# grml-crypt format /mnt/external1/encrypted_file /mnt/test
# cp big_file /mnt/test
-# grml-crypt stop /mnt/test
+# grml-crypt stop /mnt/test
Use:
When running grml:
% most /usr/share/doc/grml-docs/grml-cheatcodes.txt.gz
--
-Report bugs:
+Report bugs to Debian's Bug Tracking System (BTS):
+
+% reportbug --bts debian
-% reportbug
+or adjust /etc/reportbug.conf to your needs.
See:
+
http://grml.org/bugs/
- http://bugs.grml.org/
+ http://www.debian.org/Bugs/
--
Offline documentation:
Improved grep version:
% glark
+--
+Grep with highlighting:
-glark grep extract-matches
+% grep --color=auto ...
+% hgrep ...
--
-Highlith
+Extract matches when grepping:
-grepc
-hgrep
+Usage examples:
+% ifconfig | grepc 'inet addr:(.*?)\s'
+% ifconfig | glark --extract-matches 'inet addr:(.*?)\s'
--
Output text as sound:
Or run one of the following commands:
% grml-lang de
-or
+or
# loadkeys i386/qwertz/de-latin1-nodeadkeys.kmap.gz # console
% setxkbmap de # X11
--
recode ibmpc..lat1 file # convert using recode
echo -e "s/\r//g" > dos2unix.sed; sed -f dos2unix.sed < dosfile > unixfile
--
-Save live stream to file:
+Save live audio stream to file:
-% mplayer -ao pcm -aofile $FILE
+% mplayer -ao pcm:file=$FILE
or
WMV:
-% mencoder file1.wmv -ovc lavc -oac lavc -ofps 25 -srate 48000 -o file1.avi
-% mencoder file2.wmv -ovc lavc -oac lavc -ofps 25 -srate 48000 -o file2.avi
+% mencoder file1.wmv -ovc lavc -oac lavc -ofps 25 -srate 48000 -mc 0 -noskip -forceidx -o file1.avi
+% mencoder file2.wmv -ovc lavc -oac lavc -ofps 25 -srate 48000 -mc 0 -noskip -forceidx -o file2.avi
% avimerge -i file1.avi file2.avi -o blub.avi
--
Display MS-Word file:
Develop, test and use exploit code with the Metasploit Framework:
cd /tmp
-unp /usr/share/grml-sectools/tools/metasploit_framework*.tar.gz
+wget http://www.metasploit.com/tools/framework-2.7-snapshot.tar.gz
+unp framework-2.7-snapshot.tar.gz
cd framework*
./msfcli
--
% netcat -v -l -p 3333 -e /bin/sh
remote host:
-% netcat 192.168.0.1 3333
+% netcat 192.168.0.1 3333
+--
+Reverse Shell via SSH:
+
+local host (inside the network):
+% ssh -NR 1234:localhost:22 remote_host
+
+remote host (outside the network):
+% ssh localhost -p 1234
--
Remove empty directories with zsh:
umount /mnt/test && reboot # unmount partition and reboot...
See also: http://www.debian.org/releases/stable/i386/apcs04.html.en
+Avoid all of the above steps - use grml-debootstrap(8) instead!
