X-Git-Url: http://git.grml.org/?p=grml-tips.git;a=blobdiff_plain;f=grml_tips;h=b26d5d94e111fcae2c8edce013e6080cebf821e4;hp=71b834fe267ea0fa079cc34abe0f9e5410847ee1;hb=873c857ff67e6ce682059a758a91549df9cfa9ac;hpb=6b52a993e2953e0ae77ec2f85d7234695ec16225 diff --git a/grml_tips b/grml_tips index 71b834f..b26d5d9 100644 --- a/grml_tips +++ b/grml_tips @@ -43,12 +43,6 @@ Configure network: # grml-network -- -Boot grml via network: - -# grml-terminalserver - -See: man grml-terminalserver + http://grml.org/terminalserver/ --- Deactivate error correction of zsh: % NOCOR=1 zsh @@ -134,7 +128,7 @@ Initialize: # grml-crypt format /mnt/external1/encrypted_file /mnt/test # cp big_file /mnt/test -# grml-crypt stop /mnt/test +# grml-crypt stop /mnt/test Use: @@ -210,13 +204,16 @@ On the grml-ISO if not running grml: When running grml: % most /usr/share/doc/grml-docs/grml-cheatcodes.txt.gz -- -Report bugs: +Report bugs to Debian's Bug Tracking System (BTS): + +% reportbug --bts debian -% reportbug +or adjust /etc/reportbug.conf to your needs. See: + http://grml.org/bugs/ - http://bugs.grml.org/ + http://www.debian.org/Bugs/ -- Offline documentation: @@ -410,13 +407,17 @@ Test sound: Improved grep version: % glark +-- +Grep with highlighting: -glark grep extract-matches +% grep --color=auto ... +% hgrep ... -- -Highlith +Extract matches when grepping: -grepc -hgrep +Usage examples: +% ifconfig | grepc 'inet addr:(.*?)\s' +% ifconfig | glark --extract-matches 'inet addr:(.*?)\s' -- Output text as sound: @@ -500,7 +501,7 @@ Switch language / keyboard: Or run one of the following commands: % grml-lang de -or +or # loadkeys i386/qwertz/de-latin1-nodeadkeys.kmap.gz # console % setxkbmap de # X11 -- @@ -570,13 +571,21 @@ vim -c "se ff=dos|x" file # ... and even shorter ;) recode ibmpc..lat1 file # convert using recode echo -e "s/\r//g" > dos2unix.sed; sed -f dos2unix.sed < dosfile > unixfile -- +Save live audio stream to file: + +% mplayer -ao pcm:file=$FILE $URL +-- Save live stream to file: -% mplayer -ao pcm -aofile $FILE +% mplayer -dumpfile $FILE -dumpstream $STREAM or -% mencoder mms://file.wmv -o $FILE -ovc copy -oac copy +% mencoder mms://$URL -o $FILE -ovc copy -oac copy + +or + +% mimms mms://file.wmv -- Merge video files: @@ -590,8 +599,8 @@ MPEG: WMV: -% mencoder file1.wmv -ovc lavc -oac lavc -ofps 25 -srate 48000 -o file1.avi -% mencoder file2.wmv -ovc lavc -oac lavc -ofps 25 -srate 48000 -o file2.avi +% mencoder file1.wmv -ovc lavc -oac lavc -ofps 25 -srate 48000 -mc 0 -noskip -forceidx -o file1.avi +% mencoder file2.wmv -ovc lavc -oac lavc -ofps 25 -srate 48000 -mc 0 -noskip -forceidx -o file2.avi % avimerge -i file1.avi file2.avi -o blub.avi -- Display MS-Word file: @@ -618,7 +627,7 @@ Read BIOS: -- Read HTTP via netcat: -echo "GET / HTTP/1.0\r\n\r\n" | netcat $DOMAIN 80 +echo -e "GET / HTTP/1.1\r\nHost: $DOMAIN\r\n\r\n" | netcat $DOMAIN 80 -- Get X ressources for specific program: @@ -652,7 +661,9 @@ to get a list of all supported trees -- Transfer your SSH public key to another host: -% ssh-copy-id -i ~/.ssh/id_dsa.pub user@remote-system +% ssh-keygen # ssh-keygen / ssh-key-gen: if you don't have a key yet +[...] +% ssh-copy-id -i ~/.ssh/id_rsa.pub user@remote-system or % cat $HOME/.ssh/id_rsa.pub | ssh user@remote-system 'cat >> .ssh/authorized_keys' -- @@ -697,8 +708,9 @@ Write back the guessed table: Develop, test and use exploit code with the Metasploit Framework: cd /tmp -unp /usr/share/grml-sectools/tools/metasploit_framework*.tar.gz -cd framework* +wget http://spool.metasploit.com/releases/framework-3.2.tar.gz +unp framework-3.2.tar.gz +cd framework-3.2 ./msfcli -- Useful documentation: @@ -849,7 +861,15 @@ local host: % netcat -v -l -p 3333 -e /bin/sh remote host: -% netcat 192.168.0.1 3333 +% netcat 192.168.0.1 3333 +-- +Reverse Shell via SSH: + +local host (inside the network): +% ssh -NR 1234:localhost:22 remote_host + +remote host (outside the network): +% ssh localhost -p 1234 -- Remove empty directories with zsh: @@ -985,6 +1005,7 @@ cp /etc/network/interfaces /mnt/test/etc/network/ # ...from the running grml sys umount /mnt/test && reboot # unmount partition and reboot... See also: http://www.debian.org/releases/stable/i386/apcs04.html.en +Avoid all of the above steps - use grml-debootstrap(8) instead! -- Install (plain) Debian (etch release) via grml @@ -1000,11 +1021,11 @@ dpkg-reconfigure locales console-data # adjust locales to your needs apt-get install vim most zsh screen less initrd-tools file grub \ usbutils pciutils bzip2 sysfsutils dhcp3-client resolvconf \ strace lsof w3m # install useful software -apt-get install linux-headers-2.6-686 linux-image-2.6.15-1-686 # install current kernel +apt-get install linux-headers-2.6-686 linux-image-686 # install current kernel echo "127.0.0.1 localhost" > /etc/hosts # adjust /etc/hosts and network: cat >> /etc/network/interfaces << EOF -iface lo inet loopback +iface lo inet loopback iface eth0 inet dhcp auto lo auto eth0 @@ -1015,7 +1036,7 @@ cat >> /etc/fstab << EOF sysfs /sys sysfs auto 0 0 proc /proc proc defaults 0 0 /dev/sda1 / ext3 defaults,errors=remount-ro 0 1 -/dev/sda2 none swap sw 0 0 +/dev/sda2 none swap sw 0 0 /dev/cdrom /mnt/cdrom0 iso9660 ro,user,noauto 0 0 EOF passwd # set password of user root @@ -1023,14 +1044,14 @@ passwd # set password of user root mkdir /boot/grub # setup grub cp /usr/share/doc/grub/examples/menu.lst /boot/grub cat >> /boot/grub/menu.lst << EOF -title Debian Etch, kernel 2.6.15-1-686 (on /dev/sda1) +title Debian Etch, kernel 2.6.18-3-686 (on /dev/sda1) root (hd0,0) -kernel /boot/vmlinuz-2.6.15-1-686 root=/dev/sda1 ro -initrd /boot/initrd.img-2.6.15-1-686 +kernel /boot/vmlinuz-2.6.18-3-686 root=/dev/sda1 ro +initrd /boot/initrd.img-2.6.18-3-686 EOF vim /boot/grub/menu.lst # adjust grub configuration to your needs cd /dev && MAKEDEV generic # create default devices -cp -i /lib/grub/i386-pc/* /boot/grub/ # copy stage-files to /boot/grub/ +cp -i /usr/lib/grub/i386-pc/* /boot/grub/ # copy stage-files to /boot/grub/ grub install # now install grub, run in grub-cmdline following commands: > root (hd0,0) > setup (hd0) @@ -1061,55 +1082,47 @@ timeout=1 map=/boot/map vga=normal -image=/boot/vmlinuz-2.6.17-grml - label="2.6.17-grml" +image=/boot/vmlinuz-2.6.18-grml + label="2.6.18-grml" #append="...." read-only - initrd=/boot/initrd.img-2.6.17-grml + initrd=/boot/initrd.img-2.6.18-grml EOF See also: http://www.debian.org/releases/stable/i386/apcs04.html.en +Avoid all of the above steps - use grml-debootstrap(8) instead! -- -Convert files from Unicode / UTF to ISO: +Convert files from Unicode / UTF-8 to ISO: -% iconv -f utf8 -t iso-8859-15 < utffile > isofile +% iconv -c -f utf8 -t iso-8859-15 < utffile > isofile and vice versa: % iconv -f iso-8859-15 -t utf8 < isofile > utffile -- -Assign static setup for network cards (eth0 and eth1) via udev: +Assign static setup for network cards (NICs) via udev: -First method - manual: -~~~~~~~~~~~~~~~~~~~~~~ -Get information for SYSFS address: -# udevinfo -a -p /sys/class/net/eth0/ | grep address +Retrieve information for address (corresponding to MAC address): -Then create udev rules: -# cat /etc/udev/network.rules -# match eth* stuff: -KERNEL=="eth*", SYSFS{address}=="00:00:00:00:00:01", NAME="wlan0" -KERNEL=="eth*", SYSFS{address}=="00:00:00:00:00:02", NAME="lan0" -# do not match eth* drivers but also e.g. firewire stuff: -ACTION=="add", SUBSYSTEM=="net", SYSFS{address}=="00:00:00:00:00:03", NAME="1394" + # udevadm info -a -p /sys/class/net/eth0/ | grep -i 'ATTR{address}' -Now activate the rules: -# cd /etc/udev/rules.d/ && ln -s ../network.rules z35_network.rules +Execute /lib/udev/write_net_rules with according values (INTERFACE +is old NIC name, INTERFACE_NAME is new NIC name and MATCHADDR +is the MAC address retrieved with udevadm info command): -Unload the drivers, restart udev and load the drivers again to activate -the settings. + # INTERFACE=eth0 INTERFACE_NAME=lan0 MATCHADDR=00:00:00:00:00:01 /lib/udev/write_net_rules -Second method - automatic: -~~~~~~~~~~~~~~~~~~~~~~~~~~ -Run /lib/udev/write_net_rules shipped with recent udev versions: +This will generate file /etc/udev/rules.d/70-persistent-net.rules with content: -# INTERFACE=wlan1 /lib/udev/write_net_rules 00:00:00:00:00:04 +SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:00:00:00:00:01", KERNEL=="eth*", NAME="lan0" -This command will create /etc/udev/rules.d/z25_persistent-net.rules containing: +Finally take down the interface (ifdown/ifconfig) and execute: -SUBSYSTEM=="net", DRIVER=="?*", SYSFS{address}=="00:00:00:00:00:04", NAME=wlan1 + # udevadm trigger --action=add --subsystem-match=net -See /usr/share/doc/udev/writing_udev_rules/index.html for more information. +so the interface will be renamed. (Rebooting or +unloading drivers/restart udev/loading drivers again +works as well of course.) -- Change the suffix from *.sh to *.pl using zsh: @@ -1160,7 +1173,17 @@ Check self signed certificate: Estable OpenSSL-connection using self-signed-certificate.pem and display certificate: # openssl s_client -showcerts -CAfile self-signed-certificate.pem -connect www.example.com:443 -Also take a look at make-ssl-cert (debconf wrapper for openssl) +Generate ssl-certificate for use with apache2: + +export RANDFILE=/dev/random +mkdir /etc/apache2/ssl/ +openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/ssl/apache.pem -keyout /etc/apache2/ssl/apache.pem +chmod 600 /etc/apache2/ssl/apache.pem + +Also take a look at make-ssl-cert (debconf wrapper for openssl): + +# /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/apache.pem + and mod-ssl-makecert (utility to create SSL certificates in /etc/apache/ssl.*/). -- Change Windows NT password(s): @@ -1172,7 +1195,7 @@ Change Windows NT password(s): Notice: if mounting the partition read-write did not work (check syslog!) try using mount.ntfs-3g instead: mount.ntfs-3g /dev/hda1 /mnt/hda1 -(Be careful with deactivating syskey!) +(Be careful with deactivating syskey!) -- glark - replacement for grep written in Ruby: @@ -1239,31 +1262,65 @@ via using grml nodma at the bootprompt. -- Write a Microsoft compatible boot record (MBR) using ms-sys -Write a Windows 2000/XP/2003 MBR to device: +Write a Windows 2000/XP/2003 MBR to a device: # ms-sys -m /dev/ice + +Notice: grab ms-sys from http://ms-sys.sourceforge.net/ - demo: + + wget http://surfnet.dl.sourceforge.net/sourceforge/ms-sys/ms-sys-2.1.3.tgz + unp ms-sys-2.1.3.tgz + cd ms-sys-2.1.3 + make + ./bin/ms-sys ... -- Use a Vodafone 3G Datacard (UMTS) with Linux: Plug in your vodafone card and check in syslog whether the appropriate -(probably /dev/ttyUSB0 or /dev/noz0 when using newer vodafone cards) has -been created. If so run: +(probably /dev/ttyUSB0 or /dev/noz0) has been created. If so run: -# gcom -d $DEVICE +# comgt -d $DEVICE # wvdial --config /etc/wvdial.conf.umts $PROFILE Usage examples: -# gcom -d /dev/ttyUSB0 +# comgt -d /dev/ttyUSB0 # wvdial --config /etc/wvdial.conf.umts a1usb -# gcom -d /dev/noz0 +# comgt -d /dev/noz0 # wvdial --config /etc/wvdial.conf.umts tmnozomi -# gcom -d /dev/noz0 +# comgt -d /dev/noz0 # wvdial --config /etc/wvdial.conf.umts dreiusb -Notice: newer vodafone cards require the nozomi driver. Run 'modprobe nozomi' on -your grml system. +# comgt -d /dev/ttyACM0 +# wvdial --config /etc/wvdial.conf.umts yesss + +If you receive invalid DNS nameservers when connecting, like: + +[...] +--> primary DNS address 10.11.12.13 +--> secondary DNS address 10.11.12.14 + +just provide a working nameserver to resolvconf via: + +# echo "nameserver 80.120.17.70" | resolvconf -a ppp0 + +Notice: some vodafone cards require the nozomi driver (run 'modprobe nozomi' on +your grml system), some other ones require the sierra driver (run +'modprobe sierra'). + +If your device isn't supported by usbserial yet, manually provide vendor and +product ID when loading the usbserial module. Usage example: + +% lsusb +[...] +Bus 004 Device 008: ID 1199:6813 Sierra Wireless, Inc. + +# modprobe usbserial vendor=0x1199 product=0x6813 + +To get a list of available providers execute: + +# comgt -s -d /dev/ttyUSB0 /etc/comgt/operator -- hdparm - get/set hard disk parameters @@ -1350,7 +1407,7 @@ If you don't see dir_index in the list, then enable it: # tune2fs -O dir_index /dev/iceX -Now run e2fsck with the -D option to have the directories optimized: +Now run e2fsck with the -D option to have the directories optimized: # e2fsck -D /dev/iceX @@ -1432,7 +1489,7 @@ or: Mount wikipedia local via fuse: Adjust configuration: -% cat ~/.wikipediafs/config.xml +% cat ~/.wikipediafs/config.xml 300 @@ -1506,6 +1563,10 @@ You can even activate the port forwarding by default globally: Host * RemoteForward 1234 127.0.0.1:1234 ForwardAgent yes + +Notice: if you get 'ABORT: Requested font not found' make sure the +requested font is available, running 'LANG=C LC_ALL=C osd_server.py...' +might help as well. -- Avoid automatical startup of init scripts via invoke-rc.d: @@ -1624,9 +1685,10 @@ grant all on grml.* to enrico identified by "PASSWORD"; -- Setup an HTTPS website: -create a certificate: +Create a certificate: -/usr/sbin/apache2-ssl-certificate -days 365 +# mkdir /etc/apache2/ssl +# make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem Create a virtual host on port 443: @@ -1642,6 +1704,10 @@ SSLCertificateFile /etc/apache2/ssl/apache.pem Enable listening on the HTTPS port (/etc/apache2/ports.conf): Listen 443 + +and make sure the SSL module is used: + +# a2enmod ssl -- Useful Apache / Apache2 stuff @@ -1678,7 +1744,7 @@ GET http://www.google.com HTTP/1.0 [press enter twice] Adjust system for use of qemu with kqemu: Make sure you have all you need: -# apt-get update ; apt-get install qemu grml-kerneladdons +# aptitude update ; aptitude install qemu kqemu-modules-$(uname -r) Then set up kqemu: @@ -1701,7 +1767,7 @@ dstat # versatile tool for generating system resource statistics Usage examples: -# mptstat -P ALL +# mpstat -P ALL # iostat -x 1 # iostat -xtc 5 3 # vmstat 1 @@ -1719,12 +1785,16 @@ Start X and lock console via exiting: % startx 2>~/.xsession-errors &| exit -- -Which process is writing to disk? +Which process is writing to disk and/or causes the disk to spin up? + +First of all use lsof to check what's going on. Does not help? -> # echo 1 > /proc/sys/vm/block_dump -Warning: you must disable syslogd before you do this, or you must -make sure that kernel output is not logged. +The command sets a sysctl to cause the kernel to log all disk +writes. Please notice that there is a lot of data. So please +disable syslogd/syslog-ng before you do this, or you must make +sure that kernel output is not logged. When you're done, disable block dump using: # echo 0 > /proc/sys/vm/block_dump @@ -1732,10 +1802,14 @@ When you're done, disable block dump using: Alternative: laptop-mode-tools provides a tool named lm-profiler (laptop mode profiler) which handles block_dump on its own. + +See: $KERNEL-SOURCE/Documentation/laptop-mode.txt + +Also take a look at event-viewer(8) which is part of grml-debugtools. -- Install initrd via initramfs-tools for currently running kernel: -# update-initramfs -u -t -k $(uname -r) +# update-initramfs -c -t -k $(uname -r) -- Install initrd via yaird for currently running kernel: @@ -1743,7 +1817,7 @@ Install initrd via yaird for currently running kernel: Install initrd via yaird for specific kernel: -# mount /proc +# mount /proc # mount /sys # yaird -o /boot/initrd.img-2.6.15-1-686 2.6.15-1-686 -- @@ -1855,7 +1929,7 @@ resize2fs /dev/md0 Notice: online resizing works as soon as the kernel can re-read the partition table. So it works for example with LVM and SW-RAID but not with a plain device (/dev/[sh]d*). The kernel does not re-read the partition -table if the device is already mounted. +table if the device is already mounted. -- Use vim as an outline editor: @@ -1901,20 +1975,35 @@ Add another disk to existing RAID setup (hotadd): # mdadm --grow /dev/md0 --raid-devices=4 Assemble and start all arrays: -# mdadm --assemble --scan +# mdadm --assemble --scan Assemble a specific array: -# mdadm --assemble /dev/md0 /dev/sda1 /dev/sdb1 /dev/sdc1 +# mdadm --assemble /dev/md0 /dev/sda1 /dev/sdb1 /dev/sdc1 Resync: # mdadm --assemble --run --force --update=resync /dev/md0 /dev/sda1 /dev/sda2 Stop and rebuild: # mdadm --stop --scan -# mdadm --assemble /dev/md0 --auto --scan --update=summaries --verbose + +Scan for and setup arrays automatically: +# mdadm --assemble --scan --auto=yes --verbose + +Notice: If the above does not work make sure /etc/mdadm/mdadm.conf contains: +DEVICE partitions +CREATE owner=root group=disk