363 Find CD burning device(s):
1365 General information on CD-ROM:
1366 % cat /proc/sys/dev/cdrom/info
1368 Scan using ATA Packet specific SCSI transport:
1369 # cdrecord -dev=ATA -scanbus
1370 # cdrecord-prodvd -s -scanbus dev=ATA
1372 Get specific information for /dev/ice:
1373 # cdrecord dev=/dev/ice -scanbus
1375 Tags: hardware, info, cd burn
1377 Create devices in /dev on udev:
1379 For example create md devices (/dev/md0, /dev/md1,...):
1380 # cd /dev ; WRITE_ON_UDEV=1 ./MAKEDEV md
1384 Identify network device (NIC):
1386 # ethtool -i $DEVICE
1388 Show NIC statistics:
1390 # ethtool -S $DEVICE
1392 If your NIC shows some aging signs, you may want to be sure:
1394 # ethtool -t $DEVICE
1396 Disable TCP/UDP checksums:
1398 # ethtool -K $DEVICE tx off
1400 Tags: configuration, network, device
1402 grml2hd seems to hang? Getting Squashfs errors? Problems while booting?
1404 Switch to tty12 and take a look at the syslog. If you see something like:
1406 SQUASHFS error: zlib_fs returned unexpected result 0x........
1407 SQUASHFS error: Unable to read cache block [.....]
1408 SQUASHFS error: Unable to read inode [.....]
1410 your ISO/CD-ROM very probably is not ok. Verify it via booting with grml testcd.
1411 Check your CD low-level via running:
1413 # readcd -c2scan dev=/dev/cdrom
1415 If the medium really is ok and it still fails try to boot with deactivated DMA
1416 via using grml nodma at the bootprompt.
1418 Tags: grml2hd, installation, verify, squashfs, error
1420 Write a Microsoft compatible boot record (MBR) using ms-sys
1422 Write a Windows 2000/XP/2003 MBR to a device:
1424 # ms-sys -m /dev/ice
1426 Notice: grab ms-sys from http://ms-sys.sourceforge.net/ - demo:
1428 wget http://surfnet.dl.sourceforge.net/sourceforge/ms-sys/ms-sys-2.1.3.tgz
1429 unp ms-sys-2.1.3.tgz
1434 Tags: mbr, windows, ms-sys, recovery
1436 Use a Vodafone 3G Datacard (UMTS) with Linux:
1438 Plug in your vodafone card and check in syslog whether the appropriate
1439 (probably /dev/ttyUSB0 or /dev/noz0) has been created. If so run:
1442 # wvdial --config /etc/wvdial.conf.umts $PROFILE
1445 # comgt -d /dev/ttyUSB0
1446 # wvdial --config /etc/wvdial.conf.umts a1usb
1448 # comgt -d /dev/noz0
1449 # wvdial --config /etc/wvdial.conf.umts tmnozomi
1451 # comgt -d /dev/noz0
1452 # wvdial --config /etc/wvdial.conf.umts dreiusb
1454 # comgt -d /dev/ttyACM0
1455 # wvdial --config /etc/wvdial.conf.umts yesss
1457 If you receive invalid DNS nameservers when connecting, like:
1460 --> primary DNS address 10.11.12.13
1461 --> secondary DNS address 10.11.12.14
1463 just provide a working nameserver to resolvconf via:
1465 # echo "nameserver 80.120.17.70" | resolvconf -a ppp0
1467 Notice: some vodafone cards require the nozomi driver (run 'modprobe nozomi' on
1468 your grml system), some other ones require the sierra driver (run
1471 If your device isn't supported by usbserial yet, manually provide vendor and
1472 product ID when loading the usbserial module. Usage example:
1476 Bus 004 Device 008: ID 1199:6813 Sierra Wireless, Inc.
1478 # modprobe usbserial vendor=0x1199 product=0x6813
1480 To get a list of available providers execute:
1482 # comgt -s -d /dev/ttyUSB0 /etc/comgt/operator
1484 Tags: umts, 3g, vodafone, sierra, wvdial, ppp, howto
1486 hdparm - get/set hard disk parameters
1488 Display the identification info that was obtained from the drive at boot time,
1490 # hpdarm -i /dev/ice
1492 Request identification info directly from the drive:
1493 # hpdarm -I /dev/ice
1495 Perform timings of device + cache reads for benchmark and comparison purposes:
1496 # hdparm -tT /dev/ice
1498 Tags: hardware, performance, configuration, harddisk
1500 bonnie++ - program to test hard drive performance.
1502 # mkdir /mnt/benchmark
1503 # mount /dev/ice /mnt/benchmark
1504 # chmod go+w /mnt/benchmark
1505 # bonnie -u grml -d /mnt/benchmark -s 2000M
1507 Tags: benchmark, harddisk
1509 Use gizmo with a bluetooth headset:
1511 % DEVICE="/dev/dsp$(awk '/- BT Headset/ {print $1}' /proc/asound/cards)"
1512 % gizmo --mic $DEVICE --speaker $DEVICE
1514 Scan a v4l device for TV stations:
1516 % scantv -c /dev/video0 -C /dev/vbi0 -o ~/.xawtv
1518 Then running xawtv should work:
1522 Run apt-get with timeout of 3 seconds:
1524 # apt-get -o acquire::http::timeout=3 update
1528 Debian GNU/Linux device driver check page
1530 % $BROWSER http://kmuto.jp/debian/hcl/index.cgi
1532 Use dd with status line:
1534 # dd if=/dev/ice conv=noerror,notrunc,sync | buffer -S 100k | dd of=/tmp/file
1536 Generate a 512k file of random data with status bar:
1538 % dd if=/dev/random bs=1024 count=512 | bar -s 512k -of ./random
1540 Install Grub instead of lilo on grml installation (grml2hd):
1545 adjust grub's configuration file menu.lst:
1546 # $EDITOR /boot/grub/menu.lst
1548 now install grub (usage example for /dev/sda1):
1555 Install Ubuntu using grml:
1557 See https://wiki.ubuntu.com/Installation/FromKnoppix
1559 Tags: ubuntu, installation
1561 Resize ext2 / ext3 partition:
1563 # tune2fs -O '^has_journal' /dev/iceX # disable journaling
1564 # fsck.ext2 -v -y -f /dev/iceX # check the filesystem
1565 # resize2fs -p /dev/iceX $SIZE # resize it (adjust $SIZE)
1566 # fdisk /dev/ice # adjust partition in partition table
1567 # fsck.ext2 -v -y -f /dev/iceX # check filesystem again
1568 # resize2fs -p /dev/iceX # resize it to maximum
1569 # tune2fs -j /dev/iceX # re-enable journal
1571 Tags: resize, ext2, ext3, ext4, partition, howto
1573 Tune ext2 / ext3 filesystem:
1575 Check partition first:
1577 # tune2fs -l /dev/iceX
1579 If you don't see dir_index in the list, then enable it:
1581 # tune2fs -O dir_index /dev/iceX
1583 Now run e2fsck with the -D option to have the directories optimized:
1585 # e2fsck -D /dev/iceX
1587 Notice: since e2fsprogs (1.39-1) filesystems are created with
1588 directory indexing and on-line resizing enabled by default.