--
Install (plain) Debian (etch release) via grml
apt-get install vim most zsh screen less initrd-tools file grub \
usbutils pciutils bzip2 sysfsutils dhcp3-client resolvconf \
strace lsof w3m # install useful software
-apt-get install linux-headers-2.6-686 linux-image-2.6.15-1-686 # install current kernel
+apt-get install linux-headers-2.6-686 linux-image-686 # install current kernel
echo "127.0.0.1 localhost" > /etc/hosts # adjust /etc/hosts and network:
cat >> /etc/network/interfaces << EOF
-iface lo inet loopback
+iface lo inet loopback
iface eth0 inet dhcp
auto lo
auto eth0
sysfs /sys sysfs auto 0 0
proc /proc proc defaults 0 0
/dev/sda1 / ext3 defaults,errors=remount-ro 0 1
-/dev/sda2 none swap sw 0 0
+/dev/sda2 none swap sw 0 0
/dev/cdrom /mnt/cdrom0 iso9660 ro,user,noauto 0 0
EOF
passwd # set password of user root
mkdir /boot/grub # setup grub
cp /usr/share/doc/grub/examples/menu.lst /boot/grub
cat >> /boot/grub/menu.lst << EOF
-title Debian Etch, kernel 2.6.15-1-686 (on /dev/sda1)
+title Debian Etch, kernel 2.6.18-3-686 (on /dev/sda1)
root (hd0,0)
-kernel /boot/vmlinuz-2.6.15-1-686 root=/dev/sda1 ro
-initrd /boot/initrd.img-2.6.15-1-686
+kernel /boot/vmlinuz-2.6.18-3-686 root=/dev/sda1 ro
+initrd /boot/initrd.img-2.6.18-3-686
EOF
vim /boot/grub/menu.lst # adjust grub configuration to your needs
cd /dev && MAKEDEV generic # create default devices
-cp -i /lib/grub/i386-pc/* /boot/grub/ # copy stage-files to /boot/grub/
+cp -i /usr/lib/grub/i386-pc/* /boot/grub/ # copy stage-files to /boot/grub/
grub install # now install grub, run in grub-cmdline following commands:
> root (hd0,0)
> setup (hd0)
map=/boot/map
vga=normal
-image=/boot/vmlinuz-2.6.17-grml
- label="2.6.17-grml"
+image=/boot/vmlinuz-2.6.18-grml
+ label="2.6.18-grml"
#append="...."
read-only
- initrd=/boot/initrd.img-2.6.17-grml
+ initrd=/boot/initrd.img-2.6.18-grml
EOF
See also: http://www.debian.org/releases/stable/i386/apcs04.html.en
+Avoid all of the above steps - use grml-debootstrap(8) instead!
--
Convert files from Unicode / UTF to ISO:
Estable OpenSSL-connection using self-signed-certificate.pem and display certificate:
# openssl s_client -showcerts -CAfile self-signed-certificate.pem -connect www.example.com:443
-Also take a look at make-ssl-cert (debconf wrapper for openssl)
+Generate ssl-certificate for use with apache2:
+
+export RANDFILE=/dev/random
+mkdir /etc/apache2/ssl/
+openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/ssl/apache.pem -keyout /etc/apache2/ssl/apache.pem
+chmod 600 /etc/apache2/ssl/apache.pem
+
+Also take a look at make-ssl-cert (debconf wrapper for openssl):
+
+# /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/apache.pem
+
and mod-ssl-makecert (utility to create SSL certificates in /etc/apache/ssl.*/).
--
Change Windows NT password(s):
Notice: if mounting the partition read-write did not work (check syslog!)
try using mount.ntfs-3g instead: mount.ntfs-3g /dev/hda1 /mnt/hda1
-(Be careful with deactivating syskey!)
+(Be careful with deactivating syskey!)
--
glark - replacement for grep written in Ruby:
# tune2fs -O dir_index /dev/iceX
-Now run e2fsck with the -D option to have the directories optimized:
+Now run e2fsck with the -D option to have the directories optimized:
# e2fsck -D /dev/iceX
Mount wikipedia local via fuse:
Adjust configuration:
-% cat ~/.wikipediafs/config.xml
+% cat ~/.wikipediafs/config.xml
<wfs-config>
<general>
<article-cache-time>300</article-cache-time>
Host *
RemoteForward 1234 127.0.0.1:1234
ForwardAgent yes
+
+Notice: if you get 'ABORT: Requested font not found' make sure the
+requested font is available, running 'LANG=C LC_ALL=C osd_server.py...'
+might help as well.