mode=0660 auto=yes +HOMEHOST +MAILADDR root + +Running +# /usr/share/mdadm/mkconf > /etc/mdadm/mdadm.conf +might help as well. Monitoring the sw raid -# nohup mdadm --monitor --mail=root@localhost --delay=300 /dev/md0 +# nohup mdadm --monitor --mail=root@localhost --delay=300 /dev/md0 + +Producing /etc/mdadm/mdadm.conf: +# mdadm --detail --scan > /etc/mdadm/mdadm.conf See also: man mdadm | less -p "^EXAMPLES" http://www.tldp.org/HOWTO/Software-RAID-HOWTO.html @@ -1973,10 +2062,10 @@ Resize a logical volume: Create a snapshot of a logical volume: # lvcreate -L 500M --snapshot -n mysnap /dev/testvg/test_lv -Deactivate a volume group: +Deactivate a volume group: # vgchange -a n my_volume_group -Actually remove a volume group: +Actually remove a volume group: # vgremove my_volume_group Display information about physical volume: @@ -1997,7 +2086,7 @@ How to use APT locally Sometimes you have lots of packages .deb that you would like to use APT to install so that the dependencies would be automatically solved. Solution: -mkdir ~debs +mkdir debs dpkg-scanpackages debs /dev/null | gzip > debs/Packages.gz echo " deb file:/root debs/" >> /etc/apt/sources.list dpkg-scansources debs | gzip > debs/Sources.gz @@ -2008,36 +2097,64 @@ See also: http://www.debian.org/doc/manuals/apt-howto/ch-basico.en.html Check filesystem's LABEL: generic way: -# vol_id -l /dev/sda1 +# blkid /dev/sda1 -ext2/3 without vol_id: +ext2/3 without blkid: # dumpe2fs /dev/sda1 | grep "Filesystem volume name" -xfs without vol_id: +xfs without blkid: # xfs_admin -l /dev/sda1 -reiserfs without vol_id: -# debugreiserfs /dev/sda1 | grep UUID +reiserfs without blkid: +# debugreiserfs /dev/sda1 | grep -i label + +jfs without blkid: +# jfs_tune -l /dev/sda1 | grep -i label -reiser4 without vol_id: -# debugfs.reiser4 /dev/sda1 | grep uuid +reiser4 without blkid: +# debugfs.reiser4 /dev/sda1 | grep -i label -- Check filesystem's UUID: generic way: -# vol_id -u /dev/sda1 +# blkid /dev/sda1 -ext2/3 without vol_id: -# dumpe2fs /dev/sda1 | grep UUID +ext2/3 without blkid: +# dumpe2fs /dev/sda1 | grep -i UUID -xfs without vol_id: +xfs without blkid: # xfs_admin -u /dev/sda1 -reiserfs without vol_id: -# debugreiserfs /dev/sda1 | grep LABEL +reiserfs without blkid: +# debugreiserfs /dev/sda1 | grep -i UUID -reiser4 without vol_id: -# debugfs.reiser4 /dev/sda1 | grep label +reiser4 without blkid: +# debugfs.reiser4 /dev/sda1 | grep -i UUID +-- +Change a filesystem's LABEL: + +swap: +# mkswap -L $LABEL /dev/sda1 + +ext2/ext3: +# e2label /dev/sda1 $LABEL +# tune2fs -L $LABEL /dev/sda1 + +reiserfs: +# reiserfstune -l $LABEL /dev/sda1 + +jfs: +# jfs_tune -L $LABEL /dev/sda1 + +xfs: +# xfs_admin -L $LABEL /dev/sda1 + +fat/vfat: +# echo 'drive i: file="/dev/sda1"' >> ~/.mtoolsrc +# mlabel -s i:$LABEL + +ntfs: +# ntfslabel $LABEL /dev/sda1 -- Disable pdiffs feature of APT: @@ -2060,10 +2177,10 @@ Restore the backup using unzsplit: More usage examples: man zsplit + man unzsplit -- -Measure network performance using ipserf +Measure network performance using iperf: Server side: -% iperf -s -V +% iperf -s -V Client side: % iperf -c -V @@ -2130,13 +2247,13 @@ Upgrade system but disable apt-listbugs: APT_LISTBUGS_FRONTEND=none apt-get ... -- -Set up a Transparent Debian Proxy +Set up a Transparent Debian Proxy -Install of apt-cacher, the default config will do: +Install of apt-cacher, the default config will do: # apt-get install apt-cacher Check out the ip address of debian mirror(s). -Then add this to your firewall script: +Then add this to your firewall script: DEBIAN_MIRRORS="141.76.2.4 213.129.232.18" for ip in ${DEBIAN_MIRRORS} ; do @@ -2155,3 +2272,912 @@ line to your /etc/apt/apt.conf: Acquire::http::Proxy "http://localhost:3142/"; -- +Version control using Mercurial + +Setting up a Mercurial project: + +% cd project +% hg init # creates .hg +% hg add # add all files +% hg commit # commit all changes, edit changelog entry + +Branching and merging: + +% hg clone linux linux-work # create a new branch +% cd linux-work + +% hg commit +% cd ../linux +% hg pull ../linux-work # pull changesets from linux-work +% hg merge # merge the new tip from linux-work into + # (old versions used "hg update -m" instead) + # our working directory +% hg commit # commit the result of the merge + +Importing patches: + +% cat ../p/patchlist | xargs hg import -p1 -b ../p + +Exporting a patch: + +(make changes) +% hg commit +% hg tip +1234:af3b5cd57dd5 +% hg export 1234 > foo.patch # export changeset 1234 + +Export your current repo via HTTP with browsable interface: + +% hg serve -n "My repo" -p 80 + +Pushing changes to a remote repo with SSH: + +% hg push ssh://user@example.com/~/hg/ + +Merge changes from a remote machine: + +host1% hg pull http://foo/ +host2% hg merge # merge changes into your working directory + +Set up a CGI server on your webserver: +% cp hgwebdir.cgi ~/public_html/hg/index.cgi +% $EDITOR ~/public_html/hg/index.cgi # adjust the defaults +-- +Download binary codecs for mplayer: + +# /usr/share/mplayer/scripts/win32codecs.sh + +or + +# /usr/share/mplayer/scripts/binary_codecs.sh install + +(depending on the mplayer version you have). + +To play encrypted DVDs and if you are living in a country where using +libdvdcss code is not illegal can install Debian package libdvdread3 +and use the script /usr/share/doc/libdvdread3/install-css.sh. +-- +Read manpages of uninstalled packages with debman: + +% debman -p git-core git +-- +Test network performance using netperf: + +Server: +# netserver + +Client: +# netperf -t TCP_STREAM -H 192.168.0.41 +-- +Setup Xen within 20 minutes on Debian/grml + +Install relevant software und update grub's menu.lst (Xen does not work with +usual lilo so install grub instead if not done already): + +apt-get install linux-image-2.6.18-1-xen-686 xen-hypervisor-3.0.3-1-i386 \ + xen-utils-3.0.3-1 xen-tools bridge-utils +update-grub + +Example for installation of Debian etch as DomU: + +mkdir /mnt/md1/xen +xen-create-image --debootstrap --dir=/mnt/md1/xen --size=2Gb --memory=512Mb --fs=ext3 \ + --cache=yes --dist=etch --hostname=xengrml1 --ip 192.168.1.2 --netmask 255.255.255.0 \ + --gateway 192.168.1.1 --initrd=/boot/initrd.img-2.6.18-1-xen-686 \ + --kernel=/boot/vmlinuz-2.6.18-1-xen-686 --mirror=http://ftp.at.debian.org/debian/ + +Start services: + +/etc/init.d/xend start +/etc/init.d/xendomains start + +Setup a bridge for network, either manually: + +brctl addbr xenintbr +brctl stp xenintbr off +brctl sethello xenintbr 0 +brctl setfd xenintbr 0 +ifconfig xenintbr 192.168.1.1 netmask 255.255.255.0 up + +or via /etc/network/interfaces (run ifup xenintbr to bring up the device then +without rebooting): + +auto xenintbr +iface xenintbr inet static + pre-up brctl addbr xenintbr + post-down brctl delbr xenintbr + address 192.168.1.1 + netmask 255.255.255.0 + bridge_fd 0 + bridge_hello 0 + bridge_stp off + +Setup forwarding (adjust $PUBLIC_IP; for permanet setup use /etc/sysctl.conf and +add the iptables commands to a startup script like /etc/init.d/rc.local): + +echo 1 > /proc/sys/net/ipv4/ip_forward +iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -j SNAT --to $PUBLIC_IP +iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to $PUBLIC_IP + +Adjust network configuration of Xend: + +cat >> /etc/xen/xend-config.sxp << EOF +(network-script network-route) +(vif-bridge xenintbr) +(vif-script vif-bridge) +EOF + +List domains, start up a DomU, shutdown later again: + +xm create -c /etc/xen/xengrml1.cfg +xm list +xm shutdown 1 + +This HowTo is also available online at http://grml.org/xen/ +-- +Play tetris with zsh: + +autoload -U tetris +zle -N tetris +bindkey "^Xt" tetris + +Now press 'ctrl-x t'. +-- +Set up a router with grml + +Run grml-router script: +# grml-router + +Install dnsmasq if not already present: +# apt-get update ; apt-get install dnsmasq + +Adjust /etc/dnsmasq.conf according to your needs: +# cat >> /etc/dnsmasq.conf << EOF +domain-needed +bogus-priv +dhcp-range=19.168.0.124,192.168.0.254,1m # dhcp range +dhcp-option=3,192.168.0.1 # dns server +dhcp-option=1,255.255.255.0 # netmask +EOF + +Start dnsmasq finally: +# Restart dnsmasq +-- +Display stats about memory allocations performed by a program: + +Usage example for 'ls': + +% LD_PRELOAD=/lib/libmemusage.so ls > /dev/null +-- +Use KVM (Kernel-based Virtual Machine for Linux): + +Make sure to install the relevant tools: +# apt-get update ; apt-get install kvm +# modprobe kvm + +Test it with a minimal system like ttylinux: +# wget http://www.minimalinux.org/ttylinux/packages/bootcd-i386-5.3.iso.gz +# gzip -d bootcd-i386-5.3.iso.gz +# kvm -cdrom bootcd-i386-5.3.iso +-- +EEPROM data decoding for SDRAM DIMM modules: + +# modprobe eeprom +# /usr/share/doc/lm-sensors/examples/eeprom/decode-dimms.pl +-- +Set up and use DVB: + +Make sure your device is supported by Linux and running. +See http://www.linuxtv.org/ for more details. + +If the DVB device works on your system (see 'hwinfo --usb' +when using a DVB usb device for example), then make sure you +have the scan util from dvb-utils available: + +# aptitude install dvb-utils + +Then create a channels.conf configuration file: + +% scan /usr/share/doc/dvb-utils/examples/scan/... > ~/.mplayer/channels.conf + +You can find some example configuration files on +your grml system in ~/.channels. Usage example: + +% ln -s ~/.mplayer/channels.conf-AT-graz ~/.mplayer/channels.conf + +Tip: w_scan (see http://free.pages.at/wirbel4vdr/w_scan/index2.html) +might be useful if you do not know the initial configuration +details. +-- +Get the lastest mercurial snapshot: + +Make sure you have the python-dev package available: +# apt-get update ; apt-get install python-dev + +Get and build the source: +% hg clone http://selenic.com/repo/hg mercurial +% cd mercurial +% make local +% export PYTHONPATH=$(pwd) +% export PATH=$PATH:$(pwd) + +now you should have the newest version of mercurial whenever you execute hg. + +To update to the lastest development snapshot, additionally use +the following commands: +% hg pull -u http://hg.intevation.org/mercurial/crew +% make local +-- +Configure timezone +================== + +Available bootoptions relevant in live-cd mode: +----------------------------------------------- + +* utc: set UTC, if your system clock is set to UTC (GMT) +* gmt: set UTC, if your system clock is set to UTC (GMT) [like bootoption utc] +* tz=$option: set timezone to corresponding $option, usage example: + tz=Europe/Vienna + +Configuration options relevant on harddisk installation: +-------------------------------------------------------- + +* Use the tzconfig utility to set the local timezone: + + # tzconfig + + which adjusts /etc/timezone and /etc/localtime according + to the provided information. Running: + + # dpkg-reconfigure tzdata + + might be useful as well. + +* /etc/default/rcS: set variable UTC according to your needs, + whether your system clock is set to UTC (UTC='yes') or + not (UTC='no') + +* /etc/localtime: adjust zoneinfo according to your needs: + + # ln -sf /usr/share/zoneinfo/$WHATEVER_YOU_WANT /etc/localtime + + The zoneinfo directory contains the time zone files that were + compiled by zic. The files contain information such as rules + about DST. They allow the kernel to convert UTC UNIX time into + appropriate local dates and times. Use the zdump utility to + print current time and date (in the specified time zone). + +* /etc/adjtime: This file is used e.g. by the adjtimex function, + which can smoothly adjust system time while the system runs + +* If you change the time (using 'date --set ...', ntpdate,...) + it is worth setting also the hardware clock to the correct time: + + # hwclock --systohc [--utc] + + Remember to add the --utc -option if the hardware clock is set + to UTC! + +Still problems? +--------------- + +Check your current settings via: + + cat /etc/timezone + zdump /etc/localtime + echo $TZ + hwclock --show + grep hwclock /etc/runlevel.conf + grep '^UTC' /etc/default/rc + +Further information: +-------------------- + + hwclock(8) tzselect(1) tzconfig(8) + http://www.debian.org/doc/manuals/system-administrator/ch-sysadmin-time.html + http://wiki.debian.org/TimeZoneChanges +-- +Recorder shellscript session using script: + +% script -t 2>~/upgrade.time -a ~/upgrade.script +% scriptreplay ~/upgrade.time ~/upgrade.script +-- +Test UTF-8 capabilities of terminal: + +wget http://www.linux-cjk.net/Console/garabik/UTF-8-demo.txt.gz +zcat UTF-8-demo.txt.gz + +or: + +wget http://www.cl.cam.ac.uk/~mgk25/ucs/examples/UTF-8-test.txt +cat UTF-8-test.txt +-- +UTF-8 at grml / some general information regarding Unicde/UTF-8: + + http://wiki.grml.org/doku.php?id=utf8 +-- + +This allows one ssh connection attepmt per minute per source ip, with a initial +burst of 10. The available burst is like a counter which is initialised with +10. Every connection attempt decrements the counter, and every minute where the +connection limit of one per minute is not overstepped the counter is +incremented by one. If the burst counter is exhausted the real rate limit +comes into play. This gives you 11 connectionattepmts in the first minute +before blocked for 10minutes. After 10 minutes block the game restarts. + +Hint: you could set the burst value to 5 and the block time to only 5 minutes +to achive the same average connection rate but with halve the block time. + +iptables -A inet_in -p tcp --syn --dport 22 -m hashlimit --hashlimit-name ssh \ + --hashlimit 1/minute \ --hashlimit-burst 10 --hashlimit-mode srcip \ + --hashlimit-htable-expire 600000 -j ACCEPT +iptables -A inet_in -p tcp --dport 22 -m state --state NEW -j REJECT +-- +Tunnel a specific connection via socat: + +On the client: +% socat TCP4-LISTEN:8003 TCP4:gateway:500 + +On the gateway: +# socat TCP4-LISTEN:500,fork TCP4:target:$PORT + +Using localhost:8003 on the client uses the tunnel now. +-- +Set date: + +# date --set=060916102007 + +where the bits are month(2)/day(2)/hour(2)/minute(2)/year(4) + +Set date using a relative date: + +# date -s '+3 mins' + +or + +# date -s '+tomorrow' + +Display a specific relative date: + +# date -d '+5 days -2 hours' + +Don't forget to set hardware clock via: + +# hwlock -w +-- +Booting grml via network / PXE: + +Start grml-terminalserver on a system with network access +and where grml is running: + +# grml-terminalserver + +Then booting your client(s) via PXE should work without +any further work. + +See: man grml-terminalserver + http://grml.org/terminalserver/ +-- +Debugging SSL communications: + +% openssl s_client -connect server.adress:993 > output_file +% openssl x509 -noout -text -in output_file + +or + +# ssldump -a -A -H -i eth0 + +See http://prefetch.net/articles/debuggingssl.html for more details. +-- +Remove bootmanager from MBR: + +# lilo -M /dev/hda -s /dev/null +-- +Rewrite grub to MBR: + +# mount /mnt/sda1 +# grub-install --recheck --no-floppy --root-directory=/mnt/sda1 /dev/sda +-- +Rewrite lilo to MBR: + +# mount /mnt/hda1 +# lilo -r /mnt/hda1 +-- +Create screenshot of plain/real console - tty1: + +# fbgrab -c 1 screeni.png +-- +Create screenshot when running X: + +% scrot + +Tip: use the gkrellshoot plugin when using gkrellm +-- +Redirect all connections to hostA:portA to hostB:portB, where hostA and hostB are +different networks: + +Run the following commands on hostA: + +echo 1 > /proc/sys/net/ipv4/ip_forward +iptables -t nat -A PREROUTING -p tcp --dport portA -j DNAT --to hostB:portB +iptables -A FORWARD -i eth0 -o eth0 -d hostB -p tcp --dport portB -j ACCEPT +iptables -A FORWARD -i eth0 -o eth0 -s hostB -p tcp --sport portB -j ACCEPT +iptables -t nat -A POSTROUTING -p tcp -d hostB --dport portB -j SNAT --to-source hostA +-- +Flash BIOS without DOS/Windows: + +Dump flash info and set the flash chip to writable: +# flashrom + +Backup the original BIOS: +# flashrom -r backup.bin + +Notice: the following step will overwrite your current BIOS! +So make sure you really know what you are doing. + +Flash the BIOS image: +# flashrom -wv newbios.bin + +Also check out LinuxBIOS: http://linuxbios.org/ +-- +Enable shadow passwords: + +# shadowconfig on +-- +Set up an IPv6 tunnel on grml: + +# ipv6-tunnel start +-- +Set up console newsreader slrn for use with Usenet: + +% grml-slrn +-- +Calculate with IPv6 addresses: + +% ipv6calc + +For usage examples refer to manpage ipv6calc(8). +-- +Common network debugging tools for use with IPv6: + +% ping6 +% tracepath6 +% traceroute6 +% tracert6 +% nc6 +% tcpspray6 +-- +Set up NFS (Network File System): + +Server-side +~~~~~~~~~~~ +Make sure the relevant services are running on the server side: + +# /etc/init.d/portmap start +# /etc/init.d/nfs-common start +# /etc/init.d/nfs-kernel-server start + +Export shares via /etc/exports: + +/backups 192.168.1.100/24(rw,wdelay,no_root_squash,async,subtree_check) + +... or manually export a directory running: + +# exportfs -o rw,wdelay,no_root_squash,async,subtree_check 192.168.1.100:/backups + +and unexport a share running: + +# exportfs -u 192.168.1.100:/backups + +and every time when you modify /etc/exports file run + +# exportfs -ra + +Display what NFS components are running: + +# rpcinfo -p + +Display list of exported shares: + +# exportfs -v +or +# showmount -e + +Client-side +~~~~~~~~~~~ +Make sure the relevant services are running on the client side: + +# /etc/init.d/portmap start +# /etc/init.d/nfs-common start + +Verify that the server allows you to access its RPC/NFS services: + +# rpcinfo -p server_name + +Check what directories the server exports: + +# showmount -e server_name + +On the client side you can use something like the following in /etc/fstab: + +192.168.1.101:/backups /mnt/nfs nfs defaults,users,wsize=8192,rsize=8192 0 0 +-- +Mount a cloop file: + +# aptitude install cloop-src +# m-a a-i cloop-src + +# modprobe cloop file=/path/to/cloop/file +# mount -r -t iso9660 /dev/cloop /mnt/test +-- +Create a PS/PDF of a plaintext file: + +% a2ps --medium A4dj -E -o output.ps input_file +% ps2pdf output.ps +-- +Print two pages on one in a PDF file: + +% pdfnup --nup 2x1 input.pdf + +Concatenate, extract pages/parts, encrypt/decrypt, +compress PDFs using 'pdftk'. +-- +Read a PS/PDF file on console: + +% pstotext file.pdf + +or on plain framebuffer console in graphical mode: + +% pdf2ps file.pdf ; ps2png file.ps file.png ; fbi file.png + +or + +% fbgs file.pdf +-- +Bypass the password of a PDF file: + +% gs -q -dNOPAUSE -sDEVICE=pdfwrite -sOutputFile=output.pdf input.pdf -c quit +-- +Record sound: + +% rec test.aiff + +This will record a AIFF audio file. +-- +Change passphrase / password of an existing SSH key: + +% ssh-keygen -p +-- +Enable syntax highlighting in nano: + +Just uncomment the include directives for your respective +language at the bottom of the file /etc/nanorc +-- +Create netboot package for grml-terminalserver: + +# bash /usr/share/doc/grml-terminalserver/examples/create-netboot +-- +To boot grml via network (PXE) check out grml-terminalserver: + +# grml-terminalserver + +See http://grml.org/terminalserver/ for more details. +-- +Rotate pictures: + +Using the 'Orientation' tag of the Exif header, rotate +the image so that it is upright: +% jhead -autorot *.jpg + +Manually rotate a picture: +% convert -rotate 270 input.jpg output.jpg +-- +Rename files based on the information inside their exif header: + +% jhead -n%Y-%m-%d_%Hh%M_%f *.jpg + +This will rename a file named img_2071.jpg to something like: + +2007-08-17_10h38_img_2071.jpg + +if it was shot at 10:38 o'clock on 2007-08-17 (according to +the information inside the exif header). +-- +Calculate network / netmask: + +Usage examples: +% ipcalc 10.0.0.28 255.255.255.0 +% ipcalc 10.0.0.0/24 +-- +Blacklist a kernel module: + +# blacklist + +-> running 'blacklist hostap_cs' for example will generate an +entry like this in /etc/modprobe.d/grml: + +blacklist hostap_cs +alias hostap_cs off + +To remove the module from the blacklist again just invoke: + +# unblacklist + +or manually remove the entry from /etc/modprobe.d/grml. +-- +Create a Debian package of a perl module: + +% dh-make-perl --cpan Acme::Smirch --build +-- +The Magic SysRq Keys (SysReq or Sys Req, short for System Request): + +To reboot your system using the SysRq keys just hold down the Alt and +SysRq (Print Screen) key while pressing the keys REISUB ("Raising +Elephants Is So Utterly Boring"). + +R = take the keyboard out of raw mode +E = terminates all processes (except init) +I = kills all processes (except init) +S = synchronizes the disk(s) +U = remounts all filesystems read-only +B = reboot the system + +Notice: use O instead of B for poweroff. + +Or write the sequence to /proc/sysrq-trigger instead: + +# for i in r e i s u b ; do echo $i > /proc/sysrq-trigger ; done + +To enable or disable SysRq calls: + +# echo 0 > /proc/sys/kernel/sysrq +# echo 1 > /proc/sys/kernel/sysrq + +See http://en.wikipedia.org/wiki/Magic_SysRq_key for more details. +-- +Memtest / memcheck: + +Just boot your grml Live-CD with "memtest" to execute a memcheck/memtest +with Memtest86+. +-- +Tunnel TCP-Traffic through DNS using dns2tcp: + +Server-side: +~~~~~~~~~~~~ +1. Create necessary DNS-Records: +dnstun.example.com. 3600 IN NS host.example.com. +dnstun.example.com. 3600 IN A 192.168.1.1 +host.example.com. 3600 IN A 192.168.1.1 + +2. Configure dns2tcpd on host.example.com.: +# cat /etc/dns2tcpd.conf +listen = 192.168.1.1 #the ip dns2tcpd should listen on +port = 53 #" port " " " " +user = nobody +chroot = /tmp +domain = dnstun.example.com. # the zone as specified inside dns +ressources = ssh:127.0.0.1:22 # available resources + +3. Start the daemon: +# cat > /etc/default/dns2tcp << EOF +# Set ENABLED to 1 if you want the init script to start dns2tcpd. +ENABLED=1 +USER=nobody +EOF +# /etc/init.d/dns2tcp start + +Client-side: +~~~~~~~~~~~~ +You have two possibilities: +- Use the DNS inside your network (DNS must allow resolving for external domains) +# grep nameserver /etc/resolv.conf +nameserver 172.16.42.1 +# dns2tcpc -z dnstun.example.com 172.16.42.1 +Available connection(s) : + ssh +# dns2tcpc -r ssh -l 2222 -z dnstun.example.com 172.16.42.1 & +Listening on port : 2222 +# ssh localhost -p 2222 +user@host.example.com:~# + +- Directly contact the endpoint (port 53 UDP must be allowed outgoing) +# dns2tcpc -z dnstun.example.com dnstun.example.com +Available connection(s) : + ssh +# dns2tcpc -r ssh -l 2222 -z dnstun.example.com dnstun.example.com & +Listenning on port : 2222 +# ssh localhost -p 2222 +user@host.example.com:~# + +Notice: using 'ssh -D 8080 ..' you will get a socks5-proxy listening on +localhost:8080 which you can use to tunnel everything through your "dns-uplink". +-- +Configure a MadWifi device for adhoc mode: + +Disable the autocreation of athX devices: +# echo "options ath_pci autocreate=none" > /etc/modprobe.d/madwifi + +Remove the autocreated device for now: +# wlanconfig ath0 destroy + +Configuration in /etc/network/interfaces: + +iface ath0 inet static + madwifi-base wifi0 + madwifi-mode adhoc + ... + +Hints: + - Do not use interface names without ending 0 (otherwise startup fails). + - Only chooss unique names for interfaces. +-- +Find dangling symlinks using zsh: + +% ls **/*(-@) +-- +Use approx with runit supervision +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Install the packages: +# apt-get install approx runit + +Add user approxlog for the logging daemon: +# adduser --system --home /nonexistent --no-create-home approxlog + +Create config directory: +# mkdir /etc/sv/approx + +Use /var/run/sv.approx as supervise directory: +# ln -s /var/run/sv.approx /etc/sv/approx/supervise + +# cat > /etc/sv/approx/run << EOF +#!/bin/sh +echo 'approx starting' +exec approx -f 2>&1 +EOF + +You normally do not need a logging service for approx because it logs +to syslog too. So just for completion: +# mkdir -p /etc/sv/approx/log +# ln -s /var/run/sv.approx.log /etc/sv/approx/log/supervise +# cat > /etc/sv/approx/log/run << EOF +#!/bin/sh +set -e +LOG="/var/log/approx" +test -d "$LOG" || mkdir -p -m2750 "$LOG" && chown approxlog:adm "$LOG" +exec chpst -uapproxlog svlogd -tt -v "$LOG" +EOF + +Now activate the new approx service (will be started within 5s): +# ln -s /etc/sv/approx/ /var/service/ + +Make approx managed via runit available via init-script interface: +# dpkg-divert --local --rename /etc/init.d/approx +# ln -s /usr/bin/sv /etc/init.d/approx +-- +Remote-reboot a grml system using SysRQ via /proc (execute as root): + +eject &>/dev/null +umount -l /cdrom +eject /dev/cdrom +echo b > /proc/sysrq-trigger +-- +Show what happens on /dev/sda0: + +# mount the debugfs to relay kernel info to userspace +mount -t debugfs none /sys/kernel/debug + +# is a convenient wrapper arround blktrace and blkparse +btrace /dev/sda0 +-- +Convert Flash to Avi: + +% ffmpeg -i input.flv output.avi + +Extract MP3 from Flash file: + +% for i in *.flv; do ffmpeg -i $i -acodec copy ${i%.flv}.mp3 ; done +-- +Usage example for cryptsetup / -luks encrypted partition on LVM: + +volume group name: x61 +logical volume name: home + +echo "grml-crypt_home /dev/mapper/x61-home none luks" >> /etc/crypttab +Start cryptdisks +mount /dev/mapper/grml-crypt_home /mnt/test +-- +fdisk/parted/... complains with something like +'unable to open /dev/sda - unrecognised disk label'?! + +See http://grml.org/faq/#fdisk => + +* use /sbin/fdisk.distrib from util-linux +* switch to sfdisk, cfdisk,... +* use parted's mklabel command (but please read the + parted manual before executing this command) +-- +dmraid - support for SW-RAID / FakeRAID controllers +like Highpoint HPT and Promise FastTrack + +Activate all software RAID sets discovered: +# dmraid -ay + +Deactivates all active software RAID sets: +# dmraid -an + +Discover all software RAID devices supported on the system: +# dmraid -r +-- +Extract winmail.dat: + +List content: +% ytnef winmail.dat + +Extract files to current directory: +% ytnef -f . winmail.dat +-- +Approx - Debian package proxy/cacher howto + +% apt-get install approx +% echo 'debian http://ftp.de.debian.org/debian' >>/etc/approx/approx.conf +% Restart approx + +Add your new approx to sources.list + +eg. +deb http://localhost:9999/debian unstable main contrib non-free + +use approx in grml-debootstrap like: +% grml-debootstrap -r lenny -t /dev/sda1 -m http://127.0.0.1:9999/debian +-- +Simple webserver with python: + +% python -m SimpleHTTPServer +-- +Upgrade only packages from the grml-stable Debian repository: + +echo 'deb http://deb.grml.org/ grml-stable main' > /etc/apt/grml-stable.list +apt-get -o Dir::Etc::sourcelist=/etc/apt/grml-stable.list -o Dir::Etc::sourceparts=/doesnotexist update +apt-get upgrade +-- +Install Centos into a directory: + +% febootstrap centos-5 directory http://mirror.centos.org/centos-5/5.3/os/i386/ +-- +Install Fedora into a directory: + +% febootstrap fedora-11 target_directory +-- +Use Nessus / OpenVAS (remote network security auditor): + +Install software packages: +# apt-get update +# apt-get install openvas-client openvas-server openvas-plugins-base openvas-plugins-dfsg + +Add a user: +# openvas-adduser + +Start openvas server (takes a while): +# Start openvas-server + +Invoke client as user: +% OpenVAS-Client +-- +Find packages not available from any active apt repository: + +% apt-show-versions | awk '/No available version in archive/{print $1}' +-- +Simple mailserver with python: + +% python -m smtpd -n -c DebuggingServer localhost:1025 +-- +finger via netcat: + +echo $USER | nc $HOST 79 +-- +Install Archlinux using Grml: + +https://wiki.archlinux.org/index.php/Install_from_Existing_Linux +or +wget http://tokland.googlecode.com/svn/trunk/archlinux/arch-bootstrap.sh +--