1590 Tags: configuration, ext2, ext3, ext4, partition
1592 Search for printers via network:
1594 # pconf_detect -m NETWORK -i 192.168.0.1/24
1596 Tags: printer, network, scan
1598 Mount a remote directory via webdav (e.g. Mediacenter of GMX):
1600 # mount -t davfs https://mediacenter.gmx.net/ /mnt/test
1602 Tags: webdav, mount, mediacenter, gmx
1604 System-Profiling using oprofile:
1609 # opcontrol --setup --no-vmlinux --event=CPU_CLK_UNHALTED:500000:0:1:1 --separate=library
1614 Now $DO_SOME_TASKS...
1617 # opcontrol --shutdown
1619 Then take a look at the reports using something like e.g.:
1620 # opreport -t 0.5 --exclude-dependent
1621 # opreport -t 0.5 /path/to/executable_to_check
1622 # opannotate -t 0.5 --source --assembly
1624 Tags: profile, profiling, opcontrol, howto
1626 Install ATI's fglrx driver for Xorg / X.org:
1628 Usually there already exist drivers for the grml-system:
1629 # apt-get update ; apt-get install fglrx-driver fglrx-kernel-`uname -r`
1631 After installing adjust xorg.conf via running:
1632 # aticonfig --initial --input=/etc/X11/xorg.conf
1634 For more information take a look at http://wiki.grml.org/doku.php?id=ati
1636 Tags: xorg, x11, driver, ati
1638 Install nvidia driver for Xorg / X.org:
1640 Usually there already exist drivers for the grml-system:
1641 # apt-get update ; apt-get install nvidia-glx nvidia-kernel-`uname -r`
1643 Then switch from module nv to nvidia:
1645 # sed -i 's/Driver.*nv.*/Driver "nvidia"/' /etc/X11/xorg.conf
1647 Tags: xorg, x11, driver, nvidia
1649 glxgears - a GLX demo that draws three rotating gears
1651 To print frames per second (fps) use:
1652 % glxgears -printfps
1654 Tags: xorg, x11, glx,
1656 You forgot to boot with 'grml noeject noprompt' to avoid
1657 ejecting and prompting for CD removal when rebooting/halting
1668 If you want to avoid only the prompting part, run:
1676 Tags: bootparam, fix, grml
1678 Mount wikipedia local via fuse:
1680 Adjust configuration:
1681 % cat ~/.wikipediafs/config.xml
1684 <article-cache-time>300</article-cache-time>
1688 <dirname>wikipedia-de</dirname>
1689 <host>de.wikipedia.org</host>
1690 <basename>/w/index.php</basename>
1693 <dirname>wikipedia-en</dirname>
1694 <host>en.wikipedia.org</host>
1695 <basename>/w/index.php</basename>
1700 Mount it (/wiki must exist of course):
1701 % mount.wikipediafs /wiki
1702 % cat /wiki/wikipedia-en/Cat
1705 % fusermount -u /wiki
1707 Tags: fuse, wikipedia, mount
1709 Remote notification on X via osd (on screen display):
1711 Start osd_server.py at your local host (listens on port 1234 by default):
1714 Then login to a $REMOTEHOST
1715 % ssh -R 1234:localhost:1234 $REMOTEHOST
1717 Now send the text to your local display via running something like:
1718 % echo "text to send" | nc localhost 1234
1720 Very useful when you are waiting for a long running job
1721 but want to do something else in the meanwhile:
1723 % ./configure && make && echo "finished compiling" | netcat localhost 1234
1725 You can use this in external programs as well of course. Examples:
1727 Use osd in centericq:
1729 % cat ~/.centericq/external
1738 if [ -x /usr/bin/socat -a -x /bin/netcat ] ; then
1739 CONTACT_CUSTOM_NICK=$(cat ${CONTACT_INFODIR}/info | head -n 46 | tail -n 1)
1740 osd_msg="*** CenterICQ: new ${EVENT_NETWORK} ${EVENT_TYPE} from ${CONTACT_CUSTOM_NICK} ***"
1741 if echo | socat - TCP4:localhost:1234 &>/dev/null ; then
1742 echo "${osd_msg}" | netcat localhost 1234
1746 Use it in the IRC console client irssi via running:
1750 You can even activate the port forwarding by default globally:
1755 RemoteForward 1234 127.0.0.1:1234
1758 Notice: if you get 'ABORT: Requested font not found' make sure the
1759 requested font is available, running 'LANG=C LC_ALL=C osd_server.py...'
1762 Tags: osd, notification, ssh, network, port-forwarding
1764 Avoid automatical startup of init scripts via invoke-rc.d:
1766 First of all make sure the package policyrcd-script-zg2 (which
1767 provides the /usr/sbin/policy-rc.d interface) is installed.
1769 In policyrcd-script-zg2's configuration file named
1770 /etc/zg-policy-rc.d.conf the script /usr/sbin/grml-policy-rc.d is
1771 defined as the interface for handling invoke-rc.d's startup policy.
1773 grml-policy-rc.d can be configure via /etc/policy-rc.d.conf. By
1774 default you won't notice any differences to Debian's default
1775 behaviour, except that invoke-rc.d won't be executed if a chroot has
1776 been detected (detection: /proc is missing).
1778 If you want to disable automatical startup of newly installed packages
1779 (done via the invoke-rc.d mechanism) just set EXITSTATUS to '101' in
1780 /etc/policy-rc.d.conf.
1782 To restore the default behaviour set EXITSTATUS back to '0' in
1783 /etc/policy-rc.d.conf.
1785 Tags: policy, init, script, invode-rc.d
1787 Install VMware-Tools for grml:
1789 First of all make sure a CD-ROM device in VMware is available.
1791 Mount the CD-ROM device to /mnt/cdrom, then unpack and install
1795 unp /mnt/cdrom/vmware-linux-tools.tar.gz
1796 cd vmware-tools-distrib
1799 /etc/init.d/networking stop
1804 /etc/init.d/networking start
1806 In an X terminal, launch the VMware Tools running:
1810 Tags: vmware, tool, vmware-toolbox, howto
1812 Some important Postfix stuff
1820 Send all messages in the queue:
1824 Send all messages in the queue for a specific site:
1828 Delete a specific message
1829 # postsuper -d 12345678942
1831 Deletes all messages held in the queue for later delivery
1832 # postsuper -d ALL deferred
1834 Mail queues in postfix:
1836 incoming -> mail who just entered the system
1837 active -> mail to be delivered
1838 deferred -> mail to be delivered later because there were problems
1839 hold -> mail that should not be delivered until released from hold
1841 For configuration of postfix take a look at
1842 /etc/postfix/master.cf - man 5 master
1843 /etc/postfix/main.cf - man 5 postconf
1844 and http://www.postfix.org/documentation.html.
1848 mode 4000 - set user ID (suid):
1850 - for executable files: run as the user who owns the file, instead of the
1851 user who runs the file
1852 - for directories: not used
1854 mode 2000 - set group ID (guid):
1856 - for executable files: run as the group who owns the file, instead of the
1857 group of the user who runs the file
1858 - for directories: when a file is created inside the directory, it belongs
1859 to the group of the directory instead of the default group of the user who
1862 mode 1000 - sticky bit:
1864 - for files: not used
1865 - for directories: only the owner of a file can delete or rename the file
1867 Tags: postix, mailq, postsuper, queue, delete, smtp
1869 Create MySQL database
1871 # apt-get install mysql-client mysql-server
1873 Run 'mysql' as root - create a database with:
1875 create database grml
1877 Give a user access to the database (without password):
1879 grant all on grml.* to mika;
1881 Give a user access to the database (with password):
1883 grant all on grml.* to enrico identified by "PASSWORD";
1885 Tags: mysql, database
1887 Setup an HTTPS website:
1889 Create a certificate:
1891 # mkdir /etc/apache2/ssl
1892 # make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
1894 Create a virtual host on port 443:
1896 <VirtualHost www.foo.invalid:443>
1900 Enable SSL in the VirtualHost:
1903 SSLCertificateFile /etc/apache2/ssl/apache.pem
1905 Enable listening on the HTTPS port (/etc/apache2/ports.conf):
1909 and make sure the SSL module is used:
1913 Tags: ssl, https, configuration, apache
1915 Useful Apache / Apache2 stuff
1917 Check configuration file via running:
1919 # apache2ctl configtest
1927 # a2enmod modulename
1929 Tags: apache, configuration
1931 Create tar archive and store it on remote machine:
1933 % tar zcf - /sourcedir | ssh user@targethost "cat >file.tgz"
1935 Tags: tar, backup, remote, network, ssh
1937 Pick out and displays images from network traffic:
1941 Tags: remote, network, sniff, image
1943 Install Flash plugin:
1945 # dpkg-reconfigure flashplugin-nonfree
1949 To test a proxy, low level way:
1953 GET http://www.google.com HTTP/1.0 [press enter twice]
1957 Adjust system for use of qemu with kqemu:
1959 Make sure you have all you need:
1960 # aptitude update ; aptitude install qemu kqemu-modules-$(uname -r)