--
Avoid automatical startup of init scripts via invoke-rc.d:
--
Setup an HTTPS website:
-create a certificate:
+Create a certificate:
-/usr/sbin/apache2-ssl-certificate -days 365
+# mkdir /etc/apache2/ssl
+# make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
Create a virtual host on port 443:
Enable listening on the HTTPS port (/etc/apache2/ports.conf):
Listen 443
+
+and make sure the SSL module is used:
+
+# a2enmod ssl
--
Useful Apache / Apache2 stuff
Adjust system for use of qemu with kqemu:
Make sure you have all you need:
-# apt-get update ; apt-get install qemu grml-kerneladdons
+# apt-get update ; apt-get install qemu grml-kerneladdons-$KERNELVERSION
Then set up kqemu:
Usage examples:
-# mptstat -P ALL
+# mpstat -P ALL
# iostat -x 1
# iostat -xtc 5 3
# vmstat 1
--
Install initrd via initramfs-tools for currently running kernel:
-# update-initramfs -u -t -k $(uname -r)
+# update-initramfs -c -t -k $(uname -r)
--
Install initrd via yaird for currently running kernel:
Install initrd via yaird for specific kernel:
-# mount /proc
+# mount /proc
# mount /sys
# yaird -o /boot/initrd.img-2.6.15-1-686 2.6.15-1-686
--
Notice: online resizing works as soon as the kernel can re-read the
partition table. So it works for example with LVM and SW-RAID but not with
a plain device (/dev/[sh]d*). The kernel does not re-read the partition
-table if the device is already mounted.
+table if the device is already mounted.
--
Use vim as an outline editor:
# mdadm --grow /dev/md0 --raid-devices=4
Assemble and start all arrays:
-# mdadm --assemble --scan
+# mdadm --assemble --scan
Assemble a specific array:
-# mdadm --assemble /dev/md0 /dev/sda1 /dev/sdb1 /dev/sdc1
+# mdadm --assemble /dev/md0 /dev/sda1 /dev/sdb1 /dev/sdc1
Resync:
# mdadm --assemble --run --force --update=resync /dev/md0 /dev/sda1 /dev/sda2
Stop and rebuild:
# mdadm --stop --scan
-# mdadm --assemble /dev/md0 --auto --scan --update=summaries --verbose
+
+Scan for and setup arrays automatically:
+# mdadm --assemble --scan --auto=yes --verbose
+
+Notice: If the above does not work make sure /etc/mdadm/mdadm.conf contains:
+DEVICE partitions
+CREATE owner=root group=disk mode=0660 auto=yes
+HOMEHOST <system>
+MAILADDR root
+
+Running
+# /usr/share/mdadm/mkconf > /etc/mdadm/mdadm.conf
+might help as well.
Monitoring the sw raid
-# nohup mdadm --monitor --mail=root@localhost --delay=300 /dev/md0
+# nohup mdadm --monitor --mail=root@localhost --delay=300 /dev/md0
+
+Producing /etc/mdadm/mdadm.conf:
+# mdadm --detail --scan > /etc/mdadm/mdadm.conf
See also: man mdadm | less -p "^EXAMPLES"
http://www.tldp.org/HOWTO/Software-RAID-HOWTO.html
Create a snapshot of a logical volume:
# lvcreate -L 500M --snapshot -n mysnap /dev/testvg/test_lv
-Deactivate a volume group:
+Deactivate a volume group:
# vgchange -a n my_volume_group
-Actually remove a volume group:
+Actually remove a volume group:
# vgremove my_volume_group
Display information about physical volume:
Sometimes you have lots of packages .deb that you would like to use APT to
install so that the dependencies would be automatically solved. Solution:
-mkdir ~debs
+mkdir debs
dpkg-scanpackages debs /dev/null | gzip > debs/Packages.gz
echo " deb file:/root debs/" >> /etc/apt/sources.list
dpkg-scansources debs | gzip > debs/Sources.gz
Measure network performance using ipserf
Server side:
-% iperf -s -V
+% iperf -s -V
Client side:
% iperf -c <server_address> -V
APT_LISTBUGS_FRONTEND=none apt-get ...
--
-Set up a Transparent Debian Proxy
+Set up a Transparent Debian Proxy
-Install of apt-cacher, the default config will do:
+Install of apt-cacher, the default config will do:
# apt-get install apt-cacher
Check out the ip address of debian mirror(s).