1965 mknod /dev/kqemu c 250 0
1966 chmod 666 /dev/kqemu
1967 chmod 666 /dev/net/tun
1969 Check kqemu support via starting qemu, press
1970 Ctrl-Alt-2 and entering 'info kqemu'.
1972 (High-Load) Debugging related tools:
1974 mpstat # report processors related statistics
1975 iostat # report CPU statistics and input/output statistics for devices and partitions
1976 vmstat # report virtual memory statistics
1977 slabtop # display kernel slab cache information in real time
1978 atsar # system activity report
1979 dstat # versatile tool for generating system resource statistics
1990 Tags: test, debug, information, hardware, statistic
1992 Using WPA for network setup manually:
1994 # wpa_supplicant -Dwext -iwlan0 -c/etc/wpa_supplicant.conf
1996 Adjust the options and configuration file to your needs.
1997 Also take a look at 'grml-network'.
1999 Tags: wireless, wpa, network, configuration
2001 Start X and lock console via exiting:
2003 % startx 2>~/.xsession-errors &| exit
2005 Tags: xorg, x11, startx, graphical
2007 Which process is writing to disk and/or causes the disk to spin up?
2009 First of all use lsof to check what's going on. Does not help? ->
2011 # echo 1 > /proc/sys/vm/block_dump
2013 The command sets a sysctl to cause the kernel to log all disk
2014 writes. Please notice that there is a lot of data. So please
2015 disable syslogd/syslog-ng before you do this, or you must make
2016 sure that kernel output is not logged.
2018 When you're done, disable block dump using:
2019 # echo 0 > /proc/sys/vm/block_dump
2022 laptop-mode-tools provides a tool named lm-profiler (laptop mode profiler)
2023 which handles block_dump on its own.
2025 See: $KERNEL-SOURCE/Documentation/laptop-mode.txt
2027 Also take a look at event-viewer(8) which is part of grml-debugtools.
2029 Tags: debug, device, block, partition
2031 Install initrd via initramfs-tools for currently running kernel:
2033 # update-initramfs -c -t -k $(uname -r)
2037 Install initrd via yaird for currently running kernel:
2039 # yaird -o /boot/initrd.img-$(uname -r)
2041 Install initrd via yaird for specific kernel:
2045 # yaird -o /boot/initrd.img-2.6.15-1-686 2.6.15-1-686
2047 Reinstall package with its original configuration files:
2049 # apt-get install --reinstall -o DPkg::Options::=--force-confmiss -o \
2050 DPkg::Options::=--force-confnew package
2052 grml 0.8 funkenzutzler - rt2x00 drivers:
2054 To avoid conflicts with the other rt2x00-drivers the package rt2x00 (which
2055 includes beta-version drivers) is not installed by default. If you want to
2056 use the kernel modules rt2400pci, rt2500pci, rt2500usb, rt61pci and/or
2057 rt73usb please install the package manually running:
2059 # dpkg -i /usr/src/rt2x00-modules-*.deb
2061 Use Java with jikes and jamvm on grml:
2065 % cp /usr/share/doc/grml-templates/template.java .
2066 % jikes template.java
2069 Notice that grml exports $JIKESPATH (/usr/share/classpath/glibj.zip),
2070 so you do not have to manually run
2071 jikes --bootclasspath /usr/share/classpath/glibj.zip
2073 Online resizing of (Software-)RAID5:
2075 # Initiate a RAID5 setup for testing purposes:
2076 mdadm --create --verbose /dev/md0 --level=5 --raid-devices=3 /dev/hda1 /dev/hdb1 /dev/hdd1
2078 # Create filesystem, mount md0, create a testfile and save md5sum for
2081 mount /dev/md0 /mnt/test
2082 dd if=/dev/urandom of=/mnt/test/dd bs=512 count=10000
2083 md5sum /mnt/test/dd > md5sum
2085 # Make sure the RAID is synched via checking:
2088 # Now remove one partition:
2089 mdadm /dev/md0 --fail /dev/hdd1 --remove /dev/hdd1
2091 # Delete partition, create a new + bigger one and set partition type to fd
2092 # (Linux raid autodetect):
2095 # And re-add the partition:
2096 mdadm -a /dev/md0 /dev/hdd1
2098 # Make sure the RAID is synched via checking:
2101 # Repeat the steps for all other disks/partitions as well:
2102 mdadm /dev/md0 --fail /dev/hdb1 --remove /dev/hdb1
2104 mdadm -a /dev/md0 /dev/hdb1
2106 mdadm /dev/md0 --fail /dev/hda1 --remove /dev/hda1
2108 mdadm -a /dev/md0 /dev/hda1
2111 # Now resize the RAID5 system online [see 'man mdadm' for details]:
2112 mdadm --detail /dev/md0 | grep -e 'Array Size' -e 'Device Size'
2113 mdadm --grow /dev/md0 -z max
2114 mdadm --detail /dev/md0 | grep -e "Array Size" -e 'Device Size'
2116 # Last step - resize the filesystem (online again):
2119 Tags: raid, resize, raid5, mdadm
2121 ext3 online resizing:
2123 Starting with Linux kernel 2.6.10 you can resize ext3 online. With
2124 e2fsprogs >=1.39-1 new filesystems are created with directory indexing and
2125 on-line resizing enabled by default (see /etc/mke2fs.conf).
2129 cfdisk /dev/hda # create a partition with type 8e (lvm)
2130 pvcreate /dev/hda2 # create a physical volume
2131 vgcreate resize_me /dev/hda2 # create volume group
2132 lvcreate -n resize_me -L100 resize_me # create a logical volume
2133 mkfs.ext3 /dev/resize_me/resize_me # now create a new filesystem
2134 mount /dev/resize_me/resize_me /mnt/test # mount the new fs for demonstrating online resizing
2135 df -h # check the size of the partition
2136 lvextend -L+100M /dev/resize_me/resize_me # let's extend the logical volume
2137 resize2fs /dev/resize_me/resize_me # and finally resize the filesystem
2138 df -h # recheck the size of the partition
2140 This also works for Software-RAID. Demo:
2142 mdadm --create --verbose /dev/md0 --level=raid1 --raid-devices=2 /dev/hda2 /dev/hdb1
2144 mount /dev/md0 /mnt/test
2145 mdadm /dev/md0 --fail /dev/hda2 --remove /dev/hda2
2146 cfdisk /dev/hda # adjust partition size for hda2
2147 mdadm /dev/md0 --add /dev/hda2
2148 mdadm /dev/md0 --fail /dev/hdb1 --remove /dev/hdb1
2149 cfdisk /dev/hdb # adjust partition size for hdb1
2150 mdadm /dev/md0 --add /dev/hdb1
2151 mdadm --grow /dev/md0 --size=max
2154 Notice: online resizing works as soon as the kernel can re-read the
2155 partition table. So it works for example with LVM and SW-RAID but not with
2156 a plain device (/dev/[sh]d*). The kernel does not re-read the partition
2157 table if the device is already mounted.