-Then add this to your firewall script:
+Then add this to your firewall script:
DEBIAN_MIRRORS="141.76.2.4 213.129.232.18"
for ip in ${DEBIAN_MIRRORS} ; do
Acquire::http::Proxy "http://localhost:3142/";
--
+Version control using Mercurial
+
+Setting up a Mercurial project:
+
+% cd project
+% hg init # creates .hg
+% hg add # add all files
+% hg commit # commit all changes, edit changelog entry
+
+Branching and merging:
+
+% hg clone linux linux-work # create a new branch
+% cd linux-work
+<make changes>
+% hg commit
+% cd ../linux
+% hg pull ../linux-work # pull changesets from linux-work
+% hg merge # merge the new tip from linux-work into
+ # (old versions used "hg update -m" instead)
+ # our working directory
+% hg commit # commit the result of the merge
+
+Importing patches:
+
+% cat ../p/patchlist | xargs hg import -p1 -b ../p
+
+Exporting a patch:
+
+(make changes)
+% hg commit
+% hg tip
+1234:af3b5cd57dd5
+% hg export 1234 > foo.patch # export changeset 1234
+
+Export your current repo via HTTP with browsable interface:
+
+% hg serve -n "My repo" -p 80
+
+Pushing changes to a remote repo with SSH:
+
+% hg push ssh://user@example.com/~/hg/
+
+Merge changes from a remote machine:
+
+host1% hg pull http://foo/
+host2% hg merge # merge changes into your working directory
+
+Set up a CGI server on your webserver:
+% cp hgwebdir.cgi ~/public_html/hg/index.cgi
+% $EDITOR ~/public_html/hg/index.cgi # adjust the defaults
+
+Mercurial repositories of grml can be found at http://hg.grml.org/
+--
+Download binary codecs for mplayer:
+
+# /usr/share/mplayer/scripts/win32codecs.sh
+
+or
+
+# /usr/share/mplayer/scripts/binary_codecs.sh install
+
+(depending on the mplayer version you have).
+
+To play encrypted DVDs and if you are living in a country where using
+libdvdcss code is not illegal can install Debian package libdvdread3
+and use the script /usr/share/doc/libdvdread3/install-css.sh.
+--
+Read manpages of uninstalled packages with debman:
+
+% debman -p git-core git
+--
+Test network performance using netperf:
+
+Server:
+# netserver
+
+Client:
+# netperf -t TCP_STREAM -H 192.168.0.41
+--
+Setup Xen within 20 minutes on Debian/grml
+
+Install relevant software und update grub's menu.lst (Xen does not work with
+usual lilo so install grub instead if not done already):
+
+apt-get install linux-image-2.6.18-1-xen-686 xen-hypervisor-3.0.3-1-i386 \
+ xen-utils-3.0.3-1 xen-tools bridge-utils
+update-grub
+
+Example for installation of Debian etch as DomU:
+
+mkdir /mnt/md1/xen
+xen-create-image --debootstrap --dir=/mnt/md1/xen --size=2Gb --memory=512Mb --fs=ext3 \
+ --cache=yes --dist=etch --hostname=xengrml1 --ip 192.168.1.2 --netmask 255.255.255.0 \
+ --gateway 192.168.1.1 --initrd=/boot/initrd.img-2.6.18-1-xen-686 \
+ --kernel=/boot/vmlinuz-2.6.18-1-xen-686 --mirror=http://ftp.at.debian.org/debian/
+
+Start services:
+
+/etc/init.d/xend start
+/etc/init.d/xendomains start
+
+Setup a bridge for network, either manually:
+
+brctl addbr xenintbr
+brctl stp xenintbr off
+brctl sethello xenintbr 0
+brctl setfd xenintbr 0
+ifconfig xenintbr 192.168.1.1 netmask 255.255.255.0 up
+
+or via /etc/network/interfaces (run ifup xenintbr to bring up the device then
+without rebooting):
+
+auto xenintbr
+iface xenintbr inet static
+ pre-up brctl addbr xenintbr
+ post-down brctl delbr xenintbr
+ address 192.168.1.1
+ netmask 255.255.255.0
+ bridge_fd 0
+ bridge_hello 0
+ bridge_stp off
+
+Setup forwarding (adjust $PUBLIC_IP; for permanet setup use /etc/sysctl.conf and
+add the iptables commands to a startup script like /etc/init.d/rc.local):
+
+echo 1 > /proc/sys/net/ipv4/ip_forward
+iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j SNAT --to $PUBLIC_IP
+iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to $PUBLIC_IP
+
+Adjust network configuration of Xend:
+
+cat >> /etc/xen/xend-config.sxp << EOF
+(network-script network-route)
+(vif-bridge xenintbr)
+(vif-script vif-bridge)
+EOF
+
+List domains, start up a DomU, shutdown later again:
+
+xm create -c /etc/xen/xengrml1.cfg
+xm list
+xm shutdown 1
+
+This HowTo is also available online at http://grml.org/xen/
+--
+Play tetris with zsh:
+
+autoload -U tetris
+zle -N tetris
+bindkey "^Xt" tetris
+
+Now press 'ctrl-x t'.