2159 Tags: resize, raid, lvm, ext2, ext3, ext4, raid1
2161 Use vim as an outline editor:
2163 % $PAGER /usr/share/doc/vim-vimoutliner/README.Debian
2167 Monitor directories/files for changes using iwatch
2169 Monitor /tmp for changes:
2172 Monitor files/directories specified in /etc/iwatch.xml
2173 and send mail on changes:
2176 Tags: inotify, watch, file, directory
2178 Some often used mdadm commands:
2181 # mdadm --create --verbose /dev/md0 --level=raid1 --raid-devices=2 /dev/hda1 /dev/hdb1
2183 Display details of specific RAID:
2184 # mdadm --detail /dev/md0
2187 Simulating a drive failure by software:
2188 # mdadm --manage --set-faulty /dev/md0 /dev/hda1
2190 Remove disk from RAID:
2191 # mdadm /dev/md0 -r /dev/hda1
2193 Set disk as faulty and remove from RAID:
2194 # mdadm /dev/md0 --fail /dev/hda1 --remove /dev/hda1
2199 Restart a RAID-device:
2202 Add another disk to existing RAID setup (hotadd):
2203 # mdadm /dev/md0 -a /dev/hde1
2204 # mdadm --grow /dev/md0 --raid-devices=4
2206 Assemble and start all arrays:
2207 # mdadm --assemble --scan
2209 Assemble a specific array:
2210 # mdadm --assemble /dev/md0 /dev/sda1 /dev/sdb1 /dev/sdc1
2213 # mdadm --assemble --run --force --update=resync /dev/md0 /dev/sda1 /dev/sda2
2216 # mdadm --stop --scan
2218 Scan for and setup arrays automatically:
2219 # mdadm --assemble --scan --auto=yes --verbose
2221 Notice: If the above does not work make sure /etc/mdadm/mdadm.conf contains:
2223 CREATE owner=root group=disk mode=0660 auto=yes
2228 # /usr/share/mdadm/mkconf > /etc/mdadm/mdadm.conf
2231 Monitoring the sw raid
2232 # nohup mdadm --monitor --mail=root@localhost --delay=300 /dev/md0
2234 Producing /etc/mdadm/mdadm.conf:
2235 # mdadm --detail --scan > /etc/mdadm/mdadm.conf
2237 See also: man mdadm | less -p "^EXAMPLES"
2238 http://www.tldp.org/HOWTO/Software-RAID-HOWTO.html
2240 Tags: raid, raid1, raid5, configuration, mdadm, howto
2242 A quick summary of the most commonly used RAID levels:
2245 => 2 disks each 160 GB: 320 GB data
2246 RAID 1: Mirrored Set
2247 => 2 disks each 160 GB: 160 GB data
2248 RAID 5: Striped Set with Parity
2249 => 3 disks each 160 GB: 320 GB data; 160 GB redundancy
2251 Common nested RAID levels:
2252 RAID 01: A mirror of stripes
2253 RAID 10: A stripe of mirrors
2254 RAID 30: A stripe across dedicated parity RAID systems
2255 RAID 100: A stripe of a stripe of mirrors
2257 -- http://en.wikipedia.org/wiki/RAID
2259 Tags: raid, raid1, raid5, raid01, raid10, raid100
2261 Logical Volume Management (LVM) with Linux
2266 | hda1 hdc1 (PV:s on partitions or whole disks)
2272 | usrlv rootlv varlv (LV:s)
2274 | ext3 ext3 xfs (filesystems)
2276 Often used commands:
2277 ~~~~~~~~~~~~~~~~~~~~
2279 Create a physical volume:
2280 # pvcreate /dev/hda2
2282 Create a volume group:
2283 # vgcreate testvg /dev/hda2
2285 Create a logical volume:
2286 # lvcreate -n test_lv -L100 testvg
2288 Resize a logical volume:
2289 # lvextend -L+100M /dev/resize_me/resize_me
2290 # resize2fs /dev/resize_me/resize_me # ext2/3
2291 # xfs_growfs /dev/resize_me/resize_me # xfs
2292 # resize_reiserfs -f /dev/resize_me/resize_me # reiserfs online
2293 # mount -o remount,resize /dev/resize_me/resize_me # jfs
2295 Create a snapshot of a logical volume:
2296 # lvcreate -L 500M --snapshot -n mysnap /dev/testvg/test_lv
2298 Deactivate a volume group:
2299 # vgchange -a n my_volume_group
2301 Actually remove a volume group:
2302 # vgremove my_volume_group
2304 Display information about physical volume:
2305 # pvdisplay /dev/hda1
2307 Remove physical volume:
2308 # vgreduce my_volume_group /dev/hda1
2310 Remove logical volume:
2311 # umount /dev/myvg/homevol
2312 # lvremove /dev/myvg/homevol
2315 http://www.tldp.org/HOWTO/LVM-HOWTO/
2317 Tags: lvm, howto, pvcreate, lvcreate
2319 How to use APT locally
2321 Sometimes you have lots of packages .deb that you would like to use APT to
2322 install so that the dependencies would be automatically solved. Solution:
2325 dpkg-scanpackages debs /dev/null | gzip > debs/Packages.gz
2326 echo " deb file:/root debs/" >> /etc/apt/sources.list
2327 dpkg-scansources debs | gzip > debs/Sources.gz
2328 echo " deb-src file:/root debs/" >> /etc/apt/sources.list
2330 See also: http://www.debian.org/doc/manuals/apt-howto/ch-basico.en.html
2334 Check filesystem's LABEL:
2339 ext2/3 without blkid:
2340 # dumpe2fs /dev/sda1 | grep "Filesystem volume name"
2343 # xfs_admin -l /dev/sda1
2345 reiserfs without blkid:
2346 # debugreiserfs /dev/sda1 | grep -i label
2349 # jfs_tune -l /dev/sda1 | grep -i label
2351 reiser4 without blkid:
2352 # debugfs.reiser4 /dev/sda1 | grep -i label
2354 Tags: filesystem, ext2, ext3, ext4, blkid, jfs, xfs, label
2356 Check filesystem's UUID:
2361 ext2/3 without blkid:
2362 # dumpe2fs /dev/sda1 | grep -i UUID
2365 # xfs_admin -u /dev/sda1
2367 reiserfs without blkid:
2368 # debugreiserfs /dev/sda1 | grep -i UUID
2370 reiser4 without blkid:
2371 # debugfs.reiser4 /dev/sda1 | grep -i UUID
2373 Tags: filesystem, ext2, ext3, ext4, blkid, jfs, xfs, uuid
2375 Change a filesystem's LABEL:
2378 # mkswap -L $LABEL /dev/sda1
2381 # e2label /dev/sda1 $LABEL
2382 # tune2fs -L $LABEL /dev/sda1
2385 # reiserfstune -l $LABEL /dev/sda1
2388 # jfs_tune -L $LABEL /dev/sda1
2391 # xfs_admin -L $LABEL /dev/sda1
2394 # echo 'drive i: file="/dev/sda1"' >> ~/.mtoolsrc
2395 # mlabel -s i:$LABEL
2398 # ntfslabel $LABEL /dev/sda1
2400 Tags: filesystem, ext2, ext3, ext4, blkid, jfs, xfs
2402 Disable pdiffs feature of APT:
2405 # echo 'Acquire::PDiffs "false";' >> /etc/apt/apt.conf
2408 # apt-get update -o Acquire::Pdiffs=false
2410 Backup big devices or files and create compressed splitted
2411 image chunks of it using zsplit
2413 Create backup of /dev/sda named archiveofsda_#.spl.zp in directory
2414 /mnt/sda1/backup, split the files up into chunks of 1GB each and set
2415 read/write buffer to 256kB:
2416 # zsplit -b 256 -N archiveofsda -o /mnt/sda1/backup/ -s 1G /dev/sda
2418 Restore the backup using unzsplit:
2419 # unzsplit -D /dev/sda -d archiveofsda
2421 More usage examples: man zsplit + man unzsplit
2423 Tags: backup, reocvery, spllt, limit, howto
2425 Measure network performance using iperf:
2431 % iperf -c <server_address> -V
2435 Server with 128k TCP window size:
2438 Client with running for 60 seconds and bidirectional test:
2439 % iperf -c <server_address> -r -w128k -t60
2441 Tags: network, benchmark
2443 Framebuffer resolutions:
2445 Resolution in pixels
2446 Color depth | 640x480 800x600 1024x768 1280x1024
2447 256 (8bit)| 769 771 773 775
2448 32000 (15bit)| 784 787 790 793
2449 65000 (16bit)| 785 788 791 794
2450 16.7 Mill.(24bit)| 786 789 792 795
2454 Mode 0x0300: 640x400 (+640), 8 bits
2455 Mode 0x0301: 640x480 (+640), 8 bits
2456 Mode 0x0303: 800x600 (+800), 8 bits
2457 Mode 0x0303: 800x600 (+832), 8 bits
2458 Mode 0x0305: 1024x768 (+1024), 8 bits
2459 Mode 0x0307: 1280x1024 (+1280), 8 bits
2460 Mode 0x030e: 320x200 (+640), 16 bits
2461 Mode 0x030f: 320x200 (+1280), 24 bits
2462 Mode 0x0311: 640x480 (+1280), 16 bits
2463 Mode 0x0312: 640x480 (+2560), 24 bits
2464 Mode 0x0314: 800x600 (+1600), 16 bits
2465 Mode 0x0315: 800x600 (+3200), 24 bits
2466 Mode 0x0317: 1024x768 (+2048), 16 bits
2467 Mode 0x0318: 1024x768 (+4096), 24 bits
2468 Mode 0x031a: 1280x1024 (+2560), 16 bits
2469 Mode 0x031b: 1280x1024 (+5120), 24 bits
2470 Mode 0x0330: 320x200 (+320), 8 bits
2471 Mode 0x0331: 320x400 (+320), 8 bits
2472 Mode 0x0332: 320x400 (+640), 16 bits
2473 Mode 0x0333: 320x400 (+1280), 24 bits
2474 Mode 0x0334: 320x240 (+320), 8 bits
2475 Mode 0x0335: 320x240 (+640), 16 bits
2476 Mode 0x0336: 320x240 (+1280), 24 bits
2477 Mode 0x033c: 1400x1050 (+1408), 8 bits
2478 Mode 0x033d: 640x400 (+1280), 16 bits
2479 Mode 0x033e: 640x400 (+2560), 24 bits
2480 Mode 0x0345: 1600x1200 (+1600), 8 bits
2481 Mode 0x0346: 1600x1200 (+3200), 16 bits
2482 Mode 0x034d: 1400x1050 (+2816), 16 bits
2483 Mode 0x035c: 1400x1050 (+5632), 24 bits
2485 Tags: framebuffer, resolution
2487 Portscan using netcat:
2489 # netcat -v -w2 <host|ip-addr.> 1-1024
2491 Run apt-get but disable apt-listchanges:
2493 APT_LISTCHANGES_FRONTEND=none apt-get ...
2495 Upgrade system but disable apt-listbugs:
2497 APT_LISTBUGS_FRONTEND=none apt-get ...
2499 Set up a Transparent Debian Proxy
2501 Install of apt-cacher, the default config will do:
2502 # apt-get install apt-cacher
2504 Check out the ip address of debian mirror(s).
2505 Then add this to your firewall script:
2507 DEBIAN_MIRRORS="141.76.2.4 213.129.232.18"
2508 for ip in ${DEBIAN_MIRRORS} ; do
2509 ${IPTABLES} -t nat -A PREROUTING -s $subnet -d $ip -p tcp --dport 80 -j REDIRECT --to-port 3142
2512 where ${IPTABLES} is the location of your iptables binary
2513 and $subnet is your internal subnet.
2515 Now everybody in your subnet who does access either
2516 ftp.de.debian.org or ftp.at.debian.org will actually
2517 access your apt-cacher instead.
2519 To use apt-cacher on the router itself, add the following
2520 line to your /etc/apt/apt.conf:
2522 Acquire::http::Proxy "http://localhost:3142/";
2524 Tags: proxy, debian, apt-get, howto
2526 Version control using Mercurial
2528 Setting up a Mercurial project:
2531 % hg init # creates .hg
2532 % hg add # add all files
2533 % hg commit # commit all changes, edit changelog entry
2535 Branching and merging:
2537 % hg clone linux linux-work # create a new branch
2542 % hg pull ../linux-work # pull changesets from linux-work
2543 % hg merge # merge the new tip from linux-work into
2544 # (old versions used "hg update -m" instead)
2545 # our working directory
2546 % hg commit # commit the result of the merge
2550 % cat ../p/patchlist | xargs hg import -p1 -b ../p
2558 % hg export 1234 > foo.patch # export changeset 1234
2560 Export your current repo via HTTP with browsable interface:
2562 % hg serve -n "My repo" -p 80
2564 Pushing changes to a remote repo with SSH:
2566 % hg push ssh://user@example.com/~/hg/
2568 Merge changes from a remote machine:
2570 host1% hg pull http://foo/
2571 host2% hg merge # merge changes into your working directory
2573 Set up a CGI server on your webserver:
2574 % cp hgwebdir.cgi ~/public_html/hg/index.cgi
2575 % $EDITOR ~/public_html/hg/index.cgi # adjust the defaults
2577 Download binary codecs for mplayer:
2579 # /usr/share/mplayer/scripts/win32codecs.sh
2583 # /usr/share/mplayer/scripts/binary_codecs.sh install
2585 (depending on the mplayer version you have).
2587 To play encrypted DVDs and if you are living in a country where using
2588 libdvdcss code is not illegal can install Debian package libdvdread3
2589 and use the script /usr/share/doc/libdvdread3/install-css.sh.
2591 Read manpages of uninstalled packages with debman:
2593 % debman -p git-core git
2595 Test network performance using netperf:
2601 # netperf -t TCP_STREAM -H 192.168.0.41
2603 Tags: benchmark, network
2605 Setup Xen within 20 minutes on Debian/grml
2607 Install relevant software und update grub's menu.lst (Xen does not work with
2608 usual lilo so install grub instead if not done already):
2610 apt-get install linux-image-2.6.18-1-xen-686 xen-hypervisor-3.0.3-1-i386 \
2611 xen-utils-3.0.3-1 xen-tools bridge-utils
2614 Example for installation of Debian etch as DomU:
2617 xen-create-image --debootstrap --dir=/mnt/md1/xen --size=2Gb --memory=512Mb --fs=ext3 \
2618 --cache=yes --dist=etch --hostname=xengrml1 --ip 192.168.1.2 --netmask 255.255.255.0 \
2619 --gateway 192.168.1.1 --initrd=/boot/initrd.img-2.6.18-1-xen-686 \
2620 --kernel=/boot/vmlinuz-2.6.18-1-xen-686 --mirror=http://ftp.at.debian.org/debian/
2624 /etc/init.d/xend start
2625 /etc/init.d/xendomains start
2627 Setup a bridge for network, either manually:
2629 brctl addbr xenintbr
2630 brctl stp xenintbr off
2631 brctl sethello xenintbr 0
2632 brctl setfd xenintbr 0
2633 ifconfig xenintbr 192.168.1.1 netmask 255.255.255.0 up
2635 or via /etc/network/interfaces (run ifup xenintbr to bring up the device then
2639 iface xenintbr inet static
2640 pre-up brctl addbr xenintbr
2641 post-down brctl delbr xenintbr
2643 netmask 255.255.255.0
2648 Setup forwarding (adjust $PUBLIC_IP; for permanet setup use /etc/sysctl.conf and
2649 add the iptables commands to a startup script like /etc/init.d/rc.local):
2651 echo 1 > /proc/sys/net/ipv4/ip_forward
2652 iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j SNAT --to $PUBLIC_IP
2653 iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to $PUBLIC_IP
2655 Adjust network configuration of Xend:
2657 cat >> /etc/xen/xend-config.sxp << EOF
2658 (network-script network-route)
2659 (vif-bridge xenintbr)
2660 (vif-script vif-bridge)
2663 List domains, start up a DomU, shutdown later again:
2665 xm create -c /etc/xen/xengrml1.cfg
2669 This HowTo is also available online at http://grml.org/xen/
2671 Tags: howto, xen, grml
2673 Play tetris with zsh:
2677 bindkey "^Xt" tetris
2679 Now press 'ctrl-x t'.
2681 Set up a router with grml
2683 Run grml-router script:
2686 Install dnsmasq if not already present:
2687 # apt-get update ; apt-get install dnsmasq
2689 Adjust /etc/dnsmasq.conf according to your needs:
2690 # cat >> /etc/dnsmasq.conf << EOF
2693 dhcp-range=19.168.0.124,192.168.0.254,1m # dhcp range
2694 dhcp-option=3,192.168.0.1 # dns server
2695 dhcp-option=1,255.255.255.0 # netmask
2698 Start dnsmasq finally:
2701 Tags: network, router, grml
2703 Display stats about memory allocations performed by a program:
2705 Usage example for 'ls':
2707 % LD_PRELOAD=/lib/libmemusage.so ls > /dev/null
2709 Use KVM (Kernel-based Virtual Machine for Linux):
2711 Make sure to install the relevant tools:
2712 # apt-get update ; apt-get install kvm
2715 Test it with a minimal system like ttylinux:
2716 # wget http://www.minimalinux.org/ttylinux/packages/bootcd-i386-5.3.iso.gz
2717 # gzip -d bootcd-i386-5.3.iso.gz
2718 # kvm -cdrom bootcd-i386-5.3.iso
2720 EEPROM data decoding for SDRAM DIMM modules:
2723 # /usr/share/doc/lm-sensors/examples/eeprom/decode-dimms.pl
2727 Make sure your device is supported by Linux and running.
2728 See http://www.linuxtv.org/ for more details.
2730 If the DVB device works on your system (see 'hwinfo --usb'
2731 when using a DVB usb device for example), then make sure you
2732 have the scan util from dvb-utils available:
2734 # aptitude install dvb-utils
2736 Then create a channels.conf configuration file:
2738 % scan /usr/share/doc/dvb-utils/examples/scan/... > ~/.mplayer/channels.conf
2740 You can find some example configuration files on
2741 your grml system in ~/.channels. Usage example:
2743 % ln -s ~/.mplayer/channels.conf-AT-graz ~/.mplayer/channels.conf
2745 Tip: w_scan (see http://free.pages.at/wirbel4vdr/w_scan/index2.html)
2746 might be useful if you do not know the initial configuration
2749 Get the lastest mercurial snapshot:
2751 Make sure you have the python-dev package available:
2752 # apt-get update ; apt-get install python-dev
2754 Get and build the source:
2755 % hg clone http://selenic.com/repo/hg mercurial
2758 % export PYTHONPATH=$(pwd)
2759 % export PATH=$PATH:$(pwd)
2761 now you should have the newest version of mercurial whenever you execute hg.
2763 To update to the lastest development snapshot, additionally use
2764 the following commands:
2765 % hg pull -u http://hg.intevation.org/mercurial/crew
2771 Available bootoptions relevant in live-cd mode:
2772 -----------------------------------------------
2774 * utc: set UTC, if your system clock is set to UTC (GMT)
2775 * gmt: set UTC, if your system clock is set to UTC (GMT) [like bootoption utc]
2776 * tz=$option: set timezone to corresponding $option, usage example:
2779 Configuration options relevant on harddisk installation:
2780 --------------------------------------------------------
2782 * Use the tzconfig utility to set the local timezone:
2786 which adjusts /etc/timezone and /etc/localtime according
2787 to the provided information. Running:
2789 # dpkg-reconfigure tzdata
2791 might be useful as well.
2793 * /etc/default/rcS: set variable UTC according to your needs,
2794 whether your system clock is set to UTC (UTC='yes') or
2797 * /etc/localtime: adjust zoneinfo according to your needs:
2799 # ln -sf /usr/share/zoneinfo/$WHATEVER_YOU_WANT /etc/localtime
2801 The zoneinfo directory contains the time zone files that were
2802 compiled by zic. The files contain information such as rules
2803 about DST. They allow the kernel to convert UTC UNIX time into
2804 appropriate local dates and times. Use the zdump utility to
2805 print current time and date (in the specified time zone).
2807 * /etc/adjtime: This file is used e.g. by the adjtimex function,
2808 which can smoothly adjust system time while the system runs
2810 * If you change the time (using 'date --set ...', ntpdate,...)
2811 it is worth setting also the hardware clock to the correct time:
2813 # hwclock --systohc [--utc]
2815 Remember to add the --utc -option if the hardware clock is set
2821 Check your current settings via:
2824 zdump /etc/localtime
2827 grep hwclock /etc/runlevel.conf
2828 grep '^UTC' /etc/default/rc
2830 Further information:
2831 --------------------
2833 hwclock(8) tzselect(1) tzconfig(8)
2834 http://www.debian.org/doc/manuals/system-administrator/ch-sysadmin-time.html
2835 http://wiki.debian.org/TimeZoneChanges
2837 Tags: timezone, rtc, configuration
2839 Recorder shellscript session using script:
2841 % script -t 2>~/upgrade.time -a ~/upgrade.script
2842 % scriptreplay ~/upgrade.time ~/upgrade.script
2844 Test UTF-8 capabilities of terminal:
2846 wget http://www.linux-cjk.net/Console/garabik/UTF-8-demo.txt.gz
2847 zcat UTF-8-demo.txt.gz
2851 wget http://www.cl.cam.ac.uk/~mgk25/ucs/examples/UTF-8-test.txt
2854 UTF-8 at grml / some general information regarding Unicde/UTF-8:
2856 http://wiki.grml.org/doku.php?id=utf8
2859 This allows one ssh connection attepmt per minute per source ip, with a initial
2860 burst of 10. The available burst is like a counter which is initialised with
2861 10. Every connection attempt decrements the counter, and every minute where the
2862 connection limit of one per minute is not overstepped the counter is
2863 incremented by one. If the burst counter is exhausted the real rate limit
2864 comes into play. This gives you 11 connectionattepmts in the first minute
2865 before blocked for 10minutes. After 10 minutes block the game restarts.
2867 Hint: you could set the burst value to 5 and the block time to only 5 minutes
2868 to achive the same average connection rate but with halve the block time.
2870 iptables -A inet_in -p tcp --syn --dport 22 -m hashlimit --hashlimit-name ssh \
2871 --hashlimit 1/minute \ --hashlimit-burst 10 --hashlimit-mode srcip \
2872 --hashlimit-htable-expire 600000 -j ACCEPT
2873 iptables -A inet_in -p tcp --dport 22 -m state --state NEW -j REJECT
2875 Tunnel a specific connection via socat:
2878 % socat TCP4-LISTEN:8003 TCP4:gateway:500
2881 # socat TCP4-LISTEN:500,fork TCP4:target:$PORT
2883 Using localhost:8003 on the client uses the tunnel now.
2887 # date --set=060916102007
2889 where the bits are month(2)/day(2)/hour(2)/minute(2)/year(4)
2891 Set date using a relative date:
2897 # date -s '+tomorrow'
2899 Display a specific relative date:
2901 # date -d '+5 days -2 hours'
2903 Don't forget to set hardware clock via:
2907 Booting grml via network / PXE:
2909 Start grml-terminalserver on a system with network access
2910 and where grml is running:
2912 # grml-terminalserver
2914 Then booting your client(s) via PXE should work without
2917 See: man grml-terminalserver + http://grml.org/terminalserver/
2919 Tags: howto, pxe, network, boot
2921 Debugging SSL communications:
2923 % openssl s_client -connect server.adress:993 > output_file
2924 % openssl x509 -noout -text -in output_file
2928 # ssldump -a -A -H -i eth0
2930 See http://prefetch.net/articles/debuggingssl.html for more details.
2932 Tags: debug, ssl, openssl
2934 Remove bootmanager from MBR:
2936 # lilo -M /dev/hda -s /dev/null
2940 Rewrite grub to MBR:
2943 # grub-install --recheck --no-floppy --root-directory=/mnt/sda1 /dev/sda
2947 Rewrite lilo to MBR:
2954 Create screenshot of plain/real console - tty1:
2956 # fbgrab -c 1 screeni.png
2958 Create screenshot when running X:
2962 Tip: use the gkrellshoot plugin when using gkrellm
2964 Tags: screenshot, xorg
2966 Redirect all connections to hostA:portA to hostB:portB, where hostA and hostB are
2969 Run the following commands on hostA:
2971 echo 1 > /proc/sys/net/ipv4/ip_forward
2972 iptables -t nat -A PREROUTING -p tcp --dport portA -j DNAT --to hostB:portB
2973 iptables -A FORWARD -i eth0 -o eth0 -d hostB -p tcp --dport portB -j ACCEPT
2974 iptables -A FORWARD -i eth0 -o eth0 -s hostB -p tcp --sport portB -j ACCEPT
2975 iptables -t nat -A POSTROUTING -p tcp -d hostB --dport portB -j SNAT --to-source hostA
2977 Tags: howto, network, redirect, port
2979 Flash BIOS without DOS/Windows:
2981 Dump flash info and set the flash chip to writable:
2984 Backup the original BIOS:
2985 # flashrom -r backup.bin
2987 Notice: the following step will overwrite your current BIOS!
2988 So make sure you really know what you are doing.
2990 Flash the BIOS image:
2991 # flashrom -wv newbios.bin
2993 Also check out LinuxBIOS: http://linuxbios.org/
2995 Enable shadow passwords:
2999 Set up an IPv6 tunnel on grml:
3003 Set up console newsreader slrn for use with Usenet:
3007 Calculate with IPv6 addresses:
3011 For usage examples refer to manpage ipv6calc(8).
3015 Common network debugging tools for use with IPv6:
3026 Set up NFS (Network File System):
3030 Make sure the relevant services are running on the server side:
3032 # /etc/init.d/portmap start
3033 # /etc/init.d/nfs-common start
3034 # /etc/init.d/nfs-kernel-server start
3036 Export shares via /etc/exports:
3038 /backups 192.168.1.100/24(rw,wdelay,no_root_squash,async,subtree_check)
3040 ... or manually export a directory running:
3042 # exportfs -o rw,wdelay,no_root_squash,async,subtree_check 192.168.1.100:/backups
3044 and unexport a share running:
3046 # exportfs -u 192.168.1.100:/backups
3048 and every time when you modify /etc/exports file run
3052 Display what NFS components are running:
3056 Display list of exported shares:
3064 Make sure the relevant services are running on the client side:
3066 # /etc/init.d/portmap start
3067 # /etc/init.d/nfs-common start
3069 Verify that the server allows you to access its RPC/NFS services:
3071 # rpcinfo -p server_name
3073 Check what directories the server exports:
3075 # showmount -e server_name
3077 On the client side you can use something like the following in /etc/fstab:
3079 192.168.1.101:/backups /mnt/nfs nfs defaults,users,wsize=8192,rsize=8192 0 0
3081 Tags: nfs, howto, network
3085 # aptitude install cloop-src
3088 # modprobe cloop file=/path/to/cloop/file
3089 # mount -r -t iso9660 /dev/cloop /mnt/test
3091 Create a PS/PDF of a plaintext file:
3093 % a2ps --medium A4dj -E -o output.ps input_file
3096 Print two pages on one in a PDF file:
3098 % pdfnup --nup 2x1 input.pdf
3100 Concatenate, extract pages/parts, encrypt/decrypt,
3101 compress PDFs using 'pdftk'.
3103 Read a PS/PDF file on console:
3107 or on plain framebuffer console in graphical mode:
3109 % pdf2ps file.pdf ; ps2png file.ps file.png ; fbi file.png
3115 Bypass the password of a PDF file:
3117 % gs -q -dNOPAUSE -sDEVICE=pdfwrite -sOutputFile=output.pdf input.pdf -c quit
3123 This will record a AIFF audio file.
3125 Change passphrase / password of an existing SSH key:
3129 Enable syntax highlighting in nano:
3131 Just uncomment the include directives for your respective
3132 language at the bottom of the file /etc/nanorc
3134 Create netboot package for grml-terminalserver:
3136 # bash /usr/share/doc/grml-terminalserver/examples/create-netboot
3138 To boot grml via network (PXE) check out grml-terminalserver:
3140 # grml-terminalserver
3142 See http://grml.org/terminalserver/ for more details.
3146 Using the 'Orientation' tag of the Exif header, rotate
3147 the image so that it is upright:
3148 % jhead -autorot *.jpg
3150 Manually rotate a picture:
3151 % convert -rotate 270 input.jpg output.jpg
3153 Rename files based on the information inside their exif header:
3155 % jhead -n%Y-%m-%d_%Hh%M_%f *.jpg
3157 This will rename a file named img_2071.jpg to something like:
3159 2007-08-17_10h38_img_2071.jpg
3161 if it was shot at 10:38 o'clock on 2007-08-17 (according to
3162 the information inside the exif header).
3164 Calculate network / netmask:
3167 % ipcalc 10.0.0.28 255.255.255.0
3168 % ipcalc 10.0.0.0/24
3170 Blacklist a kernel module:
3172 # blacklist <name_of_kernel_module>
3174 -> running 'blacklist hostap_cs' for example will generate an
3175 entry like this in /etc/modprobe.d/grml:
3180 To remove the module from the blacklist again just invoke:
3182 # unblacklist <name_of_kernel_module>
3184 or manually remove the entry from /etc/modprobe.d/grml.
3186 Create a Debian package of a perl module:
3188 % dh-make-perl --cpan Acme::Smirch --build
3190 The Magic SysRq Keys (SysReq or Sys Req, short for System Request):
3192 To reboot your system using the SysRq keys just hold down the Alt and
3193 SysRq (Print Screen) key while pressing the keys REISUB ("Raising
3194 Elephants Is So Utterly Boring").
3196 R = take the keyboard out of raw mode
3197 E = terminates all processes (except init)
3198 I = kills all processes (except init)
3199 S = synchronizes the disk(s)
3200 U = remounts all filesystems read-only
3201 B = reboot the system
3203 Notice: use O instead of B for poweroff.
3205 Or write the sequence to /proc/sysrq-trigger instead:
3207 # for i in r e i s u b ; do echo $i > /proc/sysrq-trigger ; done
3209 To enable or disable SysRq calls:
3211 # echo 0 > /proc/sys/kernel/sysrq
3212 # echo 1 > /proc/sys/kernel/sysrq
3214 See http://en.wikipedia.org/wiki/Magic_SysRq_key for more details.
3216 Tags: reboot, documentation, sysrq, magic
3220 Just boot your grml Live-CD with "memtest" to execute a memcheck/memtest
3223 Tunnel TCP-Traffic through DNS using dns2tcp:
3227 1. Create necessary DNS-Records:
3228 dnstun.example.com. 3600 IN NS host.example.com.
3229 dnstun.example.com. 3600 IN A 192.168.1.1
3230 host.example.com. 3600 IN A 192.168.1.1
3232 2. Configure dns2tcpd on host.example.com.:
3233 # cat /etc/dns2tcpd.conf
3234 listen = 192.168.1.1 #the ip dns2tcpd should listen on
3235 port = 53 #" port " " " "
3238 domain = dnstun.example.com. # the zone as specified inside dns
3239 ressources = ssh:127.0.0.1:22 # available resources
3241 3. Start the daemon:
3242 # cat > /etc/default/dns2tcp << EOF
3243 # Set ENABLED to 1 if you want the init script to start dns2tcpd.