+--
+Set up a router with grml
+
+Run grml-router script:
+# grml-router
+
+Install dnsmasq if not already present:
+# apt-get update ; apt-get install dnsmasq
+
+Adjust /etc/dnsmasq.conf according to your needs:
+# cat >> /etc/dnsmasq.conf << EOF
+domain-needed
+bogus-priv
+dhcp-range=19.168.0.124,192.168.0.254,1m # dhcp range
+dhcp-option=3,192.168.0.1 # dns server
+dhcp-option=1,255.255.255.0 # netmask
+EOF
+
+Start dnsmasq finally:
+# Restart dnsmasq
+--
+Find out which process(es) cause the disk to spin up:
+
+# echo 1 > /proc/sys/vm/block_dump
+
+The command sets a sysctl to cause the kernel to log all disk
+writes. Please notice that there is a lot of data.
+
+See: $KERNEL-SOURCE/Documentation/laptop-mode.txt
+
+Also take a look at event-viewer(8).
+--
+Display stats about memory allocations performed by a program:
+
+Usage example for 'ls':
+
+% LD_PRELOAD=/lib/libmemusage.so ls > /dev/null
+--
+Use KVM (Kernel-based Virtual Machine for Linux):
+
+Make sure to install the relevant tools:
+# apt-get update ; apt-get install kvm
+# modprobe kvm
+
+Test it with a minimal system like ttylinux:
+# wget http://www.minimalinux.org/ttylinux/packages/bootcd-i386-5.3.iso.gz
+# gzip -d bootcd-i386-5.3.iso.gz
+# kvm -cdrom bootcd-i386-5.3.iso
+--
+EEPROM data decoding for SDRAM DIMM modules:
+
+# modprobe eeprom
+# /usr/share/doc/lm-sensors/examples/eeprom/decode-dimms.pl
+--
+Set up and use DVB:
+
+Make sure your device is supported by Linux and running.
+See http://www.linuxtv.org/ for more details.
+
+If the DVB device works on your system (see 'hwinfo --usb'
+when using a DVB usb device for example), then make sure you
+have the scan util from dvb-utils available:
+
+# aptitude install dvb-utils
+
+Then create a channels.conf configuration file:
+
+% scan /usr/share/doc/dvb-utils/examples/scan/... > ~/.mplayer/channels.conf
+
+You can find some example configuration files on
+your grml system in ~/.channels. Usage example:
+
+% ln -s ~/.mplayer/channels.conf-AT-graz ~/.mplayer/channels.conf
+
+Tip: w_scan (see http://free.pages.at/wirbel4vdr/w_scan/index2.html)
+might be useful if you do not know the initial configuration
+details.
+--
+Get the lastest mercurial snapshot:
+
+Make sure you have the python-dev package available:
+# apt-get update ; apt-get install python-dev
+
+Get and build the source:
+% hg clone http://selenic.com/repo/hg mercurial
+% cd mercurial
+% make local
+% export PYTHONPATH=$(pwd)
+% export PATH=$PATH:$(pwd)
+
+now you should have the newest version of mercurial whenever you execute hg.
+
+To update to the lastest development snapshot, additionally use
+the following commands:
+% hg pull -u http://hg.intevation.org/mercurial/crew
+% make local
+--
projects / grml-tips.git / blobdiff