3247 # /etc/init.d/dns2tcp start
3251 You have two possibilities:
3252 - Use the DNS inside your network (DNS must allow resolving for external domains)
3253 # grep nameserver /etc/resolv.conf
3254 nameserver 172.16.42.1
3255 # dns2tcpc -z dnstun.example.com 172.16.42.1
3256 Available connection(s) :
3258 # dns2tcpc -r ssh -l 2222 -z dnstun.example.com 172.16.42.1 &
3259 Listening on port : 2222
3260 # ssh localhost -p 2222
3261 user@host.example.com:~#
3263 - Directly contact the endpoint (port 53 UDP must be allowed outgoing)
3264 # dns2tcpc -z dnstun.example.com dnstun.example.com
3265 Available connection(s) :
3267 # dns2tcpc -r ssh -l 2222 -z dnstun.example.com dnstun.example.com &
3268 Listenning on port : 2222
3269 # ssh localhost -p 2222
3270 user@host.example.com:~#
3272 Notice: using 'ssh -D 8080 ..' you will get a socks5-proxy listening on
3273 localhost:8080 which you can use to tunnel everything through your "dns-uplink".
3275 Tags: howto, network, tunnel
3277 Configure a MadWifi device for adhoc mode:
3279 Disable the autocreation of athX devices:
3280 # echo "options ath_pci autocreate=none" > /etc/modprobe.d/madwifi
3282 Remove the autocreated device for now:
3283 # wlanconfig ath0 destroy
3285 Configuration in /etc/network/interfaces:
3287 iface ath0 inet static
3293 - Do not use interface names without ending 0 (otherwise startup fails).
3294 - Only chooss unique names for interfaces.
3296 Find dangling symlinks using zsh:
3300 Use approx with runit supervision
3301 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3303 Install the packages:
3304 # apt-get install approx runit
3306 Add user approxlog for the logging daemon:
3307 # adduser --system --home /nonexistent --no-create-home approxlog
3309 Create config directory:
3310 # mkdir /etc/sv/approx
3312 Use /var/run/sv.approx as supervise directory:
3313 # ln -s /var/run/sv.approx /etc/sv/approx/supervise
3315 # cat > /etc/sv/approx/run << EOF
3317 echo 'approx starting'
3321 You normally do not need a logging service for approx because it logs
3322 to syslog too. So just for completion:
3323 # mkdir -p /etc/sv/approx/log
3324 # ln -s /var/run/sv.approx.log /etc/sv/approx/log/supervise
3325 # cat > /etc/sv/approx/log/run << EOF
3328 LOG="/var/log/approx"
3329 test -d "$LOG" || mkdir -p -m2750 "$LOG" && chown approxlog:adm "$LOG"
3330 exec chpst -uapproxlog svlogd -tt -v "$LOG"
3333 Now activate the new approx service (will be started within 5s):
3334 # ln -s /etc/sv/approx/ /var/service/
3336 Make approx managed via runit available via init-script interface:
3337 # dpkg-divert --local --rename /etc/init.d/approx
3338 # ln -s /usr/bin/sv /etc/init.d/approx
3340 Remote-reboot a grml system using SysRQ via /proc (execute as root):
3345 echo b > /proc/sysrq-trigger
3347 Tags: reboot, howto, grml, network
3349 Show what happens on /dev/sda0:
3351 # mount the debugfs to relay kernel info to userspace
3352 mount -t debugfs none /sys/kernel/debug
3354 # is a convenient wrapper arround blktrace and blkparse
3357 Tags: debug, block, partition, trace
3359 Convert Flash to Avi:
3361 % ffmpeg -i input.flv output.avi
3363 Extract MP3 from Flash file:
3365 % for i in *.flv; do ffmpeg -i $i -acodec copy ${i%.flv}.mp3 ; done
3367 Usage example for cryptsetup / -luks encrypted partition on LVM:
3369 volume group name: x61
3370 logical volume name: home
3372 echo "grml-crypt_home /dev/mapper/x61-home none luks" >> /etc/crypttab
3374 mount /dev/mapper/grml-crypt_home /mnt/test
3376 fdisk/parted/... complains with something like
3377 'unable to open /dev/sda - unrecognised disk label'?!
3379 See http://grml.org/faq/#fdisk =>
3381 * use /sbin/fdisk.distrib from util-linux
3382 * switch to sfdisk, cfdisk,...
3383 * use parted's mklabel command (but please read the
3384 parted manual before executing this command)
3386 dmraid - support for SW-RAID / FakeRAID controllers
3387 like Highpoint HPT and Promise FastTrack
3389 Activate all software RAID sets discovered:
3392 Deactivates all active software RAID sets:
3395 Discover all software RAID devices supported on the system:
3398 Extract winmail.dat:
3403 Extract files to current directory:
3404 % ytnef -f . winmail.dat
3406 Approx - Debian package proxy/cacher howto
3408 % apt-get install approx
3409 % echo 'debian http://ftp.de.debian.org/debian' >>/etc/approx/approx.conf
3412 Add your new approx to sources.list
3415 deb http://localhost:9999/debian unstable main contrib non-free
3417 use approx in grml-debootstrap like:
3418 % grml-debootstrap -r lenny -t /dev/sda1 -m http://127.0.0.1:9999/debian
3420 Simple webserver with python:
3422 % python -m SimpleHTTPServer
3424 Upgrade only packages from the grml-stable Debian repository:
3426 echo 'deb http://deb.grml.org/ grml-stable main' > /etc/apt/grml-stable.list
3427 apt-get -o Dir::Etc::sourcelist=/etc/apt/grml-stable.list -o Dir::Etc::sourceparts=/doesnotexist update
3430 Install Centos into a directory:
3432 % febootstrap centos-5 directory http://mirror.centos.org/centos-5/5.3/os/i386/
3434 Install Fedora into a directory:
3436 % febootstrap fedora-11 target_directory
3438 Use Nessus / OpenVAS (remote network security auditor):
3440 Install software packages:
3442 # apt-get install openvas-client openvas-server openvas-plugins-base openvas-plugins-dfsg
3447 Start openvas server (takes a while):
3448 # Start openvas-server
3450 Invoke client as user:
3453 Find packages not available from any active apt repository:
3455 % apt-show-versions | awk '/No available version in archive/{print $1}'
3457 Simple mailserver with python:
3459 % python -m smtpd -n -c DebuggingServer localhost:1025
3463 echo $USER | nc $HOST 79
3465 Install Archlinux using Grml:
3467 https://wiki.archlinux.org/index.php/Install_from_Existing_Linux
3469 wget http://tokland.googlecode.com/svn/trunk/archlinux/arch-bootstrap.sh
3471 Export blockdevices via AoE (ATA over Ethernet):
3473 % vblade -m 11:22:33:44:55:66 160 2 eth0 /dev/sdb1
3475 Allow the host with the mac address 11:22:33:44:55:66 to access /dev/sdb1
3476 via eth0, using the shelf and slot numbers 160 and 2. These numbers are
3477 arbitrary but should be unique within the network.
3479 A word of warning: AoE is prone to all kind of nasty ethernet attacks,
3480 especially arp spoofing. Do not use in hostile networks.
3482 Tags: aoe, blockdevice, export, server
3484 Access blockdevices via AoE (ATA over Ethernet):
3488 and the device should show up under /dev/etherd/. If your shelf and
3489 slot numbers re 160 and 2 the device will be /dev/etherd/e160.2
3491 A word of warning: AoE is prone to all kind of nasty ethernet attacks,
3492 especially arp spoofing. Do not use in hostile networks.
3494 Tags: aoe, blockdevice, export, client